Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

FBI/CISA joint advisory on PLC targeting

Public Sector Action
First reported
Last updated
Happening score
H score 44
2 unique sources, 2 articles

Summary

Hide ▲

The FBI, CISA, NSA, EPA, DOE, and CNMF issued a joint advisory warning U.S. critical-infrastructure defenders about Internet-exposed Rockwell/Allen-Bradley PLCs. The agencies said the activity has caused financial losses and operational disruptions across multiple sectors since March 2026. The advisory also tells operators to disconnect PLCs from the Internet, harden access, and review logs for suspicious OT activity.

Related Happenings

US government warning on Iran-affiliated critical infrastructure disruption risk

Public Sector Action
First: 18.05.2026 18:41 Last: 18.05.2026 18:41 Sources 1

About this happening: The **US government** warned that **Iran-affiliated threat actors** were disrupting **US critical infrastructure** through attacks on **Internet-exposed OT devices** across **mult...

Open Happening

UK government FCA Bank of England and **CMORG** Issued a statement urging firms to actively manage frontier AI cyber risks and strengthen defenses for **May 15** and ongoing

Public Sector Action
First: 18.05.2026 12:00 Last: 18.05.2026 12:00 Sources 1

About this happening: The **UK government**, **FCA**, and **Bank of England** issued a **May 15** statement telling **UK financial services firms** to actively manage **frontier AI** cyber risks, becau...

Open Happening

CISA KEV remediation order for Cisco Catalyst SD-WAN Controller CVE-2026-20182

Public Sector Action
First: 15.05.2026 08:28 Last: 15.05.2026 08:28 Sources 1

About this happening: **CISA** added **CVE-2026-20182** to the **KEV catalog** and ordered **Federal Civilian Executive Branch agencies** to remediate **Cisco Catalyst SD-WAN Controller** by **May 17,...

Open Happening

Municipal water and drainage utility provider in Mexico hit by network compromise

Incident
First: 07.05.2026 17:00 Last: 07.05.2026 17:00 Sources 1

About this happening: A **municipal water and drainage utility provider in Mexico** suffered a **significant IT compromise** that escalated into an attempted attack against **OT infrastructure**, raisi...

Open Happening

CISA releases CI Fortify guidance for critical infrastructure resilience

Public Sector Action
First: 05.05.2026 15:00 Last: 05.05.2026 15:00 Sources 1

About this happening: CISA released CI Fortify, guidance for critical infrastructure operators across sectors to help keep essential services running during cyberattack or crisis conditions. The framew...

Latest development: 06.05.2026 16:15

CISA launched CI Fortify on Tuesday as a planning framework for critical infrastructure operators in water, energy, transportation and communications to prepare for cyber disruption by disconnecting OT systems from third-party and business networks, maintaining essential services in degraded communications conditions, and recovering compromised systems through backups, component replacement, or a transition to manual operations.

Open Happening

Timeline

  1. 07.04.2026 21:02 2 articles · 1mo ago

    US agencies issue PLC-targeting advisory

    Initial Disclosure

    FBI, CISA, NSA, EPA, DOE, and CNMF issued a joint advisory warning U.S. critical-infrastructure organizations that Iranian-linked hackers were targeting Internet-exposed Rockwell/Allen-Bradley programmable logic controllers (PLCs) on OT networks, including Government Services and Facilities, Water and Wastewater Systems, and Energy sectors; the advisory says the campaign caused financial losses and operational disruptions since March 2026 and involved extraction of device project files plus manipulation of HMI and SCADA display data.

    Show sources
    Open in new tab