PT-2026-51651

Name of the Vulnerable Software and Affected Versions Hubbell Aclara Metrum affected versions not specified Description The Cellular Web Interface contains a flaw where missing authentication allows unauthenticated attackers to manipulate critical device settings and disrupt operations. This issu...

FlowGuard: Flow Matching for Identity-Independent Detection of Data-Free Model Stealing Attacks on Energy System Intrusion Detection Systems

Artificial Intelligence AI-based Intrusion Detection Systems IDS deployed in energy infrastructure are vulnerable to model theft attacks, which allow adversaries to create evasive traffic offline. Current defences against model extraction rely either on identity-bound query monitoring, which is...

Iran-Linked Hackers Are Sabotaging US Energy and Water Infrastructure

As Trump threatens Iranian infrastructure, the US government warns that Iran has carried out its own digital attacks against US critical infrastructure...

Survey of 100+ Energy Systems Reveals Critical OT Cybersecurity Gaps

A study by OMICRON has revealed widespread cybersecurity gaps in the operational technology OT networks of substations, power plants, and control centers worldwide. Drawing on data from more than 100 installations, the analysis highlights recurring technical, organizational, and functional issues...

Amazon Exposes Years-Long GRU Cyber Campaign Targeting Energy and Cloud Infrastructure

Amazon's threat intelligence team has disclosed details of a "years-long" Russian state-sponsored campaign that targeted Western critical infrastructure between 2021 and 2025. Targets of the campaign included energy sector organizations across Western nations, critical infrastructure providers in...

Project PowerUp – Helping to keep the lights on in Ukraine in the face of electronic warfare

As Russias invasion of Ukraine entered its first winter in late 2022, nearly half of Ukraines energy infrastructure had been destroyed, leaving millions without power. The resulting energy deficit has exacerbated something that hasnt had much media attention: The effects of electronic GPS jammers...

Ukrainian Military Targeted in Phishing Campaign Leveraging Drone Manuals

Ukrainian military entities are the target of a phishing campaign that leverages drone manuals as lures to deliver a Go-based open-source post-exploitation toolkit called Merlin. "Since drones or Unmanned Aerial Vehicles UAVs have been an integral tool used by the Ukrainian military, malware-lace...

Ukraine's CERT Thwarts APT28's Cyberattack on Critical Energy Infrastructure

The Computer Emergency Response Team of Ukraine CERT-UA on Tuesday said it thwarted a cyber attack against an unnamed critical energy infrastructure facility in the country. The intrusion, per the agency, started with a phishing email containing a link to a malicious ZIP archive that activates th...

Feds Allege Destructive Russian Hackers Targeted US Refineries

The Justice Department unsealed indictments against four alleged Russian hackers said to have targeted US energy infrastructure for nearly a decade...

Russia Sanctions May Spark Escalating Cyber Conflict

President Biden joined European leaders this week in enacting economic sanctions against Russia in response to its invasion of Ukraine. The West has promised tougher sanctions are coming, but experts warn these will almost certainly trigger a Russian retaliation against America and its allies,...

U.S. Declares Emergency in 17 States Over Fuel Pipeline Cyber Attack

The ransomware attack against Colonial Pipeline's networks has prompted the U.S. Federal Motor Carrier Safety Administration FMCSA to issue a regional emergency declaration in 17 states and the District of Columbia D.C.. The declaration provides a temporary exemption to Parts 390 through 399 of t...

White House Launches Electric Industry Security Maturity Model Program

The White House has launched a new initiative designed to help companies in the electric power industry measure the maturity of their security programs against a new maturity model. The program is being run in tandem with the Department of Homeland Security and Department of Energy and is meant t...