As the OT, IoT, and ICS security landscape evolves rapidly in 2026, organizations continue to face sophisticated threats targeting critical infrastructure and connected devices. From vulnerabilities in robotic systems to persistent risks in water utilities and legacy network gear, attackers exploit both cutting-edge and longstanding weaknesses. Staying informed and proactive in patching and defense strategies remains essential to safeguarding operational environments against disruption and compromise.
Critical Command Injection Flaw in Universal Robots PolyScope 5 Puts OT Cobots at Risk
A critical command injection vulnerability (CVE-2026-8153, CVSS 9.8) in Universal Robots’ PolyScope 5 Dashboard Server allows unauthenticated attackers to execute arbitrary commands on robotic systems used in manufacturing, logistics, healthcare, and automotive sectors. This flaw enables remote code execution without credentials, risking production shutdowns, ransomware deployment, and manipulation of robotic precision—including disabling safety logic protecting human workers. Universal Robots released a patch in version 5.25.1, and CISA issued advisory ICSA-26-134-17 to raise awareness.
Source: Dark Reading
Kaspersky Reveals Unpatchable BootROM Vulnerability in Qualcomm Chips Affecting IoT and Industrial Equipment
Kaspersky ICS CERT disclosed CVE-2026-25262, a write-what-where flaw in the BootROM of numerous Qualcomm chips (including MDM9x07, MDM9x45, MSM8916, and SDX50) embedded in IoT modules, industrial devices, healthcare systems, and automotive units. Because the vulnerability resides in immutable silicon, existing devices cannot be patched, leaving them exposed to persistent malware implants if attackers gain brief physical USB access. Qualcomm included this issue in its May 2026 security bulletin, with remediation limited to future chip revisions.
Source: Kaspersky
GAO Testifies Before Congress: U.S. Water and Wastewater Systems Face Persistent Cybersecurity Threats
The U.S. Government Accountability Office reported to Congress that nearly 170,000 water and wastewater systems confront growing cybersecurity risks due to the integration of OT with internet-connected devices. The GAO highlighted EPA’s limited authority to require risk assessments and pointed to workforce gaps, aging infrastructure, and budget constraints as barriers to improved security. These vulnerabilities leave critical water infrastructure increasingly susceptible to ransomware and nation-state attacks.
Source: GAO
Germany Becomes Focal Point of DACH Ransomware Surge as Cyberattacks Rise 124% in 2025
Research from Check Point Software Technologies reveals a 124% increase in cyberattacks across Germany, Austria, and Switzerland in 2025, with Germany experiencing over 80% of DACH region incidents. Financially motivated ransomware groups such as Akira, Qilin, and Safepay exploited weak authentication and exposed remote services, while geopolitical hacktivist groups like NoName057(16) intensified attacks against OT-critical sectors. This convergence underscores the complex threat environment facing European industrial infrastructure.
Source: Industrial Cyber
RondoDox Botnet Exploits Nearly Decade-Old Flaw in Asus Routers to Compromise IoT Infrastructure
The newly discovered RondoDox botnet is actively exploiting CVE-2018-9285, a nearly eight-year-old vulnerability in Asus routers, marking the first known in-the-wild exploitation of this flaw. Targeting network edge devices common in industrial and enterprise environments, the botnet leverages compromised routers to move laterally into connected OT and IoT networks. This campaign highlights the ongoing risks posed by unpatched legacy devices and the critical need for robust firmware lifecycle management.
Source: GovInfoSecurity
As threats continue to evolve and diversify, maintaining vigilance through timely patching, comprehensive monitoring, and rigorous security practices is crucial. Protecting OT, IoT, and ICS environments demands constant attention to emerging vulnerabilities and proactive defense strategies to secure critical infrastructure and connected devices.
