Tag: critical-infrastructure

CISA Adds Google Dawn CVE to KEV as North Korean APT UNC1069 Claims Axios Supply Chain Attack

CISA confirmed active exploitation of a use-after-free vulnerability in Google Dawn by adding it to the KEV catalog. Meanwhile, Google attributed the recent Axios npm supply chain compromise to North Korean threat group UNC1069, while ransomware operators continue targeting critical infrastructure including water treatment facilities.

Apr 2, 2026Security Affairs, The Record

cisa-kevgoogle-dawnnorth-korea

🇺🇸Google

highIndustry & Policy

Healthcare Under Siege: LatAm Government Attacks Rise as CNI Faces Million-Dollar Downtime Costs

Healthcare systems must rehearse ransomware response as Latin American governments experience surging cyberattacks targeting critical sectors. Critical infrastructure providers face potential £5 million downtime costs from operational technology attacks.

Apr 2, 2026Dark Reading, Infosecurity Magazine

ransomwarehealthcarelatin-america

🏴Play

🇺🇸Google

informationalIndustry & Policy

Environmental Policy Decision Raises Questions for Critical Infrastructure Security

The U.S. has granted oil industry exemptions from certain environmental protections citing national security concerns. This highlights ongoing tensions between operational security requirements and regulatory compliance in critical infrastructure sectors.

Apr 1, 2026Hacker News (filtered)

critical-infrastructureenergy-sectorregulatory-policy

highNation-State & APT

Red Menshen APT Deploys Enhanced BPFdoor Malware Against Global Telecommunications Infrastructure

Chinese APT group Red Menshen has enhanced its BPFdoor malware with sophisticated evasion capabilities specifically targeting global telecommunications infrastructure. The upgraded malware defeats traditional cybersecurity protections, leaving telecommunications providers with limited defensive options beyond active threat hunting.

Mar 28, 2026Dark Reading

red-menshenbpfdoortelecommunications

highNation-State & APT

APT Activity Roundup: Iran-Linked Energy Targeting, Major DeFi Breach, and Critical Infrastructure Vulnerabilities

Iranian threat actors are actively targeting Middle East energy infrastructure while QNAP addressed critical SD-WAN vulnerabilities demonstrated at Pwn2Own Ireland 2025. A major DeFi platform breach resulted in $24.5 million stolen, and education company Kaplan disclosed a breach affecting over 230,000 individuals.

Mar 24, 2026Security Affairs, The Record, Palo Alto Unit 42

iran-aptenergy-sectordefi-breach

🇺🇸Google

criticalIndustry & Policy

Weekly Threat Brief: March 15-22, 2026 — Supply Chain Attacks and Zero-Day Exploitation Surge

Supply chain attacks compromised major security tools including Trivy scanner and AppsFlyer SDK while Russian APTs actively exploited zero-days in iOS, Cisco firewalls, and Zimbra. Critical infrastructure faced sustained assault from ransomware groups and state actors.

Mar 22, 2026Black Temple Weekly Digest

weekly-roundupthreat-intelligencesupply-chain-attacks

🇰🇵Lazarus🏴Lapsus$🇨🇳Winnti

🇺🇸Meta Platforms🇦🇪Telegram🇺🇸Google🇺🇸Oracle Data Cloud🇺🇸Snap Inc

highMalware & Threats

WorldLeaks Ransomware Group Strikes Los Angeles Metro System, Forces Emergency Shutdown

The WorldLeaks ransomware group successfully breached Los Angeles Metro's internal systems, forcing an emergency shutdown of the public transit network. Two Bay Area municipalities simultaneously declared local emergencies following separate but potentially coordinated ransomware attacks.

Mar 22, 2026Security Affairs

ransomwarecritical-infrastructurepublic-transportation

highIndustry & Policy

Ransomware Devastates Oceania Healthcare While New Threats Target Critical Infrastructure

Healthcare systems across Australia, New Zealand, and Tonga face ransomware attacks from the INC group while Chinese state-backed actors shift focus to Qatar amid regional tensions. Supply chain attacks compromise GitHub Actions and new malware variants target HR departments with EDR evasion capabilities.

Mar 12, 2026Dark Reading, Infosecurity Magazine

ransomwarehealthcaresupply-chain

🏴INC Ransom

🇺🇸Google

mediumPrivacy & Surveillance

Dutch Defense Secretary Proposes Jailbreaking F-35 Jets to Reduce US Software Dependency

The Dutch Defense Secretary has proposed jailbreaking F-35 fighter jets to accept third-party software, reflecting growing international concerns about dependency on US-controlled maintenance and software updates for critical defense systems.

Mar 10, 2026Schneier on Security

supply-chaindefense-systemsjailbreaking

criticalIndustry & Policy

Weekly Threat Brief: March 1-8, 2026 — AI Weaponization and Kinetic-Cyber Convergence

Iranian APTs deploy AI-generated malware and compromise critical infrastructure including prayer apps for psychological operations. Six critical vulnerabilities face active exploitation while cyber-kinetic warfare tactics proliferate across multiple theaters.

Mar 8, 2026Black Temple Weekly Digest

weekly-roundupthreat-intelligenceai-weaponization

🏴Transparent Tribe🇮🇷MuddyWater🏴Phobos🇷🇺APT28🏴Play

🇺🇸LexisNexis🇨🇳Hikvision🇦🇪Telegram🇺🇸Google

criticalMalware & Threats

Critical Infrastructure Under Fire: AWS Drone Strikes, Android Zero-Day, and AI-Powered Attack Tools

Physical attacks on AWS infrastructure in the Middle East caused extensive cloud service outages, while Google patched an actively exploited Qualcomm zero-day affecting Android devices. Multiple major data breaches and the weaponization of AI security tools highlight escalating threat landscape complexity.

Mar 3, 2026BleepingComputer, Cisco Talos

awszero-dayransomware

🇺🇸Amazon🇺🇸Google

criticalIndustry & Policy

Weekly Threat Brief: Feb 23 - Mar 2, 2026 , Critical Infrastructure Under Active Exploitation

A three-year-old Cisco SD-WAN zero-day under active exploitation headlines a week of critical infrastructure vulnerabilities, while nation-state actors increasingly weaponize AI tools and geopolitical tensions drive cyber escalation.

Mar 2, 2026Black Temple Weekly Digest

weekly-roundupthreat-intelligencecritical-infrastructure

🏴ShinyHunters🇮🇷MuddyWater🇷🇺APT28