News Summary week 23, 2026

CISA’s June 4 advisory batch flagged hard-coded credentials in maritime navigation and a multi-sector OPC-UA denial-of-service, while Canada issued its first federal intelligence warning on connected vehicle data risks from Chinese EV manufacturers and Dragos named two new ICS threat groups pre-positioning for destructive attacks.
threat-intelligence
ICS
CPS
automotive
medical-devices
Published

June 6, 2026

Executive Summary

CISA published five new ICS advisories on June 4, with the highest-impact finding being a hard-coded credential flaw in the NAVTOR NavBox marine navigation system and a denial-of-service in the B&R PPT30 operating system’s OPC-UA server affecting six critical sectors. A Phoenix Contact PLCnext privilege escalation disclosed on June 2 allows an Engineer-role user to reach root on the controller, a serious risk in critical manufacturing and energy environments. Canada’s federal government issued its first formal intelligence warning on connected vehicle data security on June 1, naming Chinese EV manufacturers as a specific national security concern at the same moment Ottawa was negotiating a tariff reduction on those vehicles. On the threat intelligence front, Dragos named two previously undisclosed ICS threat groups – AZURITE, with links to Chinese state activity, and PYROXENE, already observed deploying destructive wipers – both assessed as pre-positioning for operations during geopolitical conflict.

This report focuses on Cyber-Physical Systems (CPS), Industrial Control Systems (ICS), and critical infrastructure security.

Week of May 29 – June 5, 2026

Critical Alerts & Advisories

CISA published five new ICS advisories on June 4 under the ICSA-26-155 series, along with two updates to prior Schneider Electric and Mitsubishi Electric advisories. The advisories were distributed across maritime navigation, energy, and industrial sectors, with hard-coded credentials again emerging as the dominant vulnerability class.

The NAVTOR NavBox marine navigation system (ICSA-26-155-01, CVE-2026-21404) carries use of hard-coded SOAP/WCF credentials in version 4.16.1.20. An attacker with local access can extract these credentials, gain access to privileged WCF service methods, and read or write files within application-defined paths – creating a pathway to disrupt navigation operations aboard the vessel. Norwegian firm NAVTOR had quietly released a fix in version 4.17.2.6 in April 2026, and connected devices received it via automatic update, but deployments without management connectivity remain unpatched. The advisory was reported by Cydome Security Ltd.

Two advisories covered Hitachi Energy products used in power systems engineering. The ITT600 SA Explorer (ICSA-26-155-02), a testing tool for IEC 61850 substation automation systems, is affected by CVE-2024-8176 and CVE-2025-59375 in the underlying libexpat XML parsing library. A crafted IEC 61850 message can trigger a stack overflow and denial-of-service condition in versions through 2.1_SP6, though importantly the flaw resides in the testing tool rather than in live substation endpoints. The MACH HiDraw power system drawing tool (ICSA-26-155-05, CVE-2026-7310, CVSS 5.5) contains a heap-based buffer overflow in version 9.22 and prior: an authenticated local user with Engineer-role credentials can open a specially crafted XML file to trigger memory corruption, potentially leading to arbitrary code execution or denial-of-service. Hitachi Energy released version 9.23 as the fix, and CISA republished the vendor’s original May 26 advisory.

The most broadly scoped advisory of the batch was B&R PPT30 Operating System (ICSA-26-155-03, CVE-2025-11482, CVSS 7.5). The OPC-UA server in PPT30 OS versions before 1.8.0 can be permanently locked by an unauthenticated, network-based attacker sending malformed messages, locking out all legitimate users from the OPC-UA interface. B&R notes the OPC-UA server is disabled by default, but operators who have enabled it – a common configuration in smart manufacturing environments – should treat upgrading to 1.8.0 as urgent. CISA lists six affected sectors: Commercial Facilities, Critical Manufacturing, Energy, Transportation Systems, and Water and Wastewater.

Separately, Phoenix Contact disclosed a privilege escalation flaw in its PLCnext AXC F 3152 and multiple other PLCnext controllers on June 2 (CVE-2025-41669, CVSS 8.8). A low-privileged Engineer-role account can exploit the web interface’s application installation functionality to escalate to root, because the device does not validate digital signatures on installed applications. From root, an attacker can modify system behavior, deactivate OT protocols including EtherNet/IP, OPC UA, and PROFINET, weaken authentication and firewall settings, and move laterally through connected OT networks. Phoenix Contact recommends updating to the latest firmware and restricting device access to trusted users backed by network segmentation.

CISA also added two entries to its Known Exploited Vulnerabilities catalog on June 2. CVE-2022-0492, a Linux kernel cgroups privilege escalation enabling container escape, is relevant to any OT operator running containerized industrial applications; federal agencies were given a June 5 remediation deadline. CVE-2025-48595, an Android Framework integer overflow affecting Android 14 through 16, carries a CVSS of 8.4 and has seen limited targeted exploitation in the wild.

Automotive CPS Security

The most consequential automotive CPS development of the week came from Ottawa rather than a vulnerability database. A Public Safety Canada intelligence memorandum – disclosed publicly on June 1 – formally warned that telemetry data from advanced connected vehicles, including electric vehicles, “can have intelligence value to adversaries.” The document specifically identifies Chinese EV manufacturers as a concern, noting that China’s national security laws can compel manufacturers and their supply chains to hand data to the state. Identified risks span pattern-of-life tracking, surveillance near sensitive government sites, and AI-assisted exploitation of collected behavioral data. The warning was published in the same week that Canada finalized a trade arrangement lowering tariffs on Chinese EVs from 100% to 6.1% – a policy tension that the security establishment made no effort to conceal. The Canadian Centre for Cyber Security is reviewing the issue.

The legislative response to connected vehicle security is advancing in Washington as well. Senate Bill 4429, the Connected Vehicle Security Act of 2026, explicitly addresses foreign adversary access to Vehicle Connectivity Systems and Automated Driving Systems, building on the U.S. Commerce Department rule that took effect in March 2025 banning PRC and Russian-nexus hardware and software in the connected vehicle supply chain. The bill signals that congressional appetite for regulatory intervention in automotive cybersecurity has grown substantially.

VicOne’s Q1 2026 Automotive and Mobility Cybersecurity Report, released this week, quantified the EV charging exposure trend with stark numbers. EV charging infrastructure incidents more than tripled from Q4 2025 to Q1 2026 – rising from 7 to 26 incidents – driven in part by high-severity vulnerabilities in an open-source EV charging platform with denial-of-service and session handling weaknesses. Total automotive and mobility cybersecurity incidents in Q1 reached 405, up from 378 the prior quarter, with 265 unique automotive-specific vulnerabilities catalogued including 16 rated critical. Activity was concentrated in Europe, and AI systems in vehicles emerged as a new attack surface category.

The 90-day patch window from Pwn2Own Automotive 2026 in January is now closing for a portion of the 76 zero-days disclosed at the competition. Vendors including Autel, Phoenix Contact, ChargePoint, Grizzl-E, Alpitronic, and EMPORIA – all of whose EV chargers were fully compromised during the event – were obligated to release patches by the end of April or early May. Organizations operating chargers from these vendors that have not confirmed patch application should treat the Pwn2Own disclosure timeline as a concrete deadline signal, since proof-of-concept details become publicly available once the window closes.

Medical Device CPS Security

A significant unpatched vulnerability in the Grassroots DICOM open-source medical imaging library affects the entire clinical imaging infrastructure stack. CISA advisory ICSMA-26-083-01 (CVE-2026-3650) documents a missing memory-release condition in GDCM version 3.2.2 triggered when the library parses malformed DICOM files containing non-standard Value Representation types. The result is heap exhaustion and denial-of-service, remotely exploitable without authentication. Because GDCM is embedded in PACS servers, DICOM viewers, and diagnostic workstations across virtually every hospital imaging environment, a single crafted file delivered through normal DICOM routing – from a modality, a referring physician’s office, or a teleradiology service – can freeze the imaging workflow of an entire facility. The GDCM maintainer has not responded to CISA’s coordinated disclosure requests and no patch is available, leaving isolation and anomalous DICOM filtering as the only practical mitigations.

The ongoing fallout from the March 2026 Handala cyberattack on Stryker continued to shape the week’s medical device security conversation. Iran-linked hacktivist group Handala – attributed to Iran’s Ministry of Intelligence and Security by the U.S. Department of Justice on March 20 – compromised Stryker’s Microsoft Intune MDM console and issued remote wipe commands to more than 200,000 corporate devices across 79 countries. Manufacturing stopped and operational disruptions lasted three weeks, with material impact on Q1 2026 earnings. Security analysts have characterized the attack as the most sophisticated destructive cyberattack on a U.S. healthcare company to date, and Stryker’s board-level response – including a public commitment to restructuring its endpoint security architecture – has elevated medical device manufacturer cybersecurity to a standard item in investor relations discussions. The episode provides a concrete case study for interpreting the FDA’s February 2026 updated premarket cybersecurity guidance, which now requires machine-readable SBOMs and a Security Risk Management Report from device manufacturers seeking clearance.

Water & Wastewater Sector

A detailed Dragos analysis disclosed during the week of May 13 and widely circulated through the end of May documented the first confirmed case of AI-assisted targeting of OT infrastructure in the water sector. An unknown threat actor used large language models, including Claude and GPT-family models, during an intrusion against a municipal water and drainage utility serving the Monterrey metropolitan area of Mexico. The actor exfiltrated data from the utility’s enterprise IT network and then attempted to pivot to OT infrastructure – using the AI systems to map network topology, identify a vNode gateway with single-password authentication, generate credential wordlists, and orchestrate automated password spray attacks. The OT pivot attempt was ultimately unsuccessful. No attribution was established. The case illustrates how AI tools lower the analytical barrier for threat actors probing novel OT environments where they lack in-house expertise: rather than understanding the ICS architecture independently, the attacker appears to have queried AI systems to interpret network artifacts and identify actionable attack paths.

CISA’s CI Fortify initiative, announced in early May, moved into its active assessment phase during this period. The agency confirmed it is conducting targeted readiness assessments with priority critical infrastructure operators in the water and wastewater sector, evaluating whether organizations have documented manual fallback procedures and can isolate OT from third-party network dependencies on short notice. Water utilities that have not yet begun this planning should note that CISA’s posture – directing operators to rehearse for cyber-induced outages as a near-term planning reality rather than a theoretical scenario – reflects a significant shift in the agency’s public risk communication.

Energy & Power Grid

The AFCEA TechNet Cyber conference in Baltimore (June 2–4) produced some of the most direct public warnings on critical infrastructure risk heard from U.S. officials this year. One military official stated plainly: “I actually think we are close to critical here and that it is only a matter of time before we have, in my opinion, an attack that is going to really do harm to our quality of life.” The conference brought together military, civilian, and private sector leaders to discuss the convergence of nation-state pre-positioning, OT exposure, and reduced federal response capacity – a combination that participants characterized as unprecedented.

The continued relevance of the Sandworm DynoWiper attack on Polish energy infrastructure from late December 2025 was reinforced by new technical analysis this week. ESET’s detailed forensic review – timed to the tenth anniversary of Sandworm’s 2015 Ukraine grid attack – documented the group’s use of DynoWiper malware against two combined heat-and-power plants and a renewable energy management system across thirty coordinated targets. Polish authorities confirmed the attack was thwarted and no blackout occurred, but assessed that a successful outcome could have cut power to 500,000 people. The broader significance of the analysis is methodological: Sandworm is shifting from IT-level breaches toward direct OT targeting, using pre-compromised OT environments as escalation platforms rather than expending novel zero-days.

Itron, which provides energy and water management systems to more than 8,000 utilities serving 110 million homes and businesses across 100 countries, disclosed in April that it had detected unauthorized access to internal IT systems. The investigation is ongoing and the company has stated no OT or customer-facing systems were affected, but the breach highlights how utility technology vendors represent a concentrated supply-chain risk: a single Itron compromise, if it reached firmware update infrastructure, would have a blast radius orders of magnitude larger than any individual utility breach.

The Department of Energy announced $160 million in funding allocated to secure energy systems during the week, recognizing that grid modernization and cybersecurity hardening must advance in parallel as utilities accelerate smart grid deployments. The funding is directed at both defensive technology and workforce development for OT security roles.

Manufacturing & Industrial

Dragos named two previously undisclosed ICS threat groups in its 2026 OT/ICS Year in Review, released in late May and analyzed extensively through this week. AZURITE is a newly tracked group with technical overlaps to Flax Typhoon, a Chinese state-sponsored actor. AZURITE targets OT engineering workstations across manufacturing, defense, automotive, energy, and oil and gas sectors in the United States, Australia, Europe, and Asia-Pacific. The group exfiltrates alarm data, configuration files, engineering project files, and process information – a collection profile consistent with building detailed knowledge of target facilities in advance of potential operational disruption. Dragos assesses with high likelihood that AZURITE is pre-positioning for offensive operations timed to geopolitical conflict.

PYROXENE is the second newly named group, distinguished by having already deployed destructive wiper malware against critical infrastructure in regional conflict contexts. PYROXENE targets manufacturing, transportation, logistics, aerospace, aviation, and utilities in the United States, Europe, and the Middle East. Dragos assesses with moderate confidence that PYROXENE is positioning for ICS-impacting operations through supply chain and IT-OT network dependencies. Unlike AZURITE’s espionage orientation, PYROXENE’s track record of deploying wipers places it in the most operationally dangerous category of OT threat actor.

Manufacturing remained the most cyberattacked sector globally for the fourth consecutive year. In Q1 2026, it accounted for 62% of all industrial ransomware victims – 633 incidents spanning industrial equipment, food and beverage, electronics, metals, and automotive subsectors. Ransomware incidents against industrial organizations surged 49% year-over-year, driven by groups including Qilin (198 incidents in Q1 alone) and Akira.

Threat Intelligence Highlights

The MuddyWater false-flag operation disclosed in late May represents one of the more sophisticated social engineering chains seen against industrial targets this year. The Iranian state-sponsored group conducted intrusions that began with Microsoft Teams-based screen-sharing sessions, using them to harvest credentials and manipulate multi-factor authentication before deploying Chaos ransomware as a decoy while prioritizing data exfiltration and persistent access over any financial objective. Attribution to MuddyWater was established through a code-signing certificate linked to the name “Donald Gay,” previously used in MuddyWater malware families including CastleLoader and Fakeset. The ransomware component was characterized by researchers as a misdirection tactic rather than a revenue-generating operation, intended to frame the intrusion as a financially motivated attack rather than state espionage.

Volt Typhoon, the Chinese state-linked APT group that gained significant attention in 2024 for pre-positioning in U.S. utility networks, has not departed. Researchers at Dragos and CybelAngel confirmed this week that the group remains active across communications, energy, transportation, and water sector targets. NSA and CYBERCOM Director General Timothy Haugh testified to Congress that Volt Typhoon’s activity represents explicit pre-positioning for “disruption or destruction” in a Taiwan conflict scenario. The group’s use of living-off-the-land techniques – which avoid deploying novel malware in favor of abusing legitimate system tools – makes its presence exceptionally difficult to detect and means that the true scope of embedded access may not be known.

The U.S. government’s $10 million reward for information on the individuals behind the IOCONTROL ICS malware campaign, announced earlier this spring, reflects the government’s assessment of CyberAv3ngers as an escalating threat that has moved well beyond default credential exploitation into purpose-built ICS malware capable of targeting Siemens, Motorola, Honeywell, D-Link, and TELTONIKA devices across water, energy, and government infrastructure.

Defensive Recommendations

Operators with NAVTOR NavBox deployments should verify that auto-update connectivity is intact and that version 4.17.2.6 or later is installed; vessels without persistent internet connectivity will not have received the automatic update and require manual patching during port calls. Any installation of B&R PPT30 OS with OPC-UA enabled must be upgraded to version 1.8.0 immediately, as the lockout vulnerability is remotely exploitable without authentication and the OPC-UA protocol is widely exposed on flat OT network segments.

Phoenix Contact PLCnext operators should audit which accounts have Engineer-level access to controller web interfaces and reduce that population to the minimum necessary. Until CVE-2025-41669 is patched via firmware update, network segmentation preventing untrusted hosts from reaching the web management interface is the highest-priority compensating control. For Hitachi Energy MACH HiDraw, the risk is constrained to authenticated local users with Engineer credentials, but power engineering environments where multiple contractor accounts share access to HiDraw workstations should treat upgrade to version 9.23 as a priority.

Healthcare organizations running Grassroots DICOM must treat this as an urgent remediation item with no vendor patch path available. Practical mitigations include implementing DICOM gateway filtering to validate VR types before passing files to GDCM-based applications, segmenting PACS servers so they cannot be reached directly from external DICOM endpoints, and monitoring for unexpected memory exhaustion on imaging servers. Relying on the vendor to release a patch is not currently a viable strategy.

Fleet and procurement teams evaluating Chinese-manufactured EVs should read Public Safety Canada’s June 1 intelligence warning as a signal to conduct formal data flow analysis before deploying connected vehicles in proximity to sensitive facilities or personnel. Understanding what telemetry channels exist, where data is stored, and whether export controls apply to that data is now a security diligence step, not merely a compliance footnote. Organizations following the Pwn2Own Automotive 2026 patch cycle should confirm with their EV charger vendors – particularly Autel, Alpitronic, Phoenix Contact, ChargePoint, and Grizzl-E – that the specific vulnerabilities demonstrated in January have been patched and deployed; the 90-day window has closed for the initial disclosures.

Sources Referenced

CISA Advisories (June 4, 2026 – ICSA-26-155 series)

  • ICSA-26-155-01 NAVTOR NavBox: https://www.cisa.gov/news-events/ics-advisories/icsa-26-155-01
  • ICSA-26-155-02 Hitachi Energy ITT600 Explorer: https://www.cisa.gov/news-events/ics-advisories/icsa-26-155-02
  • ICSA-26-155-03 B&R PPT30 OS: https://www.cisa.gov/news-events/ics-advisories/icsa-26-155-03
  • ICSA-26-155-05 Hitachi Energy MACH HiDraw: https://www.cisa.gov/news-events/ics-advisories/icsa-26-155-05
  • ICSMA-26-083-01 Grassroots DICOM: https://www.cisa.gov/news-events/ics-medical-advisories/icsma-26-083-01
  • CISA KEV additions June 2, 2026: https://www.cisa.gov/news-events/alerts/2026/06/02/cisa-adds-two-known-exploited-vulnerabilities-catalog
  • CISA CI Fortify initiative: https://www.cisa.gov/topics/industrial-control-systems/ci-fortify

Vulnerability Research

  • Phoenix Contact PLCnext CVE-2025-41669: https://industrialcyber.co/vulnerabilities/privilege-escalation-flaws-in-phoenix-contact-plcnext-controllers-could-enable-attackers-to-gain-root-access/
  • Grassroots DICOM CVE-2026-3650 analysis: https://securityarsenal.com/blog/how-to-defend-against-cve-2026-3650-grassroots-dicom-memory-leak-vulnerability
  • ICSA-26-155-01 detail (Assurant): https://www.assurantcyber.com/blog/icsa-26-155-01/
  • ICSA-26-155-05 detail (Assurant): https://www.assurantcyber.com/blog/icsa-26-155-05/

Automotive CPS

  • Canada connected vehicle intelligence warning: https://www.nationalobserver.com/2026/06/01/news/connected-vehicle-data-can-have-intelligence-value-adversaries-warns-federal
  • BNN Bloomberg – Canada EV data security: https://www.bnnbloomberg.ca/business/politics/2026/06/01/connected-vehicle-data-can-have-intelligence-value-to-adversaries-federal-document/
  • Connected Vehicle Security Act S.4429: https://www.congress.gov/bill/119th-congress/senate-bill/4429/text
  • VicOne Q1 2026 Automotive Cybersecurity Report: https://vicone.com/blog/vicone-situational-awareness-report-cybersecurity-in-the-automotive-transportation-and-logistics-sectors-in-q1-2026
  • Pwn2Own Automotive 2026 results: https://www.bleepingcomputer.com/news/security/hackers-get-1-047-000-for-76-zero-days-at-pwn2own-automotive-2026/

Medical Device & Healthcare

  • Stryker / Handala attack: https://www.healthcareitnews.com/news/iran-linked-medical-device-cyberattack-contained-says-stryker
  • Stryker boardroom impact: https://www.todaysmedicaldevelopments.com/article/stryker-breach-makes-medical-device-cybersecurity-boardroom-issue/
  • RunSafe 2026 Medical Device Cybersecurity Index: https://www.businesswire.com/news/home/20260429787733/en/RunSafe-Security-Releases-2026-Medical-Device-Cybersecurity-Index

Water & Wastewater

  • Dragos AI-assisted OT attack, Mexican water utility: https://industrialcyber.co/reports/dragos-details-ai-assisted-intrusion-targeting-mexican-water-utility-as-claude-openai-models-used-to-pursue-ot-access/
  • SecurityWeek AI-assisted water attack: https://www.securityweek.com/claude-ai-guided-hackers-toward-ot-assets-during-water-utility-intrusion/
  • Federal News Network – CISA CI Fortify: https://federalnewsnetwork.com/cybersecurity/2026/05/cisa-tells-critical-organizations-to-prepare-for-cyber-outages/

Energy & Power Grid

  • AFCEA TechNet Cyber – infrastructure risk warnings: https://www.afcea.org/signal-media/cyber-edge/adversaries-could-really-harm-us-infrastructure-experts-warn
  • ESET – Sandworm DynoWiper Poland analysis: https://www.welivesecurity.com/en/eset-research/eset-research-sandworm-cyberattack-poland-power-grid-late-2025/
  • Nozomi Networks – Sandworm OT escalation methodology: https://www.nozominetworks.com/blog/sandworm-activity-in-industrial-environments-what-the-data-reveals
  • Itron breach: https://www.securityweek.com/energy-and-water-management-firm-itron-hacked/
  • DOE $160M energy cybersecurity funding: https://industrialcyber.co/utilities-energy-power-water-waste/doe-allocates-160-million-to-secure-energy-systems-as-cyber-threats-converge-with-grid-modernization/

Manufacturing & Industrial / Threat Intelligence

  • Dragos 2026 OT/ICS Year in Review: https://www.dragos.com/ot-cybersecurity-year-in-review
  • Dragos – AZURITE and PYROXENE threat groups: https://industrialcyber.co/reports/dragos-tracks-three-new-ot-threat-groups-as-industrial-adversaries-move-toward-real-world-disruption/
  • MuddyWater false-flag ransomware: https://thehackernews.com/2026/05/muddywater-uses-microsoft-teams-to.html
  • Volt Typhoon still active: https://therecord.media/researchers-warn-volt-typhoon-still-active-critical-infrastructure
  • CyberAv3ngers / $10M reward: https://industrialcyber.co/industrial-cyber-attacks/us-offers-10-million-for-intel-on-iran-linked-hacker-in-ics-malware-campaign-against-critical-infrastructure/
  • Industrial ransomware Q1 2026: https://www.cybrsecmedia.com/industrial-ransomware-held-steady-in-q1-2026-thats-the-problem/
  • Waterfall 2026 Threat Report: https://industrialcyber.co/reports/waterfall-threat-report-2026-finds-ransomware-slowdown-masks-deeper-shift-toward-nation-state-attacks-on-critical-infrastructure/
  • Patrick Coyle – June 4 advisory roundup: https://patrickcoyle.substack.com/p/5-advisories-and-2-updates-published-b03