CPS Threat Intelligence – jonas.colmsjo.com

News Summary week 05, 2026

Week 05 saw ESET and Dragos attribute the DynoWiper attack on Poland’s power grid to Russia’s Sandworm group, CISA issued seven ICS advisories affecting Rockwell, Johnson Controls, and Schneider Electric, and NERC released a landmark CIP Roadmap highlighting growing risks to low-impact grid assets.

News Summary week 04, 2026

Week 04 dominated by Pwn2Own Automotive 2026 with 76 zero-days in Tesla, EV chargers, and IVI systems; plus 8 new CISA ICS advisories affecting Schneider Electric, Rockwell, and Delta Electronics.

News Summary week 03, 2026

Week 03 features critical AVEVA Process Optimization RCE vulnerabilities, Siemens Industrial Edge authentication bypass, Rockwell GuardLink DoS flaws, and Pwn2Own Automotive 2026 discoveries in Tokyo.

News Summary week 02, 2026

Week 02 highlights include CISA advisories for weather monitoring systems, critical Bluetooth vulnerability in WHILL wheelchairs (CVSS 9.8), and pro-Russia hacktivists targeting OT infrastructure.

News Summary week 51, 2025

Week 51 features CISA advisory on pro-Russia hacktivists targeting water/energy sectors, critical ICS vulnerabilities in Siemens/Rockwell/Advantech products, and automotive zero-days in aftermarket devices.

News Summary week 48, 2025

Week 48 saw CISA release 5 critical ICS advisories including CVSS 9.3 vulnerability in Emerson UPS monitoring (end-of-life, no patch), plus building automation and industrial edge controller flaws.

News Summary week 47, 2025

Week 47 highlights first large-scale autonomous AI cyberattack disclosed by Anthropic, Scattered Spider teens charged for TfL breach, and critical analysis of AI-powered attack automation.