SENTINEL INTELLIGENCE PROTOCOL · TLP:WHITE · AUTHORIZED DISTRIBUTION ONLY

BREAKING

CRITICAL · CVE-2025-7731 actively exploited in Fortinet FortiGate — CISA Emergency Directive 25-04 issued — patch immediately◆APT28 attributed to coordinated attacks on European energy grid infrastructure — NATO cyber alliance emergency session convened◆New Windows CLFS kernel zero-day exploited in targeted campaigns against defense contractors — patch in KB5040528◆FBI: $4.73B lost to cybercrime in FY2024 — ransomware primary vector for critical infrastructure attacks for third consecutive year◆Joint FBI-Europol operation dismantles 403,000-node HYDRUS botnet across 47 countries — three arrests confirmed◆Cloudflare reports 412% surge in DDoS amplification attacks targeting financial services sector Q1 2025◆Salt Typhoon remains active in U.S. telecommunications networks — Senate Intelligence Committee briefed on scope◆CRITICAL · CVE-2025-7731 actively exploited in Fortinet FortiGate — CISA Emergency Directive 25-04 issued — patch immediately◆APT28 attributed to coordinated attacks on European energy grid infrastructure — NATO cyber alliance emergency session convened◆New Windows CLFS kernel zero-day exploited in targeted campaigns against defense contractors — patch in KB5040528◆FBI: $4.73B lost to cybercrime in FY2024 — ransomware primary vector for critical infrastructure attacks for third consecutive year◆Joint FBI-Europol operation dismantles 403,000-node HYDRUS botnet across 47 countries — three arrests confirmed◆Cloudflare reports 412% surge in DDoS amplification attacks targeting financial services sector Q1 2025◆Salt Typhoon remains active in U.S. telecommunications networks — Senate Intelligence Committee briefed on scope◆

HOME/CRITICAL INFRASTRUCTURE

INTELLIGENCE CATEGORY

Critical Infrastructure

3 BRIEFS INDEXED

CRITICAL INFRASTRUCTURECRITICAL

Zero-Day in Siemens SCADA Software Actively Exploited Across 340 North American Grid Operators

A previously undisclosed vulnerability in Siemens WinCC OA SCADA software has been confirmed under active exploitation by a threat actor assessed with high confidence as a nation-state affiliate targeting energy grid control infrastructure.

Marcus Reinholt·2025-06-10

ANALYSISANALYSIS

The Widening Gap: Critical Infrastructure Cyber Defense in an Era of Persistent Nation-State Threats

A comprehensive analysis of the structural vulnerabilities that continue to expose water, energy, and transportation systems to adversarial exploitation—and the policy, technology, and organizational reforms required to close the gap.

Dr. Priya Venkataraman·2025-06-02

CRITICAL INFRASTRUCTUREHIGH

Ransomware Group Claims Breach of Major US Water Utility Affecting 2.1 Million Customers

A prolific ransomware affiliate has claimed responsibility for a breach at a Midwest water utility, publishing a sample of operational technology documentation as proof of access in an apparent extortion attempt.

Cassidy Nguyen·2025-06-01