Stay informed on the latest threats and protection strategies for critical infrastructure in the realm of information security.
Search across headline titles and summaries.
Background for this topic.
Critical Infrastructure is the backbone of a nation's economy, security, and health. It encompasses the physical and virtual systems and assets that are so essential to a country that their incapacitation or destruction would have a debilitating effect on national security, economic operations, public health or safety, or any combination thereof. Examples include electricity generation plants, water purification systems, telecommunications networks, transportation hubs, and hospitals.
In the context of information security, critical infrastructure is a prime target for cyber threats. Protecting information and control systems, securing data, and ensuring the continuous operation of these services in the face of attacks, natural disasters, or other disruptions is paramount. Cybersecurity measures for critical infrastructure involve robust risk management processes, the implementation of cybersecurity frameworks, incident response planning, and the fostering of public-private partnerships to enhance the security and resilience of these essential services.
Weekly headline count for the current query.
Five Eyes Agencies Document 5-Step Chinese Job Platform Spy SchemeThe Five Eyes intelligence agencies issued a rare joint bulletin warning that Chinese military intelligence is using LinkedIn, Indeed, and Upwork to recruit government and military insiders. The operation targets clearance holders, military personnel, academics and journalists.
Healthcare Sector AI Expansion Raises Questions on Governance, Privacy and SafetyMayo Clinic and Microsoft are planning a new healthcare-specific frontier artificial intelligence model that aims to help clinicians make earlier diagnoses and deliver more personalized treatments to their patients. The clinic plans to make the new model available to patients and doctors.
CISA, the FBI, the NSA, the Department of Energy, and other US government partners are warning that hackers are targeting internet-exposed automatic tank gauge (ATG) systems used to monitor fuel and liquid storage tanks across various critical infrastructure sectors. [...]
Healthcare Coordinating Council Highlights AI Risks, Potential Medical MishapsHealthcare organizations face an array of difficult cybersecurity, privacy, patient safety, supply chain and operational resiliency issues as they roll out artificial intelligence tools. A new Health Sector Coordinating Council playbook aims to help by providing a voluntary governance framework.
Project Glasswing Expansion Reaches Power, Healthcare, Telecom and Water OperatorsAnthropic expanded Project Glasswing to 150 additional organizations across more than 15 countries, granting critical infrastructure operators, NATO and cybersecurity agencies controlled access to Claude Mythos Preview as the company seeks broader cyber defense coverage while limiting misuse risks.
Roughly 150 new organizations across critical infrastructure sectors will gain access to Claude Mythos Preview, Anthropic's most capable — and most restricted — AI model. The post Anthropic expanding access to Project Glasswing appeared first on CyberScoop.
Study: Monitoring Vendor Risk Remains Much Harder Than Onboarding Third PartiesHealthcare organizations are getting better vetting third-party vendors, including suppliers of medical devices, software and other products. But once these vendors are on board, healthcare firms still struggle with monitoring their security posture and ensuring they keep their promises.
June Meetings Could Shape Which Entities Must Report Cyber IncidentsThe Cybersecurity and Infrastructure Security Agency's June town halls will give critical infrastructure operators a final opportunity to influence how the agency defines covered entities, reportable incidents and compliance requirements before issuing long-awaited CIRCIA regulations.
GREYVIBE, a Russia-linked group active since 2025, targets Ukraine with AI-assisted malware and five attack chains. Researchers say it’s part spy op, part crime gang. Security firm WithSecure has been tracking a previously unknown Russian-linked APT group called GREYVIBE since at least August 2025. The group targets Ukraine and Ukrainian-related organizations across military, government, civilian, […]
Researchers say 'GREYVIBE' crew used AI tools throughout a campaign targeting Ukrainian military and government
The North Korean state-sponsored threat actor known as Kimsuky (aka Velvet Chollima) has been attributed to a fresh set of cyber attacks targeting South Korean military and corporate entities through March and April 2026
Attackers Attempted to Reroute Hospital Medicaid ReimbursementsA hack on a Connecticut Medicaid web portal involving compromised credentials of a healthcare provider has affected the payment account and other information for about 22,500 patients. The data theft is the latest breach involving a healthcare related web portal hack. Why does this keep happening?
Health-ISAC Warns About Weak Governance and Credential MisuseHumans make mistakes. They fall for phishing scams and click on malicious links. Machines aren't necessarily better: Delegating decisions to agentic artificial tools can significantly intensify cybersecurity risks, warns a healthcare association.
A recent congressional hearing highlighted how states are reeling from federal cutbacks to important cybergrants and information-sharing initiatives amid damaging attacks to critical infrastructure.
The Iranian state-sponsored threat actor known as Nimbus Manticore (aka Screening Serpens and UNC1549) has been attributed to a fresh campaign using lures impersonating organizations in the aviation and software sectors across the U.S., Europe, and the Middle East following the joint U.S.-Israeli military campaign against the country in late February 2026
The Oncology Institute disclosed a data breach tied to a third-party vendor, potentially exposing patient information after a 2025 cyberattack. The Oncology Institute has confirmed that patient information was impacted in a cybersecurity incident involving a third-party software provider. The healthcare network first disclosed the security breach in November 2025 while the vendor’s investigation was […]
Fragmented Governance and Scarce Resources Make America's Water Sector VulnerableAmerica's water utilities are the nation's most cyber-vulnerable critical service sector, but their cybersecurity is overseen and supported by an ill-fitting patchwork of government agencies and most lack the resources to meet the threat they face.
Ransomware and vendor breaches persist. The "2026 Data Breach Investigations Report" (DBIR) highlights how evolving social engineering tactics make the sector more vulnerable.
Recent Hacks Underscore Persistent and Growing Threats to Smaller OrganizationsSmall and mid-sized healthcare organizations - including medical specialty practices and regional clinics - continue to fall victim disproportionately to hacking incidents, including ransomware attacks and data thefts - affecting large populations of patients. Why does this keep happening?
Appeals Court Weighs Pentagon Authority Over Frontier AI ProvidersA majority of judges on a U.S. federal appeals court appeared disposed to allowing Defense Secretary Pete Hegseth to bar Anthropic from future military work for posing national security risk. Oral argument held Tuesday in the U.S. Court of Appeals for the D.C. Circuit was Anthropic's latest salvo.