Summary: WaterISAC has been made aware of water industry-related websites that have been infected with SocGholish malware. Certain links on these websites have been observed re-directing users to fake browser update webpages. This is done to trick the user into downloading a payload which ultimately infects the system with SocGholish malware.
Summary: On March 3, 2025, Broadcom patched three actively exploited vulnerabilities, all of which threat actors are actively exploiting, affecting VMware ESXi, Workstation, and Fusion products that could lead to code execution and information disclosure. These vulnerabilities affect VMware ESXi versions 7.0 and 8.0, VMware Workstation 17.x, and VMware Fusion 13.x.
Summary: The Idaho National Laboratory (INL) and the state of Florida are working together on an innovative cybersecurity project focused on safeguarding Florida’s water infrastructure from cyber threats. The Florida Institute for Cybersecurity Research at the University of Florida (UF) will lend support and expertise to the program.
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience & OT/ICS Vulnerability Management
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories:
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience & OT/ICS Vulnerability Management
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories:
Summary: Yesterday, CISA—in partnership with the FBI and Multi-State Information Sharing and Analysis Center (MS-ISAC)—released a joint Cybersecurity Advisory, #StopRansomware: Ghost (Cring) Ransomware.
Summary: CISA and the FBI have released a Secure by Design Alert, Eliminating Buffer Overflow Vulnerabilities, as part of their cooperative Secure by Design Alert series—an ongoing series aimed at advancing industry-wide best practices to eliminate
Summary: Threat actors are actively exploiting multiple vulnerabilities in Palo Alto Networks (PAN) firewalls, particularly CVE-2025-0108, which CISA added to its Known Exploited Vulnerabilities (KEV) catalog on Tuesday.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
