Find notable cyber news and cases, enriched with sources, timelines, and signals.

Pro-Russia hacktivist OT intrusion campaign against US critical infrastructure

Campaign
First reported
Last updated
Happening score
H score 36
1 unique sources, 1 articles

Summary

Hide ▲

A coordinated pro-Russia hacktivist campaign is exploiting exposed virtual network computing connections and weak passwords to breach operational technology (OT) systems across US critical infrastructure, creating disruption risk and, in some cases, physical impacts. The activity is tied to groups including Cyber Army of Russia Reborn (CARR), Z-Pentest, NoName057(16), and Sector16, and has affected water treatment, food production, and energy operators. The operators rely on simple reconnaissance, password guessing, and internet-facing human-machine interfaces to gain access.

Related Happenings

Automatic tank gauge (ATG) systems ongoing attacks

Exploitation Wave
H score25 First: 05.06.2026 17:50 Last: 05.06.2026 17:50 Sources 1

About this happening: **Over 900 internet-exposed ATG systems** across the United States are being targeted in **ongoing attacks**, creating risk of **alert tampering**, **fuel or chemical leaks**, and...

CISA automatic tank gauge system mitigations

Advisory/Mitigation
H score20 First: 02.06.2026 15:00 Last: 02.06.2026 15:00 Sources 1

About this happening: **CISA**, **FBI**, **NSA**, and the **Department of Energy** warned that attackers are targeting **internet-exposed automatic tank gauge (ATG) systems** used to monitor fuel and l...

Iranian hackers' ATG cyberattack campaign

Campaign
H score37 First: 18.05.2026 18:41 Last: 18.05.2026 18:41 Sources 1

About this happening: Iranian threat groups launched a **barrage of cyberattacks** after the conflict began, broadening pressure on **US gas-station fuel-monitoring systems** and signaling continued ri...

Russian state-linked hybrid cyber campaign targeting Denmark

Campaign
H score23 First: 19.12.2025 14:28 Last: 19.12.2025 14:28 Sources 1

About this happening: The **Russian state-linked** campaign against **Denmark** escalated with a destructive **water-utility attack** and **DDoS assaults** tied to **November's local elections**, raisi...

CISA-led joint cybersecurity advisory for critical infrastructure

Public Sector Action
H score39 First: 09.12.2025 14:00 Last: 09.12.2025 14:00 Sources 1

How related: According to a new report by CISA, the Federal Bureau of Investigation (FBI), the National Security Agency (NSA), and other national and international partners, the attacks are part of a surge in low-skilled but disruptive intrusions affecting entities in water treatment, food production and energy in the US.

About this happening: **CISA**, **FBI**, **NSA**, **DOE**, **EPA**, **DC3**, and global partners issued a **joint cybersecurity advisory** urging **critical infrastructure organizations** to act immedi...

Timeline

  1. 10.12.2025 18:00 2 articles · 7mo ago

    CISA-led advisory on pro-Russia OT intrusions

    Initial Disclosure

    CISA, the FBI, the NSA, and partners warned that loosely organized pro-Russia hacktivist groups are exploiting exposed virtual network computing connections and weak credentials to breach operational technology systems at US water treatment, food production, and energy entities, using simple reconnaissance tools, common password-guessing techniques, and internet-facing human-machine interfaces; affected operators have seen temporary loss of view, altered parameters, disabled alarms, restarted devices, and costly manual recovery, and the advisory urges reduced public internet access to OT assets, stronger authentication including MFA, network segmentation, strict firewall policies, updated software, and contingency plans for rapid manual operation.

    Show sources