ot cybersecurity

Schneider Electric’s latest advisory for EcoStruxure Power Monitoring Expert (PME) and EcoStruxure Power Operation (EPO) is the kind of industrial-software security notice that should immediately get the attention of OT teams, facilities operators, and Windows administrators alike. The issue...

Schneider Electric’s Modicon M241, M251, and M262 controllers are once again in the security spotlight after CISA published an advisory for a CWE-404 Improper Resource Shutdown or Release flaw that can trigger a partial denial of service in the Machine Expert protocol. The risk is not abstract...

Festo’s automation stack has once again been thrust into the spotlight after a coordinated disclosure identified a large set of serious vulnerabilities in the way CODESYS is packaged and delivered with the Festo Automation Suite. The consolidated advisory—republished in CSAF form and summarized...

Dragos’ 2026 Year‑in‑Review makes bluntly clear what industrial defenders have long feared: adversaries are no longer content to merely probe and persist inside industrial networks — they are mapping control loops, handing off footholds to specialized operators, and increasingly engineering...

Festo has published a coordinated security advisory warning that firmware across a large swath of its automation portfolio exposes undocumented, remotely accessible functions — a documentation and design gap that can let networked attackers obtain full control of affected devices unless...

Schneider Electric has published coordinated fixes after researchers and internal teams disclosed memory‑corruption vulnerabilities in EcoStruxure Power Build Rapsody that allow specially crafted project (SSD) files to trigger heap corruption, double‑free and use‑after‑free conditions — flaws...