CyberAv3ngers Unitronics Default Password Targeting

The NCRIC shared a TLP:AMBER report regarding continued CyberAv3ngers activity targeting Unitronics PLC default passwords. On 16 December 2023, the compromise resulted in physical impacts to industrial control processes that led to flooding and road closures in California.