IoT/OT

M6PLUS Bluetooth protocol lacks replay protection; POC released for CVE-2026-4583.

Masjesu botnet emerges as DDoS-for-hire service targeting IoT devices globally via Telegram.

FBI disrupts Russian GRU campaign hijacking routers via DNS attacks for espionage.

Iranian threat actors disrupted US critical infrastructure by compromising exposed programmable logic controllers.

Masjesu DDoS botnet targets IoT devices across Vietnam, Brazil, India, Iran, Kenya, and Ukraine.

US disrupts Russian APT28 espionage operation using hacked routers for DNS hijacking and AitM attacks.

Iran-linked hackers disrupt U.S. critical infrastructure by targeting internet-exposed PLCs.

US government warns of Iranian state-sponsored threat actors targeting industrial PLCs.

Iran-linked hackers disrupt US critical infrastructure via PLC and SCADA attacks.

CVE-2026-28286 privilege escalation in ZimaOS allows API restriction bypass and unauthorized write access.

Iran-linked hackers sabotage US energy and water infrastructure via compromised industrial control devices.

CVE-2026-23398 Linux kernel ICMP DoS vulnerability disclosed with public PoC.

FBI releases joint advisory on Iranian cyber actors exploiting PLCs in US critical infrastructure.

US agencies warn of Iranian APT targeting internet-exposed industrial control systems.

Iranian APT actors breach U.S. energy and water infrastructure OT devices, disrupt PLCs.

UK NCSC exposes APT28 exploiting vulnerable routers for DNS hijacking operations.

Mitsubishi Electric GENESIS64 and ICONICS Suite store SQL credentials in plaintext, enabling local credential

Two WHQL-signed Windows kernel drivers found with arbitrary code execution vulnerability via IOCTL.

NFC RIPPER Android toolkit advertised for NFC relay attacks on payment terminals and ATMs.

Apple releases security patch for DarkSword vulnerability affecting iOS 18.

Drift Protocol loses $280M after attacker gains Security Council admin control via multisig bypass.

US bans foreign-made consumer routers; new imports require FCC approval and disclosure of foreign influence.

Siemens SICAM 8 products vulnerable to DoS via resource exhaustion and XML parsing flaws.

Hitachi Energy Ellipse RCE vulnerability via Jasper Report deserialization flaw affects critical manufacturing systems

Yokogawa CENTUM VP contains hardcoded password vulnerability affecting manufacturing and energy sectors worldwide.

CrystalX RAT, a sophisticated malware-as-a-service, emerges with spyware, stealer, and remote access capabilities.

Critical authentication bypass in PX4 Autopilot MAVLink protocol allows unauthenticated remote shell command execution.

Anritsu Remote Spectrum Monitor critical authentication bypass affecting all versions worldwide.

Kimwolf v7 botnet adds HTTP/2 floods, Chrome spoofing, Tor C2, and blockchain RPC endpoints.

Spanish electricity company FENIE Energía suffers major breach with 430GB database leaked after failed ransom

New Android RAT 'Darkweb' marketed on cybercrime forum as most powerful hacking tool.

TP-Link patches high-severity router vulnerabilities enabling auth bypass and arbitrary command execution.

Geopolitical tensions drive state-sponsored cyber operations targeting critical infrastructure globally.

CISA alerts to critical PTC Windchill deserialization flaw CVE-2026-4681 affecting PLM software.

OpenCode Systems OC Messaging and USSD Gateway 6.32.2 contains improper access control vulnerability allowing

Critical RCE vulnerability in PTC Windchill and FlexPLM affects manufacturing sector globally.

Mirai malware evolves into 116+ variants, driving 24% botnet C2 server surge globally.

FCC bans new foreign-made home routers from US market citing national security and cyber espionage risks.

FCC bans new consumer routers made outside US citing national security risks.

TP-Link patches critical authentication bypass in Archer NX routers allowing firmware upload

FCC bans sales of new foreign-made consumer routers in US citing supply-chain and critical infrastructure risks.

Poland faced 270,000 cyberattacks in 2025, including destructive energy sector assault suspected from Russia.

Israel hijacked Iran's street cameras to track and kill Supreme Leader Khamenei in February.

CISA warns of critical unauthenticated RCE in Pharos Controls Mosaic Show Controller firmware 2.15.3.

Schneider Electric Plant iT/Brewmaxx versions 9.60+ vulnerable to Redis flaws enabling RCE and DoS.

Schneider Electric EcoStruxure Foxboro DCS deserialization flaw allows RCE via malicious project files.

Memory leak in Grassroots DICOM (GDCM) 3.2.2 allows denial-of-service via malformed files.

Biometric surveillance and smart device data collection expose Americans to privacy risks and police searches.

Gcore Radar reports 150% YoY surge in DDoS attacks with 12 Tbps peak volume in Q4 2025.

Forescout report shows routers now primary enterprise threat vector, surpassing PCs.