#critical infrastructure
15 stories taggedcritical infrastructure.

CISA Flags Three Daktronics Controller Flaws That Could Let Attackers Hijack Highway Signs
A researcher found the vulnerabilities in controllers widely used to drive digital billboards and roadway message signs. Exploitation could mean someone else controls what drivers read.

TinyRCT Backdoor Surfaces in CL-STA-1062 Intrusions Across Southeast Asia
Palo Alto Networks ties the previously undocumented implant to a Chinese-speaking cluster targeting state-owned energy and government entities.

ASIO Found State Hackers Pre-Positioned for Sabotage Inside Australian Critical Infrastructure
Australia's domestic intelligence agency says a foreign state actor had stolen valid credentials from IT staff at a critical infrastructure operator — and was staging for disruption, not just espionage.

ICS Security's 25-Year Reunion Is Headed to Nashville
The Industrial Control Systems Cybersecurity Conference marks a quarter-century in October 2026, touching down at the W Nashville for three days of OT threat intelligence.

Iranian Group Handala Claimed It Could Poison California's Water. Forensics Say Otherwise.
California Water Service brought in Mandiant after Handala threatened disruption. Investigators found no evidence the group ever touched operational technology.

Accenture Moves to Acquire Dragos, runZero, and NetRise in $4.1 Billion OT Security Consolidation
The deal values Dragos alone at $3.25 billion. runZero and NetRise would fold under the Dragos umbrella post-close.

Corporate Cyber Readiness Is a Compliance Exercise. The Military Treats It as Combat.
Enterprise incident response still runs on annual tabletops and audit checkboxes. That gap between posture and practice is exactly what attackers count on.

How Ukraine Turned a Nation-State Cyberwar Into a Masterclass in Operational Resilience
Former foreign minister Dmytro Kuleba details how pre-planned contingencies — not ad-hoc crisis management — kept Ukrainian government and business functions alive under sustained Russian attack.

Fuel, Chemicals, Food: CISA Warns ATG Attacks Can Drain Tanks Silently
Hardcoded credentials and unauthenticated command execution leave automated tank gauges wide open. The fix list is embarrassingly short.

900+ Fuel Tank Gauges Still Hanging Off the Public Internet
ATG systems in gas stations, hospitals, and military sites are exposed to known CVEs — and nobody owns the patch cycle.

Feds Sound Alarm on Exposed Fuel Tank Gauges as Hackers Probe Critical Infrastructure
CISA, FBI, NSA and DOE say internet-facing ATG systems at fuel depots, hospitals and military sites are being scanned and hit. The fix is mostly operator hygiene.

Project Glasswing Expands: 150 More Companies Join AI Vulnerability Initiative
Anthropic's AI-driven bug-hunting project adds critical infrastructure partners, but the patching bottleneck looms.

Trump Signs AI Cybersecurity Order, Reviving the Pre-Release Review Provisions His Team Killed Two Weeks Ago
The new directive creates a voluntary framework for government review of frontier AI models and spins up a Treasury-led vulnerability clearinghouse — while going out of its way to say none of this is mandatory.

Russia's Tech Embargo Run-Around: Shell Companies, Middlemen, and Embedded Spies
Western sanctions were supposed to starve Moscow's military-industrial base of critical components. Instead, Russian intelligence built a procurement machine to go get them anyway.

AI-Driven OT Security Is Only as Good as the Telemetry Feeding It
Fewer than 10 percent of OT networks have meaningful monitoring in place, according to the 2026 Dragos OT Cybersecurity Year in Review. Until that changes, layering machine-learning tools on top of industrial control systems may create more risk than it resolves.