Dragos technical lead malware analyst Jimmy Wylie said threat groups that had launched intrusions targeting critical infrastructure, such as water treatment facilities, are more concerning compared with the recently reported ZionSiphon malware targeting Israeli water facilities, reports CyberScoop.
Security Affairs reports that vulnerable end-of-life D-Link DIR-823X routers impacted by the command injection flaw, tracked as CVE-2025-29635, have been targeted by Mirai botnet intrusions since early March, or about a year after the security issue was initially disclosed.
Federal agencies racing to modernize under fiscal 2026 mandates are confronting a dangerous visibility chasm where the convergence of cloud, IT, and operational technology environments has outpaced the fragmented security architectures meant to defend them, according to Fortinet Federal architect Robert Imhof, FedScoop reports.
Nexcorium primarily targets video recording boxes for security cameras, particularly TBK DVR-4104 and DVR-4216 models, due to their inherent security weaknesses and infrequent updates.
ZionSiphon employs a combination of common cyberattack techniques, including privilege escalation, persistence mechanisms, and propagation via removable media, according to a report by Darktrace.
Nonprofit organization ioXt Alliance has been named by the Federal Communications Commission as the lead administrator for its Cyber Trust Mark Program, reports Cybersecurity Dive.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
