Energy sector cybersecurity is a matter of national security, with power grids, pipelines, and utility systems representing critical infrastructure targets for nation-state actors. Industrial control systems and operational technology in energy environments face specialized threats. defend.network tracks threats to the energy sector including ICS/SCADA vulnerabilities, nation-state targeting, and regulatory developments.
IronWorm and Miasma worms actively distributed via 50+ poisoned npm packages; WordPress Everest Forms Pro (CVE-2026-3300) exploited for RCE on 4,000 sites; SolarWinds Serv-U flaw weaponized for DoS; 900+ US fuel tank gauges exposed and under attack.
Google Gemini voice assistant hijackable via poisoned notifications; Microsoft 365 Android apps leak tokens; Redis RCE (CVE-2026-23479) patched; critical fuel tank systems under active attack.
Critical BitLocker zero-days with public PoCs, Microsoft Exchange APT exploitation, Canvas ransomware attack on education sector, and Foxconn manufacturing compromise create immediate operational risks across multiple industries.
Critical supply chain attacks via malicious Docker images and npm worms, state-sponsored credential theft campaigns targeting Microsoft Office, and destructive Lotus Wiper malware deployed against Venezuelan energy infrastructure require immediate response across all organizations.
Critical threats span Iranian PLC targeting, Russian token harvesting, Marimo RCE exploitation within 10 hours, and GlassWorm IDE infections. Immediate patching and detection deployment required.
This week's verified threat landscape is dominated by three actively exploited vulnerabilities affecting web platforms and infrastructure. CVE-2026-48172 in LiteSpeed cPanel Plugin poses immediate ris
This week presents an exceptionally high-risk threat landscape with multiple critical vulnerabilities under active exploitation across infrastructure, enterprise, and open-source ecosystems. Immediate
This week marks a significant surge in actively exploited vulnerabilities, with three critical flaws requiring immediate patching across IT infrastructure and OT systems. The Ollama out-of-bounds read
This week presents an exceptionally high-risk threat landscape dominated by active exploitation campaigns and critical infrastructure vulnerabilities. Federal agencies face an immediate Sunday deadlin
This week presents elevated risk from actively exploited vulnerabilities across network infrastructure, IoT devices, and enterprise software. Immediate patching is required for Cisco Firepower/ASA dev
This week presents elevated risk across OT/ICS sectors with multiple critical RCE vulnerabilities in industrial control systems and emerging threats to cloud infrastructure. Active exploitation of Mic
This week presents an elevated threat landscape dominated by actively exploited critical vulnerabilities in both IT and OT environments. Iranian-affiliated threat actors are actively targeting US crit
This week presents elevated risk with five critical vulnerabilities actively exploited in the wild, including FortiClient EMS and video conferencing systems requiring immediate patching. Organizations
This week reflects sustained critical threats across OT/ICS and enterprise systems with multiple actively exploited vulnerabilities. F5 BIG-IP APM (CVE-2025-53521) and Citrix NetScaler (CVE-2026-3055)
Subscribe free and never miss a threat briefing.