The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience
- Trump AI plan pushes critical infrastructure to use AI for cyber defense | CyberScoop
- New York unveils new cyber regulations, $2.5 million grant program for water systems | The Record
- DOE’s CyFERS summit unites 40 states to tackle energy sector cyber threats | Industrial Cyber
- Vulnerabilities Expose Helmholz Industrial Routers to Hacking | SecurityWeek
IT Vulnerability Security Updates
- CVE-2025-54309: CrushFTP Zero-Day Vulnerability Exploited In The Wild | Tenable
- Maximum severity Cisco ISE vulnerabilities exploited by attackers | Help Net Security
- Sonicwall fixes critical flaw in SMA appliances, urges customers to check for compromise (CVE-2025-40599) | Help Net Security
- Critical Vulnerabilities Patched in Sophos Firewall | SecurityWeek
- Hard-Coded Credentials Found in HPE Instant On Devices Allow Admin Access | The Hacker News
IT Malware, Threats & Risks
- Storm-2603 Exploits SharePoint Flaws to Deploy Warlock Ransomware on Unpatched Systems | The Hacker News
- Fake Zoom Call Lures for Zoom Workplace Credentials | Cofense
- Majority of CISOs Lack Full Visibility Over APIs | IT Security Guru
Ransomware
- What CVE-2025-53770 Teaches Us About Zero-Day Reality and Ransomware Routine | Binary Defense
- Unmasking the new Chaos RaaS group attacks | Cisco Talos
- Digital Firebreaks: Network Segmentation for Containment | Gate 15
- UK moves forward with plans for mandatory reporting of ransomware attacks | The Record
