OT / ICS Threat Intelligence

Critical Unpatched RCE in Siemens RUGGEDCOM and ScadaBR — No Fix Available for Either

CISA's May 19 ICS advisories flag unauthenticated root-level code execution in Siemens RUGGEDCOM APE1808 and ScadaBR SCADA software. Neither has a patch. The ScadaBR vendor has not responded to CISA.

Volt Typhoon Activity Confirmed Across UK Water and Energy OT Networks

NCSC and Five Eyes partners have confirmed Volt Typhoon intrusions at operational technology networks in UK water treatment and regional energy distribution. The group is not causing disruption — it is waiting.

Volt Typhoon: The Long Game in Western Critical Infrastructure

A deep analysis of Volt Typhoon's objectives, methods, and targets — and what the sustained Chinese pre-positioning campaign in Western CNI means for how operators, regulators, and governments need to respond.

The Attack Is Coming From Inside the Country: China's Compromised-Device Networks and Why Your Perimeter Controls Miss Them

A joint advisory from CISA, NCSC, and ten allied nations describes how China-linked threat actors have abandoned dedicated attack infrastructure in favour of networks of compromised home routers and IoT devices. The implication for defenders is worse than it sounds.

The OT/ICS Blind Spot: Why Your Cyber Risk Picture Is Missing Half the Picture

Most boards have a reasonable grasp of IT cyber risk. Almost none have adequate visibility into the operational technology that runs their industrial processes, utilities, and physical infrastructure. This gap is exactly what state actors are exploiting.

The Real Cost of a Critical Infrastructure Attack: Beyond the Ransom

When a critical infrastructure operator is hit, the ransom payment is usually the smallest line on the eventual damage assessment. The true costs — operational, regulatory, reputational, and systemic — are far larger and far longer-lasting.