STIX XML Indicators of Compromise for Threat Intelligence

CISA ICS-CERT published STIX XML indicators of compromise (IOCs) for threat intelligence purposes. The advisory includes structured XML data containing malicious indicators that organizations can use to detect and identify potential cyber threats targeting industrial control systems and critical infrastructure. These IOCs are designed for integration with security monitoring tools, SIEM systems, and threat intelligence platforms.

CISA ICS-CERT STIX Threat Data - ICS and Enterprise Attack Patterns

CISA published a STIX bundle (AA26-097A) containing structured threat intelligence data with attack patterns for Industrial Control Systems (ICS) and enterprise environments. The bundle includes MITRE ATT&CK mapped techniques covering initial access, command and control, data manipulation, and impact vectors relevant to both ICS and enterprise networks.

Iranian APT Actors Exploit Rockwell PLCs Across US Critical Infrastructure

CISA, FBI, NSA, EPA, DOE, and US Cyber Command issued a joint advisory warning that Iran-affiliated APT actors are conducting active exploitation of internet-facing Rockwell Automation/Allen-Bradley programmable logic controllers across U.S. critical infrastructure. The advisory documents malicious interactions with PLC project files and manipulation of HMI and SCADA displays causing operational disruptions and financial losses in Water, Energy, and Government Services sectors. Agencies recommend immediate review of provided IOCs and implementation of specific mitigations including network isolation of OT devices.

Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure

CISA, FBI, NSA, EPA, DOE, and US Cyber Command issued a joint cybersecurity advisory on April 7, 2026 warning that Iranian-affiliated APT actors are conducting active exploitation targeting internet-facing OT devices including Rockwell Automation/Allen-Bradley programmable logic controllers (PLCs) across U.S. critical infrastructure. The advisory covers Water and Wastewater Systems and Energy sectors, providing TTPs, IOCs, and specific mitigations including removing PLCs from direct internet exposure and monitoring OT-specific ports.

Critical CVSS 8.8 Vulnerabilities Expose SQL Credentials in Mitsubishi Electric GENESIS64 and ICONICS Suite

CISA ICS-CERT issued advisory ICSA-26-097-01 disclosing two critical vulnerabilities (CVE-2025-14815, CVE-2025-14816) with CVSS 8.8 score in Mitsubishi Electric GENESIS64 and ICONICS Suite products affecting versions 10.97.3 and below. The vulnerabilities stem from cleartext storage of SQL Server credentials in local SQLite cache files, potentially allowing local attackers to obtain plaintext credentials and access, tamper with, or destroy data.

Tow Truck Driver Brett David Shearer Disqualified for 3 Years

NSW Fair Trading has disciplined tow truck driver Brett David Shearer by reprimanding him and disqualifying him from holding a tow truck licence or driver's certificate for 3 years. The action follows Shearer's guilty plea to two offences: intimidation with intent to cause fear, and larceny involving theft of 5 sets of car keys in connection with his tow truck business. NSW Fair Trading determined Shearer is no longer a fit and proper person to hold a Tow Truck Drivers Certificate.

CfI: Advanced Connectivity Technologies (ACT): Call 1 - £15M Funding

UKRI and Innovate UK have opened a £15 million funding opportunity for UK registered organisations to develop near-term, testable connectivity solutions advancing the UK's Secure and Resilient and Sustainable Network Grand Challenges. This is the first call under the CfI: Advanced Connectivity Technologies programme. Individual awards can reach up to £2 million, with a closing date of 3 June 2026.

Particle Physics Experiment Consolidated Grants 2026 - Pre-announcement

UKRI/STFC has issued a pre-announcement for the Particle Physics Experiment Consolidated Grants 2026. The funding opportunity opens 27 April 2026 and closes 2 July 2026. The grant period runs 1 October 2027 to 30 September 2029 (24 months). STFC will fund 80% of Full Economic Cost. This grant round extends the 2024 consolidated grants and covers the remaining two years of the award cycle.

Chase Romine v. Shayla Geene West - Domestic Violence Order Appeal

The Kentucky Court of Appeals vacated and remanded a Domestic Violence Order entered by Jefferson Circuit Court against Chase Romine (Case No. 2025-CA-0291-ME). The appellate court found the family court erred in its proceedings but reviewed the merits of the case despite the appellee's failure to file a brief. The original DVO was based on allegations of harassing text messages and threats against a minor child.

Soufiane Fajjaji v. Jennifer Fajjaji - Domestic Violence Order Affirmed

The Kentucky Court of Appeals affirmed a Jefferson Circuit Court domestic violence order entered on behalf of two minor children (K.F., born 2017, and A.F., born 2020). The case arose from cross-petitions filed by both parents after injuries to the younger child were observed. The family court had appointed an attorney to represent the children's interests and conducted an evidentiary hearing before issuing the DVO. The appellate court upheld the lower court's ruling without finding reversible error.