Summary: Fortinet recently released its “2025 State of Operational Technology and Cybersecurity Report” which draws on data from a global survey of more than 550 OT professionals conducted by an independent research firm. The report highlights key areas where organizations need to bolster their defenses, especially as IT and OT environments become interconnected and exposed.
Summary: Due to several security research companies’ findings of active exploitation of a high-severity vulnerability in Citrix devices affecting NetScaler ADC and Gateway (CVE-2025-5777) dubbed CitrixBleed 2, members are encouraged to check for probing or compromise of these devices.
Summary: WaterISAC is sharing a cross-sector report co-authored by several leading Information Sharing and Analysis Centers (ISACs), including WaterISAC, that focuses on the continuing threat of North Korea IT workers on U.S. organizations. The report brings further awareness to what appears to be an enduring threat that many communities and sectors may not fully understand or appreciate the extent of.
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience
ICS Advisories:
On July 10, 2025, CISA Released Thirteen Industrial Control Systems Advisories for products used across multiple sectors, please check these latest advisories for specific equipment used across your ICS/SCADA environments and address accordingly:
June 26, 2025
Summary: WaterISAC’s federal partners have shared new information indicating that nation state threat actors who routinely target critical infrastructure are actively researching the below vulnerabilities in Fortinet products, which could allow them to conduct future attacks.
Summary: This week, CISA, in partnership with the National Security Agency (NSA), released a joint guide on reducing memory-related vulnerabilities in modern software development. The joint guide titled “Memory Safe Languages: Reducing Vulnerabilities in Modern Software Development,” identifies the main obstacles in adopting memory safe languages, provides practical solutions to address these challenges, and emphas
Summary: On June 17 and 25, 2025, Citrix published security advisories for critical vulnerabilities impacting Citrix NetScaler ADC and NetScaler Gateway. The New York State Intelligence Center’s (NYSIC) Cyber Analysis Unit (CAU) has indicated that these products are now experiencing active exploitation in the wild.
Analyst Note: These vulnerabilities involve critical flaws in Citrix products similar to the 2023 Citrix Bleed incident (CVE-2023-4966), which saw heavy exploitation by ransomware gangs and nation-states.
Summary: Open-source reporting has revealed that in April, unidentified threat actors compromised the systems of a Norwegian dam and opened its water valve to full capacity. The valve ran at full capacity for four hours before being detected.
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
