critical infrastructure

India’s digital backbone is far more entangled with US‑headquartered software, cloud and platform providers than most policymakers acknowledge — and that entanglement now reads as a strategic vulnerability that must be addressed if New Delhi wants meaningful digital sovereignty by 2030...

India’s digital backbone is more dependent on US-controlled software, platforms and cloud services than most citizens realize — and that dependence now reads as a strategic vulnerability in the eyes of national security analysts and independent researchers. Background India’s public discourse...

Microsoft’s cybersecurity posture is under renewed fire after U.S. Senator Ron Wyden urged the Federal Trade Commission to open a formal investigation into the company’s default security settings, arguing that Microsoft shipped “dangerous, insecure software” that materially enabled a 2024...

Internet traffic between Asia, the Middle East and parts of Europe slowed sharply after multiple undersea fibre‑optic cables in the Red Sea were severed on 6 September 2025, forcing cloud operators — most visibly Microsoft Azure — and regional carriers to reroute traffic, warn customers of...

A sudden cluster of undersea fiber cuts in the Red Sea has forced Microsoft Azure and other cloud and carrier operators to reroute traffic, producing measurable latency and slower internet performance across parts of South Asia, the Gulf and beyond—an event that exposes how a handful of damaged...

Microsoft has warned that users of its Azure cloud may see higher-than-normal latency and intermittent disruptions after multiple undersea fiber-optic cables in the Red Sea were cut, forcing traffic onto longer alternate routes while repair work and global rerouting continue. Background The Red...

Microsoft's warning that Azure users could face increased latency after multiple subsea cables were reported "cut" in the Red Sea has thrust a quiet but critical piece of global infrastructure into the headlines: the fibre-optic arteries on the ocean floor that carry the world's internet...

Multiple undersea fibre‑optic cables in the Red Sea were severed in early September, producing widespread slowdowns for Internet users and measurable latency for cloud customers — a disruption that exposed how the physical backbone of the Internet can become a single point of failure for modern...

Honeywell’s OneWireless Wireless Device Manager (WDM) has been the subject of a high-severity coordinated disclosure: multiple vulnerabilities in the Control Data Access (CDA) component allow remote attackers to cause information disclosure, denial-of-service, and, in the worst cases, remote...

Schneider Electric has published an advisory—republished by CISA—about an improper privilege management vulnerability in its Saitel family of Remote Terminal Units (RTUs) that has been assigned CVE‑2025‑8453 and carries a CVSS v3.1 base score of 6.7, affecting Saitel DR RTU firmware versions...

CISA and partner agencies have issued a sharply worded joint Cybersecurity Advisory warning that People’s Republic of China (PRC) state‑sponsored Advanced Persistent Threat (APT) actors have been compromising global telecommunications and critical‑infrastructure networks by targeting...

The Colonial Pipeline blackout of May 2021 remains a cautionary touchstone: ransomware that began in corporate IT cascaded into physical shortages and public alarm, a stark demonstration that operational technology (OT) insecurity costs more than data — it can disrupt energy, water, food and...

Siemens’ RUGGEDCOM APE1808 appliances carry high‑risk management‑plane vulnerabilities that can let an authenticated administrator—or an attacker who gains elevated credentials—execute arbitrary operating‑system commands and escalate local service privileges, creating a significant threat to...

Siemens has confirmed a widespread denial-of-service (DoS) vulnerability affecting multiple models in the SIPROTEC 4 and SIPROTEC 4 Compact line that can be triggered remotely by an unauthenticated attacker during interrupted file-transfer operations; the issue is tracked as CVE-2024-52504 and...

On August 13, 2025, the Cybersecurity and Infrastructure Security Agency (CISA), together with the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), the Environmental Protection Agency (EPA) and several international partners, published detailed guidance aimed at helping...

AVEVA's PI Integrator for Business Analytics has been the subject of a coordinated security disclosure that identifies two authenticated, yet remotely exploitable, vulnerabilities which could permit file upload of dangerous types and the disclosure of sensitive output data — issues that demand...

A major cyber risk alert has rocked the world of renewable energy management, as EG4 Electronics faces a constellation of high-severity vulnerabilities impacting its entire fleet of solar inverters. The sweeping flaws, affecting every major EG4 inverter model, reveal just how exposed the bedrock...

Burk Technology's ARC Solo—a mainstay in broadcast facility monitoring and control—has recently come under scrutiny following the disclosure of a critical vulnerability that exposes the device to remote exploitation. This revelation, denoted as CVE-2025-5095 and ranked at a critical 9.3 on the...

A sweeping wave of cybersecurity advisories has surged through the industrial sector as the Cybersecurity and Infrastructure Security Agency (CISA) unveiled ten new Industrial Control Systems (ICS) advisories on August 7, 2025. This release zeroes in on a wide spectrum of vulnerabilities...

A series of newly discovered vulnerabilities in Rockwell Automation’s Arena simulation software have jolted the industrial software ecosystem, underscoring the persistent security challenges faced by critical manufacturing sectors worldwide. Carrying a high CVSS v4 base score of 8.4, these...