The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience
Summary: On Tuesday, OT cybersecurity company Claroty released a report titled “State of CPS Security: OT Exposures 2025”. The report highlights the risks to operational technology (OT) systems within critical infrastructure are becoming increasingly hostile. The threat environment is complicated by Chinese adversaries integrating malicious tools into U.S.
Summary: CISA—in partnership with international and U.S. organizations—released guidance to help organizations protect their network edge devices and appliances, such as firewalls, routers, virtual private networks (VPN) gateways, Internet of Things (IoT) devices, internet-facing servers, and internet-facing operational technology (OT) systems.
Summary: The World Economic Forum (WEF) highlighted the growing challenge of securing software supply chains, emphasizing the rising need to safeguard against hidden dependencies. As businesses increasingly rely on third-party software suppliers and open-source solutions, they face significant hurdles in ensuring the security and integrity of their software ecosystems.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories:
Summary: President Trump last week issued a flurry of executive orders that upended a number of government initiatives focused on improving the nation’s cybersecurity posture. In one instance, the president fired all advisors from the Department of Homeland Security’s Cyber Safety Review Board (CSRB).
Summary: Cyber Threat Intelligence company SOCRadar recently shared their “Top 10 Exploited Vulnerabilities of 2024,” where they dive into ten of the most significant vulnerabilities exploited in 2024.
Summary: In 2024, two key trends defined the cybersecurity landscape: the resilience of cybercriminal networks despite law enforcement actions and the growing complexity of enterprise attack surfaces. In addition, state-sponsored threat actors, primarily linked to China and Russia, intensified their focus on critical infrastructure and leveraged generative AI to conduct influence operations to advance their geopolitical objectives. Recorded Future’s just-released threat report explores these trends and more.
Summary: Forescout Technologies recently released their 2024 Threat Report which looked back at 900 million attacks observed in the threat landscape of 2024, up 114 percent from last year’s 420 million attacks. The report includes key findings related to OT/ICS infrastructure and offers strategic recommendations for improved defense in 2025 in the recommended mitigation section.
Summary: Today, Broadcom released a security advisory for five vulnerabilities, the most severe being CVE-2025-22218 in VMWare Aria Operations, can result in an escalation of privileges to the admin user account via cross-site scripting.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
