VulnHub

Real-time Cybersecurity News

Hacktivist attacks escalated in 2025, targeting critical infrastructure

SCM feed for Latest
Actively Exploited
Critical

Overview

In 2025, various hacktivist groups such as Z-Pentest, Dark Engine, and Sector 16 ramped up their attacks on critical infrastructure, specifically targeting industrial control systems (ICS), operational technology (OT), and Human Machine Interface (HMI) environments. These attacks pose significant risks as they can disrupt essential services that rely on these systems, including utilities and manufacturing processes. By focusing on ICS and OT, these groups are not just seeking to cause chaos but are also likely aiming to draw attention to specific political or social issues. This increase in activity highlights the vulnerabilities in these crucial sectors and raises concerns about the potential for more severe consequences if these systems are compromised. Companies and organizations that manage such infrastructure need to bolster their cybersecurity defenses to prevent potential disruptions.

Key Takeaways

  • Active Exploitation: This vulnerability is being actively exploited by attackers. Immediate action is recommended.
  • Affected Systems: Industrial Control Systems (ICS), Operational Technology (OT), Human Machine Interface (HMI)
  • Action Required: Companies should enhance their cybersecurity measures, conduct regular security audits, and implement robust incident response plans.
  • Timeline: Ongoing since 2025

Original Article Summary

Groups like Z-Pentest, Dark Engine, and Sector 16 increasingly targeted industrial control systems (ICS), operational technology (OT), and Human Machine Interface (HMI) environments.

Impact

Industrial Control Systems (ICS), Operational Technology (OT), Human Machine Interface (HMI)

Exploitation Status

This vulnerability is confirmed to be actively exploited by attackers in real-world attacks. Organizations should prioritize patching or implementing workarounds immediately.

Timeline

Ongoing since 2025

Remediation

Companies should enhance their cybersecurity measures, conduct regular security audits, and implement robust incident response plans.

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Topics: This incident relates to Critical.

Read Original Article

Related Coverage

Malicious Commands in GitHub Codespaces Enable RCE

Infosecurity Magazine

Recent security research has uncovered vulnerabilities in GitHub Codespaces that could allow attackers to execute malicious commands remotely. These flaws can be exploited through specially crafted repositories or pull requests, putting users and organizations that rely on this service at risk. If successfully exploited, attackers could gain unauthorized access to sensitive code or data, leading to potential data breaches or system compromises. This incident emphasizes the need for developers and companies using GitHub Codespaces to remain vigilant and implement necessary security measures to protect their environments. Users are urged to monitor for updates from GitHub regarding this issue.

Feb 5, 2026

Researchers Expose Network of 150 Cloned Law Firm Websites in AI-Powered Scam Campaign

SecurityWeek

Researchers have uncovered a sophisticated scam operation that uses artificial intelligence to clone more than 150 law firm websites. These cloned sites are designed to deceive potential clients into sharing personal information or making payments. The criminals are employing tactics like hiding behind Cloudflare to mask their identities and frequently changing their IP addresses to evade detection. This operation raises serious concerns for anyone seeking legal services online, as unsuspecting users could easily fall victim to these fraudulent sites. It highlights the growing use of AI in cybercrime and the need for increased vigilance from both consumers and cybersecurity professionals.

Feb 5, 2026

Smartphones Now Involved in Nearly Every Police Investigation

Infosecurity Magazine

According to data from Cellebrite, smartphones have become integral to almost every police investigation. This trend emphasizes the growing reliance on digital evidence in law enforcement, as officers increasingly turn to data from mobile devices to solve cases. The information gathered from these devices can include text messages, call logs, location data, and photos, all of which can provide critical insights into criminal activities. The findings suggest that as technology continues to evolve, police methods are also adapting, making digital forensics a key component in modern investigations. This shift raises important questions about privacy and data security, as the line between personal information and investigative needs becomes increasingly blurred.

Feb 5, 2026

Italy Averted Russian-Linked Cyberattacks Targeting Winter Olympics Websites, Foreign Minister Says

SecurityWeek

Italy's government has successfully thwarted a series of cyberattacks linked to Russian sources, aimed at its foreign ministry offices, including one located in Washington, D.C. These attacks were reportedly targeting websites associated with the upcoming Winter Olympics. The Italian Foreign Minister announced the prevention of these incidents, emphasizing the ongoing risks posed by cyber threats in international contexts. This situation underlines the vulnerabilities that governments face, particularly during significant global events like the Olympics. The foiled attacks serve as a reminder of the persistent cyber warfare tactics employed by nation-states.

Feb 5, 2026

Cyberspy Group Hacked Governments and Critical Infrastructure in 37 Countries

SecurityWeek

A recent report from Palo Alto Networks reveals that a cyberspy group has successfully targeted governments and critical infrastructure across 37 countries. While the specific origin of these attacks hasn't been confirmed, there are strong indications pointing to China as the likely source. The affected entities include various government agencies and critical infrastructure sectors, which raises significant concerns about national security and the potential for disruption in essential services. The scale of the operation suggests a sophisticated level of planning and execution, highlighting the ongoing risks that nation-states pose in the cyber realm. This incident serves as a reminder for organizations worldwide to bolster their cybersecurity defenses and remain vigilant against such threats.

Feb 5, 2026

Why boards should be obsessed with their most ‘boring’ systems

CyberScoop

Recent cyberattacks have prompted boards of directors to take a closer look at enterprise resource planning (ERP) systems, which are often overlooked but can be vulnerable to significant security threats. A notable example is the cyberattack on Jaguar Land Rover (JLR) in September 2025, which showcased the severe repercussions of such incidents. This attack not only disrupted operations but also highlighted the risks that come with failing to adequately secure these 'boring' systems. As organizations reassess their cybersecurity strategies, it's clear that even the most mundane systems can have catastrophic impacts if left unprotected. Companies are encouraged to prioritize the security of their ERP systems to prevent similar incidents in the future.

Feb 5, 2026