On this roundup, Tony seems to be at assaults towards Polish water therapy amenities, how AI-directed assaults failed in Mexico, and what Google believes is the primary AI-generated zero-day exploit
29 Might 2026
It’s that point of month when ESET Chief Safety Evangelist Tony Anscombe seems to be again at a number of the high cybersecurity tales that made the information over the previous 30 or so days and provides insights that the they might maintain to your personal cyber-defenses. Here is a few of what caught Tony’s consideration in Might 2026:
- Poland’s Inside Safety Company (ABW) has launched details about cyber-intrusions into ICS (industrial management programs) at 5 water therapy amenities within the nation in 2024 and 2025. The 2 fundamental assault vectors – weak passwords and programs uncovered on to the web – have been the identical as these utilized in assaults towards the Polish power sector that leveraged DynoWiper described by ESET researchers right here.
- An unknown group just lately exfiltrated troves of knowledge from the federal government of Mexico in what has been described as one of many world’s first actually AI-directed assaults, however the subsequent assault towards a water utility plant did not bridge the hole from IT to OT programs,
- Google has recognized what it believes is the primary zero-day exploit developed utilizing AI
- People misplaced greater than $388 million final 12 months to scams utilizing cryptocurrency kiosks, in accordance with the FBI.
What are some key mitigation steps towards assaults focusing on OT programs? How do scams crypto ATMs work and easy methods to keep secure? Be taught this and extra in Tony’s video and you’ll want to try the April 2026 version of Tony’s month-to-month safety information roundup for extra insights.
