Daily OT Security News: May 13, 2026
Welcome to today’s briefing on operational technology (OT) security. This edition covers recent ransomware trends, critical IoT vulnerabilities, new patch advisories, strategic partnerships in the public sector, and advancements in cloud-based OT security platforms. Stay informed on the latest developments impacting industrial control systems and cyber-physical environments.
OT Sector Hit by 2,073 Ransomware Attacks in 12 Months, NCC Group Warns
New analysis released by NCC Group on May 13, 2026, reveals that the industrial sector experienced 2,073 ransomware attacks in the 12 months ending March 2026. This makes OT the most targeted industry every month during that period, accounting for nearly 30% of all ransomware activity. Capital goods manufacturers were the hardest hit, followed by machinery and construction/engineering sub-sectors. NCC Group’s OT Director Ray Robinson emphasized that ransomware disruption extends beyond data loss to potentially halting production, disrupting essential services, and endangering lives. Regulatory bodies in the UK are increasing oversight under the NIS Regulations and Cybersecurity Act, focusing on OT governance, incident reporting, and supply-chain security.
Over 1 Million IoT Baby Monitors and Security Cameras Exposed via Meari Technology Flaws
Security researcher Sammy Azdoufal disclosed three critical vulnerabilities affecting over one million Meari Technology IoT devices including baby monitors and security cameras across 118 countries. The flaws (CVE-2026-33356, CVE-2026-33359, CVE-2026-33362) allowed unauthorized access to live device feeds, motion-alert images stored on Alibaba OSS servers, and involved hardcoded cryptographic keys that cannot be rotated without hardware reflashing. Azdoufal was able to access thousands of sensitive images from inside homes and nurseries. While patches have been issued, the incident highlights ongoing challenges with IoT security, especially regarding whiteboxed products and fragmented vendor accountability.
ICS Patch Tuesday May 2026: Siemens, Schneider Electric, and CISA Issue New Advisories
The May 2026 ICS Patch Tuesday brought new security advisories from Siemens, Schneider Electric, CISA, and CERT@VDE addressing vulnerabilities in widely used industrial control systems. These coordinated disclosures are part of the ongoing monthly ICS advisory cycle aimed at improving OT security in manufacturing, energy, and critical infrastructure sectors. CISA continues to lead vulnerability coordination efforts in the U.S., urging asset owners to promptly review and apply mitigations. The advisories underscore the persistent difficulties of patch management in OT environments due to operational downtime constraints and legacy system dependencies.
Claroty and Carahsoft Partner to Expand CPS Security Across U.S. Public Sector
Claroty and Carahsoft Technology Corp. announced a new distribution partnership on May 12, 2026, to provide Claroty’s cyber-physical systems (CPS) protection platform to U.S. Federal, State, Local, and Education (SLED) agencies. The platform will be available through Carahsoft’s reseller network and the NASPO ValuePoint contract. A recent study cited in the announcement found that while all Federal agencies have initiated CPS security programs, only 36% have full asset visibility and over 60% report expertise gaps. Claroty’s platform offers asset discovery, Zero Trust enforcement, and CMMC compliance support, addressing critical needs as government agencies modernize their OT infrastructure amid increasing cyber threats.
Nozomi Networks OT/IoT Security Platform Now Available on Google Cloud Marketplace
Nozomi Networks announced on May 12, 2026, that its OT, IoT, and CPS security platform is now accessible via the Google Cloud Marketplace. This enables customers to deploy Nozomi Guardian and the Central Management Console directly within their Google Cloud environments. The integration enhances AI-powered continuous monitoring across IT, OT, and IoT systems both on-premises and in the cloud. This move follows Mitsubishi Electric’s acquisition of Nozomi Networks earlier this year and the launch of Vantage IQ, an AI-driven cybersecurity assistant. The availability on Google Cloud reflects growing industry momentum toward cloud-delivered OT security solutions that balance deployment flexibility with robust threat detection.
This briefing is compiled by the Viakoo security team from public sources.
