Critical Infrastructure Under Siege as Supply Chain Attacks and Zero-Days Rattle Global Defenses

Publication Date: April 11, 2026

Summary

Over the past 24 hours, the cybersecurity landscape has been dominated by a surge in state-sponsored attacks targeting US critical infrastructure, with Iran-linked actors exploiting internet-exposed PLCs. Simultaneously, major supply chain compromises have rocked the open-source ecosystem, with tools like Trivy and Axios being poisoned. Healthcare remains a key target, evidenced by a crippling ransomware attack on EHR provider ChipSoft and a sensitive data breach at Hims & Hers. Meanwhile, active exploitation of Ivanti zero-days and new warnings about insecure building management systems highlight the expanding attack surface for enterprises globally.

Today New Articles

Smart Buildings, Dumb Security: Claroty Warns New Standard Exposes BMS to Remote Attack

Research from Claroty's Team82 has uncovered significant cybersecurity risks stemming from the adoption of the CEA-852 standard, which connects traditionally isolated Building Management Systems (BMS) to IP networks. The standard, which allows legacy protocols...

Hundreds of Unauthenticated ICS Devices, Including for Power Grids, Found Exposed Online

New research from Comparitech reveals a startling lack of security in critical infrastructure, with at least 179 industrial control system (ICS) devices found exposed to the internet without any authentication. These devices, using the insecure-by-design Modbu...

Citizen Lab Uncovers 'Webloc' - A Global Surveillance Tool Using Ad Data to Track Phones

A new report from the University of Toronto's Citizen Lab has exposed a global geolocation surveillance system named "Webloc." Developed by the Israeli firm Cobwebs Technologies, the tool leverages data from the digital advertising ecosystem to track the locat...

GlassWorm Campaign Evolves, Uses Zig-Based Dropper to Infect All Developer IDEs

The ongoing GlassWorm cyber-espionage campaign has adopted a new, sophisticated tool: a dropper written in the Zig programming language. This new malware component was discovered hidden within a malicious Open VSX extension masquerading as a legitimate WakaTim...

Hacking Group 'FlamingChina' Claims 10 Petabyte Military Data Heist from Chinese Supercomputer

A previously unknown hacking entity calling itself 'FlamingChina' has claimed responsibility for a colossal data breach targeting a Chinese supercomputer. The group alleges it has stolen 10 petabytes of highly sensitive military data and is now offering it for...

Article Updates

Global Takedown Disrupts 'Tycoon 2FA' Phishing Service That Bypassed MFA for 100k Orgs

Update:Google Chrome has begun rolling out Device Bound Session Credentials (DBSC) in Chrome 146 for Windows. This new security feature cryptographically binds an authentication session to a specific device, rendering stolen session cookies useless to attackers. DBSC...

Hims & Hers Data Breach: ShinyHunters Steals Support Tickets via Compromised Zendesk Access

Update:The initial report stated that medical records were not compromised. However, new information confirms that the breach exposed highly sensitive Protected Health Information (PHI), including specific medical details related to conditions like erectile dysfuncti...

EU Commission Data Breach Linked to Trivy Supply Chain Attack by TeamPCP Hackers

Update:The update confirms that 71 EU institutions were impacted, explicitly naming the European Medicines Agency (EMA), European Banking Authority (EBA), and notably, ENISA (the EU Agency for Cybersecurity), which escalates the incident's significance. A more precis...

CISA Mandates Federal Agencies Patch Actively Exploited Ivanti EPMM Flaw by April 11

Update:New analysis reveals attackers are chaining two zero-day vulnerabilities in Ivanti EPMM: an authentication bypass followed by a code injection, to achieve unauthenticated remote code execution. Post-exploitation activities now include the deployment of webshel...