All CosmicBytez Labs articles tagged #Critical Infrastructure, across news, security advisories, how-to guides, and projects.
The Coca-Cola Company filed an SEC 8-K disclosure after a ransomware attack on its Fairlife dairy subsidiary temporarily suspended all US production of Ultra-Filtered Milk, Core Power Protein Shakes, and Nutrition Plan beverages.
Latvia's state-owned forest management company LVM remains in recovery mode weeks after a ransomware attack that went undetected for nearly two weeks,...
Kaspersky researchers have detailed a new campaign by Armored Likho — a threat actor overlapping with Eagle Werewolf — deploying modular RATs and the...
A Microsoft Defender zero-day fuels ransomware before any patch exists; researchers dissect how syndicate groups run HR departments and tiered pricing;...
Nation-state attackers from Iran, Russia, and China are breaching water utility systems through weak passwords, exposed PLCs, and poor network...
A Chinese-speaking advanced persistent threat actor has launched targeted attacks against government entities and critical infrastructure in Southeast...
California Water Service has confirmed that Iranian hacker group Handala's cyberattack was limited to IT systems, with Mandiant's investigation finding no...
Accenture's $4.1 billion acquisition of Dragos (valued at $3.25B), runZero, and NetRise marks the largest consolidation in operational technology...
Google's Threat Intelligence Group has unmasked UNC6508, a China-linked espionage actor that silently maintained access to critical infrastructure and...
Mackay Sugar, one of Australia's largest sugar producers, is working urgently to restore harvesting and milling operations after The Gentlemen ransomware...
UK NCSC CEO Richard Horne delivered a stark warning at the RUSI Annual Security Lecture: nation-state adversaries are pre-positioning inside British...
A sustained cyberattack against Russian enterprise software provider Astral has disrupted business and government services across Russia for over a week,...
A CVSS 9.8 authentication bypass in Nefteprodukttekhnika's BUK TS-G Gas Station Automation System allows any unauthenticated attacker to gain full...
A seventh actively exploited zero-day in Cisco SD-WAN products this year — CVE-2026-20245 — is under attack with no patch yet available from Cisco.
Over 900 US automatic tank gauge systems are exposed online with no authentication, actively targeted by attackers seeking to disrupt fuel infrastructure.
Threat actors are actively targeting Internet-exposed Automatic Tank Gauges (ATGs) at US gas stations, exploiting decades-old unprotected interfaces to…
Western intelligence officials warn that Moscow's espionage apparatus is deploying cyber spies, hackers, and recruited middlemen to steal dual-use...
A CVSS 9.8 critical vulnerability in Oracle Hospitality OPERA 5 Property Services allows unauthenticated network attackers to fully compromise hotel...
A critical authentication bypass vulnerability in Cisco Catalyst SD-WAN Controller and Manager allows an unauthenticated remote attacker to bypass...
The UK's Information Commissioner's Office has fined South Staffordshire Water Plc and its parent company £963,900 ($1.3 million) after a cyberattack...
West Pharmaceutical Services, a global manufacturer of drug delivery systems and packaging, has taken systems offline worldwide after hackers exfiltrated...
A critical CVSS 9.8 hard-coded credentials vulnerability in Dell ECS and ObjectScale allows unauthenticated local attackers to gain full filesystem access...
The UK's Information Commissioner's Office fined South Staffordshire Water nearly £1 million after the Cl0p ransomware group maintained undetected access...
A critical OS command injection flaw in Universal Robots PolyScope Dashboard Server (CVSS 9.8) allows unauthenticated attackers to execute arbitrary...
A critical SQL injection vulnerability in NASA's Earth Observing System Data and Information System MODAPS v8.1 allows unauthenticated attackers to...
Itron, Inc. has disclosed a cybersecurity incident via SEC Form 8-K in which an unauthorized third party accessed certain internal systems at the utility...
Cybersecurity researchers at Darktrace have identified ZionSiphon, a new malware specifically designed to target Israeli water treatment and desalination...
A critical vulnerability in a programmable logic controller allows unauthenticated network attackers to brute force weak passwords and gain full...
More than 18 months after a ransomware attack crippled hospitals in South East London, at least one NHS trust is still operating without fully restored...
SecurityWeek reports that the Medusa ransomware group has developed a dangerous capability: rapidly weaponizing newly disclosed vulnerabilities —...
Microsoft has raised the alarm over Medusa ransomware's unprecedented operational speed, with the group now exploiting zero-day vulnerabilities before...
The accidental exposure of Anthropic's Claude Code source code via an npm packaging error is the latest reminder that software supply chains need...
This week's security stories you may have missed: a ChatGPT conversation data leak, a new Android rootkit on Google Play, a municipal water facility taken...
A critical CVSS 9.8 vulnerability in the MAVLink drone communication protocol allows unauthenticated attackers to send arbitrary SERIAL_CONTROL commands —...
Hours after the FBI confirmed that Iranian hackers gained access to Director Kash Patel's personal email account, the U.S. State Department reissued a $10...
A critical CVSS 9.8 stack-based buffer overflow in Delta Electronics COMMGR2 allows unauthenticated remote code execution, posing severe risk to...
A maximum-severity authentication bypass in Cisco Catalyst SD-WAN (CVE-2026-20127, CVSS 10.0) has been actively exploited by threat actor UAT-8616 since...
A critical unauthenticated RCE vulnerability in International Datacasting Corporation's SFX Series satellite receivers allows attackers to execute...
Google's Threat Intelligence Group dismantles UNC2814, a China-linked operation that deployed a novel backdoor called GRIDTIDE abusing Google Sheets API...
During Operation 'Roar of the Lion,' a coordinated cyber offensive knocked Iran's internet connectivity down to just 4% of normal traffic, blacking out...
Technical documents leaked from a malware-infected developer device expose a Chinese military-linked training platform that replicates the critical...
A CVSS 10.0 authentication bypass in Cisco Catalyst SD-WAN has been exploited since at least 2023. CISA issues Emergency Directive ED 26-03 as all Five...
A ransomware attack detected February 19 has taken down UMMC's EPIC EMR system and forced all 35 health clinics across Mississippi to close, canceling...
Advantest Corporation, the world's leading manufacturer of semiconductor test equipment supplying companies like TSMC, Intel, and Samsung, disclosed a...
A partial DHS shutdown since February 14 has furloughed 1,453 of CISA's 2,341 employees, halting vulnerability scanning, threat advisories, and critical...
The Qilin ransomware group has compromised Romania's national oil pipeline operator Conpet, exfiltrating over 1 TB of data including passports, internal...
Palo Alto Unit 42 reveals a state-aligned group designated TGR-STA-1030 compromised government and critical infrastructure targets in 37 countries using...
Dragos and Mandiant report a 112% increase in cyberattacks targeting energy, water, and transportation systems in the first quarter of 2026, with...
Cisco Talos uncovers a seven-component Linux framework called DKnife that compromises routers to intercept credentials, replace downloads with trojans,...
Ransomware attacks against healthcare organizations have increased 67% in the first month of 2026, with multiple hospital systems reporting service disruptions.
CISA has issued an emergency directive requiring federal agencies to mitigate Ivanti Connect Secure vulnerabilities within 48 hours as active exploitation...