IoT security

US agencies warn of Iranian-linked attacks on internet-facing PLCs

Cybercrime, News, Research, Risk

April 8, 2026

US agencies warned that Iran-linked hackers are targeting internet-facing PLCs in critical infrastructure, including water and energy systems, and have caused display manipulation, device disruption and financial loss in some cases.
NCSC alert warns pro-Russian DDoS groups targeting UK local government and operational technology

Cybercrime, News, Risk

January 22, 2026

On January 21, 2026 the UK’s National Cyber Security Centre issued an alert warning that pro-Russian DDoS attacks are targeting British organisations, especially local government and operational technology, and advised steps to harden defences.
Foreign intruders accessed Kansas City weapons plant IT via SharePoint flaws, source says

Cloud, Cybercrime, News, Risk, Vulnerabilities

October 20, 2025

A source familiar with an August response says a foreign actor exploited unpatched Microsoft SharePoint flaws to access the Kansas City National Security Campus IT network. Investigations are ongoing, attribution is disputed between Chinese-linked groups and possible Russian actors, and experts warn the incident highlights gaps between IT and operational technology security.
Trend Micro: RondoDox botnet campaign expands to exploit more than 50 flaws across 30 vendors

Cybercrime, News, Research, Risk, Vulnerabilities

October 14, 2025

Trend Micro said RondoDox campaigns have widened to exploit more than 50 vulnerabilities across over 30 vendors, using a loader-as-a-service model that bundles RondoDox with Mirai and Morte, and researchers linked the activity to large-scale botnet operations and coordinated RDP attacks.
Researchers Say YoLink Smart Hub Vulnerabilities Could Let Attackers Control Locks

News, Research, Risk, Vendors, Vulnerabilities

October 3, 2025

Researchers at Bishop Fox have disclosed multiple vulnerabilities in the YoLink Smart Hub v0382 that can bypass authorization, expose credentials over unencrypted MQTT, and allow attackers to control devices including smart locks; the manufacturer has not yet issued a patch.
Serious eSIM Vulnerability Exposed in Kigen’s Technology Poses Major Risks to Users

Cybercrime, News, Vulnerabilities

July 14, 2025

Cybersecurity researchers have uncovered a concerning vulnerability in Kigen’s eSIM technology that may expose users to significant security risks, as noted by Security Explorations, which was awarded a $30,000 bounty for its findings.
Security Researchers Expose 40,000 Unprotected IoT Cameras, Raising Espionage Concerns

Cybercrime, News, Privacy

June 11, 2025

Researchers from Bitsight have exposed serious vulnerabilities in the security of around 40,000 internet-connected cameras globally, raising concerns over espionage and privacy for sensitive locations across the United States.
FBI Issues Warning as BADBOX 2.0 Malware Infects Over 1 Million Devices

Cybercrime, News, Vulnerabilities

June 7, 2025

The FBI has warned that the BADBOX 2.0 malware has infected over one million consumer devices, transforming them into tools for cybercriminals. The widespread malware affects various Android IoT gadgets, posing significant threats to home network security.