Report: US accounts for most PLCs subjected to Iranian targeting
Almost 3,900, or nearly 75%, of 5,219 internet-exposed Rockwell Automation/Allen-Bradley programmable logic controllers used in critical infrastructure entit...
Manufacturing
20 articles
Nearly 4,000 US industrial devices exposed to Iranian cyberattacks
The attack surface targeted by Iranian-linked hackers in cyberattacks against U.S.
Supply chain attack at CPUID pushes malware with CPU-Z/HWMonitor
Hackers gained access to an API for the CPUID project and changed the download links on the official website to serve malicious executables for the popular C...
The Good, the Bad and the Ugly in Cybersecurity – Week 15
FBI disrupts GRU router hijacking operation, ClickFix sidesteps Apple's Terminal mitigation, and Iranian actors exploit PLCs across U.S.
Crushing the Axios supply chain threat with Tenable Hexa AI: Use cases for agentic AI
See how you can use Tenable Hexa AI to determine in minutes if you’re impacted by the Axios npm supply chain attack. Learn how easy it is to automate configu...
Iranian APT alert: 5,219 Rockwell PLCs exposed online
Censys has warned that more than 5,000 Rockwell Automation/Allen-Bradley PLCs are currently exposed to the internet as Iranian-affiliated APT actors actively...
MITRE Releases Fight Fraud Framework
The document provides a behavior-based model of the tactics and techniques employed by fraudsters. The post MITRE Releases Fight Fraud Framework appeared fir...
GlassWorm Trojan Hits VS Code, Cursor, Windsurf via OpenVSX Extension
A newly discovered supply chain attack is spreading the GlassWorm malware across multiple developer environments by abusing the OpenVSX extension marketplace...
Why is the timeline to quantum-proof everything constantly shrinking?
Experts say advancements in hardware, mathematics and growing fear of Chinese scientific breakthroughs are pushing Google and others to call for speedier mig...
Internet-exposed Modbus ICS devices threaten critical infrastructure
Internet-facing industrial control devices connected to the default Modbus port, commonly used by power grids and other industrial systems, reached 179 acros...
Misconfiguration spills over 40M SMTP records linked to major firms
Cybernews reports that more than 40 million SMTP records, including email addresses and traffic metadata from leading corporations DHL, L'Oreal, Renault, and...
What to Know About CyberAv3ngers: The IRGC-Linked Group Targeting Critical Infrastructure
An Iran-affiliated threat group has evolved from defacing water utility displays to deploying custom ICS malware and exploiting Rockwell Automation PLCs acro...
STX RAT Targets Finance Sector With Advanced Stealth Tactics
STX RAT, a newly identified remote access trojan, attempted deployment in finance, showing advanced C2 and stealthy delivery methods
Weak at the seams
Before I ever held a security title, I was a software engineer implementing vertically integrated automation systems for industrial manufacturing, warehouse-...
Contemporary Controls BASC 20T
View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to enumerate the functionality of each component associated with the ...
Weak at the seams
Before I ever held a security title, I was a software engineer implementing vertically integrated automation systems for industrial manufacturing, warehouse-...
Internet-Exposed ICS Devices Raise Alarm for Critical Sectors
Exposed ICS devices and insecure protocols like Modbus increase risks to critical infrastructure, enabling disruption, data access, and potential sabotage.
Hackers use pixel-large SVG trick to hide credit card stealer
A massive campaign impacting nearly 100 online stores using the Magento e-commerce platform hides credit card-stealing code in a pixel-sized Scalable Vector ...
TeamPCP Supply Chain Campaign: Update 007 - Cisco Source Code Stolen via Trivy-Linked Breach, Google GTIG Tracks TeamPCP as UNC6780, and CISA KEV Deadline Arrives with No Standalone Advisory, (Wed, Apr 8th)
This is the seventh update to the TeamPCP supply chain campaign threat intelligence report,&#;x26;#;xc2;&#;x26;#;xa0;"When the Security Scanner Became the We...
EvilTokens Uses Stolen Microsoft 365 Tokens, AI to Supercharge BEC
EvilTokens is a new Phishing-as-a-Service (PhaaS) platform that turns stolen Microsoft 365 tokens and AI into an end‑to‑end factory for Business Email Compro...