#critical-infrastructure
17 articles
APT33, CyberAv3ngers, and Interlock were the most active threat actors targeting critical infrastructure in a 22-article dataset from April 12 to May 14, 2026. The top vulnerability observed was CVE-2026-24032, rated CVSS 7.3. Affected sectors included energy, utilities, and manufacturing, primarily across the United States, Europe, and Asia-Pacific. Of the 22 articles, 14 were classified as high severity, with three critical and one medium severity.
HIGHAI Hallucinations Exploit Human Trust in Critical Infrastructure
AI models produce confident but incorrect outputs that have led to misconfigured firewalls and pipeline valve errors, researchers warn.
HIGHStudent Hacked Taiwan High-Speed Rail TETRA System, Triggered
A 23-year-old student used SDR gear to clone TETRA radio parameters, sending a 'General Alarm' signal that halted 4 THSR trains for 48 minutes.
HIGHCISA, USCG Detail Cyber Hygiene Gaps Found in Critical Infrastructure
CISA and USCG found persistent weak configurations, unpatched systems, and credential reuse during a proactive threat hunt at a US critical infrastructure org.
HIGHCISA Details Interlock Ransomware TTPs, IOCs in Joint Advisory
CISA and FBI released a joint advisory on Interlock ransomware, detailing TTPs, IOCs, and a shift from double extortion to data-theft-only attacks targeting healthcare and…
HIGHPro-Russia Hacktivists Target US Critical Infrastructure
CISA warns pro-Russia hacktivists are conducting opportunistic attacks against US and global critical infrastructure, targeting OT and IT systems with known exploits.
HIGHItron Breach: Utility Firm Discloses Internal IT Network Intrusion
Itron disclosed a cybersecurity incident in an SEC 8-K filing: an unauthorized third party accessed internal IT systems.
HIGHIran Conflict Spills Over: Cyber Threats to Critical Infrastructure
ESET warns of increased Iranian cyber activity targeting energy, water, and transportation sectors globally as Middle East conflict escalates.
HIGHCyberattackers Weaponize Voltage Fluctuations Against Power Grids
Dark Reading reports attackers are manipulating voltage to destabilize power grids — a growing cyber-physical threat vector targeting electricity infrastructure with no patch…
Locked Shields 2026: 41 Nations Train in Largest Cyber Defense
Locked Shields 2026 involved 41 nations in the largest live-fire cyber defense exercise, testing response to critical infrastructure attacks including power grid and telecom…
HIGHSiemens SINEC NMS Authentication Bypass CVE-2026-24032 Gets 7.3 CVSS
ZDI disclosed CVE-2026-24032, a 7.3-CVSS authentication bypass in Siemens SINEC NMS that requires no authentication to exploit. Affects industrial network management systems.
CRITICALLotus Wiper Strikes Venezuelan Energy Sector in Destructive Campaign
Kaspersky discovered Lotus Wiper, a novel file wiper targeting Venezuela's energy and utilities sector since late 2025.
HIGHUK Cyber Agency Handles Four Major Incidents Weekly
The UK's NCSC reports handling four nationally significant cyber incidents per week, with most now attributed to hostile foreign states like China and Russia, up from two per week…
INFORMATIONALU.S. Coast Guard Mandate Offers Blueprint for OT Security
New U.S. Coast Guard cybersecurity rules under the Maritime Transportation Security Act mandate third-party audits, OT-specific security plans, and dedicated personnel, providing a regulatory model for critical infrastructure.
CRITICALCritical PDF Zero-Day Exploited for Months, Infrastructure Espionage Revealed
A critical zero-day vulnerability in widely used PDF software has been actively exploited for months. Concurrently, state-sponsored actors have been targeting fiber optic infrastructure for espionage.
HIGHIranian CyberAv3ngers Escalate Attacks on US Water, Industrial Infrastructure
The Iran-backed threat actor CyberAv3ngers, linked to the IRGC, has evolved from hacktivism to conducting disruptive cyber operations against US water utilities and programmable logic controllers (PLCs).
HIGHIran-Linked Hackers Target ICS/SCADA Systems in Critical Infrastructure
US Gov Warns Iran-Linked Actors Are Manipulating PLCs and SCADA Systems to Disrupt Critical Infrastructure
HIGHThousands of US Industrial PLCs Exposed to Iranian State-Sponsored Threat Actors
Nearly 4,000 Rockwell Automation PLCs in the US are directly exposed online, creating a significant attack surface for Iranian state-sponsored hackers targeting critical infrastructure.
Stay Updated
Get the latest cybersecurity news delivered to your inbox.