ICS/OT vulnerability disclosures and industrial targeting surged in 2025
Target Trend
Summary
Hide ▲
Show ▼
Industrial control system and OT vulnerability disclosures surged in 2025, reaching 2,451 across 152 vendors and nearly doubling the prior year’s total. The increase matters because cybercriminals and hacktivists are concentrating on HMI and SCADA environments that underpin critical operations. That combination expands operational risk for sectors that rely on industrial technology, including manufacturing and healthcare.
Related Happenings
CISA KEV remediation lag is widening as exploit timelines shrink
Target Trend
First: 10.04.2026 17:01
Last: 10.04.2026 17:01
Sources 1
About this happening:
**CISA KEV** remediation lag is widening across **10,000 organizations**, leaving enterprise exposures open longer than attackers need to weaponize them. Critical vulnerabilities...
CISA KEV remediation lag is widening as exploit timelines shrink
Target TrendAbout this happening: **CISA KEV** remediation lag is widening across **10,000 organizations**, leaving enterprise exposures open longer than attackers need to weaponize them. Critical vulnerabilities...
2025 Decline in physically impactful OT attacks
Target Trend
First: 26.03.2026 22:33
Last: 26.03.2026 22:33
Sources 1
About this happening:
**Physically impactful OT attacks** fell to **57 in 2025**, reversing a **year-over-year decline** that matters for critical infrastructure defenders. The total was down from **76...
2025 Decline in physically impactful OT attacks
Target TrendAbout this happening: **Physically impactful OT attacks** fell to **57 in 2025**, reversing a **year-over-year decline** that matters for critical infrastructure defenders. The total was down from **76...
Electrum and Kamicite destructive OT/ICS campaign
Campaign
First: 17.02.2026 23:31
Last: 17.02.2026 23:31
Sources 1
About this happening:
A **2025 destructive campaign** tied to **Electrum** and **Kamicite** combined **persistent scanning** with attacks that could disrupt industrial and communications infrastructure...
Electrum and Kamicite destructive OT/ICS campaign
CampaignAbout this happening: A **2025 destructive campaign** tied to **Electrum** and **Kamicite** combined **persistent scanning** with attacks that could disrupt industrial and communications infrastructure...
Poland's energy sector hit by network compromise
Incident
First: 17.02.2026 23:31
Last: 17.02.2026 23:31
Sources 1
About this happening:
A **wiper attack** hit **Poland's energy sector** on **Dec. 29 and 30, 2025**, damaging OT visibility and firmware across **more than 30 renewable energy farms** and other facilit...
Poland's energy sector hit by network compromise
IncidentAbout this happening: A **wiper attack** hit **Poland's energy sector** on **Dec. 29 and 30, 2025**, damaging OT visibility and firmware across **more than 30 renewable energy farms** and other facilit...
CISA adds four actively exploited flaws to KEV with FCEB deadlines
Public Sector Action
First: 13.02.2026 10:34
Last: 13.02.2026 10:34
Sources 1
About this happening:
CISA added **four vulnerabilities** to the **Known Exploited Vulnerabilities (KEV) catalog** after evidence of **active exploitation**, putting **FCEB agencies** on a forced remed...
CISA adds four actively exploited flaws to KEV with FCEB deadlines
Public Sector ActionAbout this happening: CISA added **four vulnerabilities** to the **Known Exploited Vulnerabilities (KEV) catalog** after evidence of **active exploitation**, putting **FCEB agencies** on a forced remed...
Timeline
-
15.01.2026 17:00 3 articles · 4mo ago
Cyble publishes 2025 ICS/OT threat findings
Technical Analysis UpdateCyble's Annual Threat Landscape Report 2025, published on January 15, 2026, quantified a 2025 surge in industrial control system and operational technology exposure, including 2,451 ICS vulnerability disclosures across 152 vendors, an August spike of 802 disclosures, and increased targeting of exposed human-to-machine interfaces (HMIs) and supervisory control and data acquisition (SCADA) systems by cybercriminals and hacktivists.
Show sources
- Cyber Threat Actors Ramp Up Attacks on Industrial Environments — www.infosecurity-magazine.com — 15.01.2026 17:00
- Cyber Threat Actors Ramp Up Attacks on Industrial Environments — www.infosecurity-magazine.com — 15.01.2026 17:00
- Industrial Control System Vulnerabilities Hit Record Highs — www.infosecurity-magazine.com — 19.02.2026 15:00