Executive Summary
This week saw five new CISA ICS advisories spanning drone flight controllers, RF spectrum monitors, substation automation, distributed control systems, and energy asset management—including a critical Hitachi Energy Ellipse deserialization flaw under active exploitation. F5 reclassified a BIG-IP APM vulnerability from denial-of-service to pre-authentication remote code execution after discovering active exploitation in the wild, prompting both CISA and the UK’s NCSC to issue urgent patching directives. A ransomware attack on Minot, North Dakota’s water treatment plant forced 16 hours of manual operations, while the broader utility sector experienced a 630% surge in ransomware attacks from February to March 2026. The GlassWorm supply chain campaign targeting automotive developer toolchains expanded to 151 GitHub repositories, raising fundamental questions about the integrity of connected vehicle software build environments.
This report focuses on Cyber-Physical Systems (CPS), Industrial Control Systems (ICS), and critical infrastructure security.
Week of March 27 – April 3, 2026
Critical Alerts & Advisories
CISA published two ICS advisories on March 31 and three more on April 2, addressing products from Anritsu, PX4, Siemens, Yokogawa, and Hitachi Energy. On the same timeline, two high-profile vulnerabilities in network infrastructure appliances—F5 BIG-IP APM and Citrix NetScaler—were added to CISA’s Known Exploited Vulnerabilities catalog after confirmed active exploitation.
The PX4 Autopilot advisory (ICSA-26-090-02) disclosed CVE-2026-1579, a CVSS 9.8 authentication bypass in the MAVLink communication protocol used by the open-source flight controller. Because MAVLink 2.0 message signing is not enabled by default, any party with access to the communication interface can send SERIAL_CONTROL messages to execute arbitrary shell commands on drones and autonomous vehicles. The vulnerability, discovered by Dolev Aviv of Cyviation, affects Transportation Systems, Emergency Services, and Defense Industrial Base sectors. PX4 has published a security hardening guide recommending that all integrators enable MAVLink 2.0 message signing for non-USB links, but the default-insecure design means every deployed system relying on factory settings is exposed.
The companion Anritsu advisory (ICSA-26-090-01) revealed an even more fundamental problem: the MS27100A through MS27103A Remote Spectrum Monitor series has no authentication mechanism whatsoever. CVE-2026-3356, scored at CVSS 9.8, allows anyone with network access to alter operational settings, obtain sensitive signal data, or disrupt device availability. These instruments are deployed across Communications, Defense Industrial Base, Emergency Services, and Transportation Systems sectors for RF spectrum monitoring and management. Anritsu has stated it has no plans to fix the issue, instead recommending users deploy the devices within secure network environments—a mitigation that assumes a level of network segmentation many operational environments lack.
On April 2, CISA released three advisories addressing energy and process control systems. The Siemens SICAM 8 advisory (ICSA-26-092-01) covers CVE-2026-27663 and CVE-2026-27664, both rated CVSS 7.5, affecting the CPCI85, RTUM85, and SICORE modules used in substation automation. An unauthenticated attacker can trigger resource exhaustion through high-volume requests or craft malicious XML to crash the service, disrupting remote parameterization of protection and control devices in electric substations. Siemens has released version 26.10 with fixes.
The Yokogawa CENTUM VP advisory (ICSA-26-092-02) disclosed CVE-2025-7741, a hard-coded password for the PROG user account used in CENTUM Authentication Mode. While exploitation requires local access to the Human Interface Station (HIS) and the default PROG permission level is low (equivalent to OFFUSER), the vulnerability affects CENTUM VP versions R5 through R7—one of the most widely deployed distributed control systems in chemical, petrochemical, and pharmaceutical manufacturing. Yokogawa recommends switching to Windows Authentication Mode for R5 and R6, or applying patch R7.01.10.
The most operationally urgent advisory this week addresses Hitachi Energy’s Ellipse enterprise asset management platform (ICSA-26-092-03). CVE-2025-10492, a Java deserialization vulnerability in the JasperReports library component, enables remote code execution against all Ellipse versions through 9.0.50. Ellipse is used by energy utilities worldwide to manage maintenance, operations, and supply chain workflows for power generation and distribution assets. CISA’s advisory notes limited targeted exploitation has been observed, making this a priority patching item for energy sector organizations.
Beyond ICS-specific advisories, two network infrastructure vulnerabilities drew emergency attention this week. On March 27, F5 reclassified CVE-2025-53521 in BIG-IP Access Policy Manager from a denial-of-service flaw (originally disclosed October 2025 with CVSS 8.7) to a pre-authentication remote code execution vulnerability with CVSS 9.3 after obtaining “new information” about active exploitation. Attackers are deploying web shells through the vulnerability, and CISA added it to the KEV catalog with a March 30 remediation deadline for federal agencies. The UK’s National Cyber Security Centre issued a parallel advisory urging immediate patching. BIG-IP appliances function as load balancers, application delivery controllers, and access policy gateways in enterprise and critical infrastructure networks, making compromise a pivotal foothold for lateral movement into operational environments.
On March 30, CISA added CVE-2026-3055 to the KEV catalog after Citrix NetScaler ADC and Gateway appliances configured as SAML identity providers were found under active exploitation. The out-of-bounds memory read vulnerability, scored at CVSS 9.3, leaks sensitive data in a pattern reminiscent of the 2023 CitrixBleed campaign. Exploitation has been observed since at least March 27.
Automotive CPS Security
The GlassWorm supply chain campaign emerged as the most significant automotive cybersecurity development this week. VicOne published analysis warning that the campaign—which injects malicious code into developer tools used to build connected vehicle software—poses a direct threat to the integrity of automotive software development environments. Koi Security researchers documented 72 malicious extensions across 151 GitHub repositories and multiple npm packages that had been compromised by late March 2026. The attack uses invisible Unicode characters that render as nothing in code editors but instruct computers to execute commands, concealing payloads in what appear to be legitimate development tools.
The campaign’s evolution is particularly alarming. Early GlassWorm versions relied on typosquatting—registering package names mimicking popular tools. By early 2026, it had matured to compromise legitimate, trusted extensions in the Open VSX registry, with four widely used extensions silently modified to deliver payloads and collectively downloaded more than 22,000 times. Open-source package registries, CI/CD pipelines, and integrated development environments are foundational to how modern vehicle software is built, validated, and deployed via over-the-air updates. A compromise at this level could propagate malicious code into production vehicle firmware.
Separately, the U.S. Commerce Department’s connected vehicle rule reached a key milestone on March 17 when the legacy software exemption date passed. Software designed or supplied after this date for vehicle connectivity systems (VCS) and automated driving systems (ADS) now falls under prohibitions targeting components from countries of concern, primarily China and Russia. Software prohibitions take full effect for model year 2027 vehicles, with hardware prohibitions following for model year 2030. The automotive industry continues to work through supply chain restructuring to meet these requirements.
Upstream Security’s 2026 Global Automotive Cybersecurity Report, which continued to draw industry attention this week, documented that ransomware now accounts for roughly 44% of publicly reported automotive and smart mobility cyber incidents—more than double its share from the previous year. Attacks are increasingly impacting drivers directly rather than only manufacturers, with documented cases of attackers exploiting connected vehicle systems or backend platforms to interfere with vehicle access or functionality and then demand payment.
Medical Device CPS Security
The FDA posted a Class II recall of GE HealthCare’s Centricity Universal Viewer (recall Z-1569-2026) on March 16, with awareness continuing through the reporting period. The cybersecurity vulnerability in versions 7.0 through 7.0 SP2.0.1 exposes user login credentials on local client workstations, potentially allowing unauthorized individuals to impact system availability or manipulate data on this medical image viewing platform used for mammograms and other diagnostic imaging. GE HealthCare identified the vulnerability during internal testing and initiated the recall on January 30, affecting over 2,000 units worldwide. The company reports no confirmed instances of unauthorized access to patient data, noting that direct physical access to the workstation is required for exploitation.
Texas became the latest state to elevate medical device cybersecurity requirements when the Health and Human Services Commission directed all healthcare facilities to review, understand, and mitigate risks of unauthorized remote access to protected health information, effective April 1, 2026. The directive requires all hospitals, acute care facilities, and long-term care facilities to review applicable FDA cybersecurity guidance, align operational policies accordingly, assess devices for cybersecurity risks, and coordinate with manufacturers and vendors to identify and mitigate vulnerabilities. The directive is part of a broader initiative by Governor Abbott to audit Chinese-manufactured medical devices in Texas healthcare facilities.
Stryker confirmed it has fully recovered from the March 11 cyberattack attributed to the Iran-linked Handala group and is once again fully operational across its manufacturing network. While the attack disrupted order processing, manufacturing, and shipments, the company maintained that no patient-related services or connected medical products were directly affected—a distinction that has become a reference point for the medical device cybersecurity community’s ongoing discussion about the boundaries between enterprise IT compromise and patient safety impact.
Water & Wastewater Sector
A ransomware attack on the City of Minot, North Dakota’s water treatment plant, publicly disclosed in late March and detailed through early April, highlighted the persistent vulnerability of municipal water infrastructure. Staff discovered a ransom note on a SCADA-connected server on the morning of March 14. The note stated that attackers had gained access and suggested the city “tighten up your firewalls,” but did not identify the perpetrators or specify a ransom amount. City officials immediately unplugged the affected server and switched to manual operations for approximately 16 hours, with staff conducting frequent on-location checks of water gauges to ensure safe operation. Water quality and delivery to the city’s approximately 50,000 residents were never affected.
The FBI confirmed it is investigating the incident and applauded the city’s rapid response. Minot officials never communicated with the attackers and did not pay any ransom. The city delayed public disclosure for roughly two weeks after the incident, a decision made by the city manager. The attack reinforces the pattern documented by the EPA, which has cited cybersecurity flaws in approximately 70% of inspected drinking water systems: small municipal utilities with limited IT staff, aging SCADA infrastructure, and minimal network segmentation remain acutely vulnerable to opportunistic ransomware.
In a notable research development, Forescout revealed that pro-Russian hacktivist group TwoNet was caught attacking a water treatment facility that turned out to be a honeypot. The group used default credentials to access the HMI of the Forescout-operated decoy facility, then falsely claimed credit for a real-world attack on Telegram—the first confirmed instance of hacktivists claiming fabricated attacks based on honeypot access. The incident illustrates both the low sophistication of many hacktivist groups targeting water infrastructure and the value of deception technology in understanding threat actor behavior.
Energy & Power Grid
The Hitachi Energy Ellipse advisory (ICSA-26-092-03) has the most direct operational implications for the energy sector this week. Ellipse is deployed by electric utilities, oil and gas companies, and other energy organizations worldwide to manage maintenance scheduling, work orders, asset tracking, and supply chain operations. A compromised Ellipse instance could allow attackers to manipulate maintenance records, alter work order priorities, or disrupt supply chain visibility—degrading the operational reliability of energy infrastructure without directly touching control systems.
The Siemens SICAM 8 advisory affects substation automation products used to monitor and control protection relays, circuit breakers, and bay controllers in electric substations. While the denial-of-service vulnerabilities (CVE-2026-27663 and CVE-2026-27664) cannot directly manipulate physical processes, disrupting the remote parameterization and monitoring capability of substation automation during a grid event could impair operators’ ability to respond effectively.
The utility sector’s ransomware exposure reached alarming levels in March 2026. According to BlackFog’s State of Ransomware tracking, utility sector attacks surged 630% from February (3 incidents) to March (22 incidents), spanning 16 countries with six attacks in the United States alone. DragonForce ransomware claimed responsibility for an attack on Fernheizwerk Neukolln GmbH, a district heating provider in Berlin, on April 2. While heating supplies were not disrupted, accounting and internal communications were impacted. The escalation in utility-sector targeting coincides with the broader geopolitical landscape, where more than 60 Iranian-aligned cyber groups and multiple Russian-affiliated hacktivists have been actively targeting energy infrastructure since late February.
Manufacturing & Industrial
March 2026 set a new ransomware record with 780–808 victims claimed by 65 ransomware groups, and manufacturing remained the most targeted sector for the third consecutive month with 76 confirmed victims. Manufacturing attacks jumped 36% from February to March, continuing the trend documented by Dragos, which reported a 49% year-over-year surge in ransomware groups targeting industrial organizations in its 2026 OT Cybersecurity Year in Review.
Qilin ransomware emerged as the most prolific group in March, claiming 131 victims—its highest single month ever and its third consecutive month above 100 claims. Notable manufacturing targets included LISI Group, a French aerospace and automotive component manufacturer, claimed by Qilin on March 1. The continued concentration of ransomware on manufacturing reflects the sector’s operational sensitivity: production downtime directly translates to revenue loss, creating strong incentive to pay ransoms quickly.
The Cisco Catalyst 9300 Series vulnerability chain disclosed on March 25 has relevance for manufacturing networks where these enterprise switches are deployed. Researchers from Opswat Unit 515 demonstrated that CVE-2026-20114 (command injection via the WebUI Lobby Ambassador account) can be chained with CVE-2026-20110 (insufficient sanitization enabling privilege escalation to maintenance mode) to achieve denial of service on network infrastructure commonly found in converged IT/OT environments.
On April 3, Cisco patched two additional critical vulnerabilities: CVE-2026-20093 (CVSS 9.8) in the Integrated Management Controller allowing unauthenticated password changes for any user including administrators on UCS servers, and CVE-2026-20160 (CVSS 9.8) in Smart Software Manager On-Prem enabling root-level command execution through an unintentionally exposed internal API. Both affect infrastructure commonly found in manufacturing data centers and edge computing deployments.
Threat Intelligence Highlights
The Iranian cyber campaign against critical infrastructure continued to dominate the threat landscape. Palo Alto’s Unit 42 updated its Iran Cyber Risk Escalation threat brief on March 26, tracking more than 60 active Iranian-aligned threat groups. CyberAv3ngers, the IRGC-linked group that previously targeted Unitronics PLCs in U.S. water utilities, resurfaced from a period of dormancy to claim access to multiple SCADA and PLC systems in Israel. The Handala group (attributed to Iran’s MOIS) continued operations from new infrastructure despite the FBI’s March domain seizures.
The CISA Emergency Directive ED-26-03 for Cisco SD-WAN systems reached its March 23 syslog submission deadline this week. The directive, issued in response to CVE-2026-20127 (CVSS 10.0)—a zero-day authentication bypass exploited since at least 2023 by a sophisticated threat actor designated UAT-8616 by Cisco Talos—required federal agencies to inventory all SD-WAN systems, apply patches, and submit telemetry data to CISA’s Cloud Logging Aggregation Warehouse program. The vulnerability’s exploitation chain—gaining administrative access via the authentication bypass and then downgrading firmware to exploit the older CVE-2022-20775 for root privileges—demonstrates the multi-step persistence strategies employed against network infrastructure in critical environments.
The unpatched GNU inetutils telnetd vulnerability (CVE-2026-32746, CVSS 9.8) continued to pose risks to ICS and OT environments through the reporting period, with a fix expected by April 1. The 32-year-old buffer overflow, discovered by watchTowr Labs, enables pre-authentication root-level code execution via port 23 and is particularly consequential for legacy industrial systems where Telnet remains in use due to slow modernization cycles. Censys data shows approximately 3,362 exposed hosts.
Defensive Recommendations
Energy sector organizations running Hitachi Energy Ellipse should prioritize applying security updates to address CVE-2025-10492, given confirmed active exploitation. Until patched, minimize network exposure of Ellipse servers and ensure they are isolated from internet-facing networks behind firewalls.
Organizations using F5 BIG-IP APM should immediately apply fixes for CVE-2025-53521 (versions 17.5.2, 17.1.3, 16.1.7, or 15.1.11) and conduct forensic review for web shell deployment. Citrix NetScaler ADC and Gateway operators with SAML IDP configurations should apply patches for CVE-2026-3055 and review logs for indicators of memory disclosure since March 27.
Siemens SICAM 8 operators should update CPCI85, RTUM85, and SICORE modules to version 26.10 or later. Yokogawa CENTUM VP operators using CENTUM Authentication Mode should migrate to Windows Authentication Mode (R5/R6) or apply patch R7.01.10 for R7 installations.
Drone and autonomous vehicle integrators using PX4 should enable MAVLink 2.0 message signing on all non-USB communication links immediately. Organizations operating Anritsu Remote Spectrum Monitors should ensure these devices are deployed within network segments inaccessible from untrusted networks, as no vendor fix will be forthcoming.
Water utilities should review the Minot incident as a case study in effective manual-operations fallback procedures while strengthening SCADA network segmentation and authentication. The FBI’s investigation of the Minot attack may yield indicators of compromise relevant to other small municipal utilities.
Automotive software development teams should audit their CI/CD pipelines and development environments for GlassWorm indicators, particularly examining Open VSX extensions and npm packages for unexpected modifications. VicOne’s analysis provides specific indicators for detection.
Cisco infrastructure operators should apply the April 3 patches for IMC (CVE-2026-20093) and SSM On-Prem (CVE-2026-20160), and verify compliance with ED-26-03 requirements for SD-WAN systems. Organizations with ICS/OT environments using Telnet should assess their exposure to CVE-2026-32746 and prioritize migration to SSH-based alternatives.