Technology

US cybersecurity agency issues an urgent alert as Iranian hackers attack critical infrastructure — CISA guidance warns organizations to immediately shield certain programmable logic controllers from the internet to thwart future attacks

Source

Tom's Hardware

Published

Apr 10, 2026

TL;DR

AI Generated

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert warning organizations about Iranian hackers targeting critical American infrastructure, particularly programmable logic controllers used in water and energy companies. The guidance advises organizations to shield these controllers from direct internet exposure to prevent future attacks. The alert, following recent Iran-U.S. tensions, highlights the risk to critical infrastructure and recommends steps like auditing access logs and limiting public-facing internet access to vulnerable hardware. The threat is serious enough that multiple U.S. agencies are involved in warning organizations at risk, emphasizing the importance of securing systems against cyber threats from nations like Iran.

Read Full Article

The Download: Trump’s new AI order, and smart glasses for warfare

President Trump signed a new AI order focusing on innovation and security, introducing a voluntary review system for tech companies to share models with the government before release. Meanwhile, defense-tech company Anduril is developing smart glasses for warfare with Meta, envisioning drone strike orders via eye-tracking and voice commands. SpaceX plans to raise $75 billion in an IPO, Meta scales back worker tracking for AI training, and Microsoft launches a new AI assistant. Additionally, concerns arise about AI's impact on mathematics, surveillance, and cybersecurity.

MIT Technology Review•

8 hours ago

Trump signs AI executive order seeking 30-day government access to frontier models before release — voluntary framework will include classified benchmark to determine which models qualify

President Trump has signed an executive order requiring AI companies to provide the government with early access to their most advanced models for up to 30 days before public release. This voluntary framework includes a classified benchmark to determine which models qualify for review. The order tasks agencies like the NSA and CISA with creating the benchmark and selecting trusted partners for review. The directive also establishes an "AI cybersecurity clearinghouse" to coordinate vulnerability scanning and patch distribution. Critics raise concerns about potential government interference in deciding who gains early access to powerful AI models.

Tom's Hardware•

8 hours ago

MIT Technology Review

The Download: AI can run your admin department now

AI is increasingly taking on basic administrative tasks for small businesses, from organizing notes to invoicing and social media planning. Anthropic has confidentially filed for an IPO ahead of OpenAI, aiming to go public this fall. The EU may exclude US cloud giants like Amazon, Microsoft, and Google from critical contracts to reduce dependence on US tech. Florida has become the first state to sue OpenAI over alleged child safety risks related to ChatGPT. Hackers exploited Meta AI to steal Instagram accounts, highlighting the risks of offloading support to AI.

MIT Technology Review•

1 day ago

Dozens of Red Hat packages backdoored through its official NPM channel

Red Hat's official NPM accounts were compromised, leading to the distribution of a malicious worm that steals sensitive credentials across machines. The attack targeted the @redhat-cloud-services channel, a trusted source for Red Hat packages, affecting over 30 packages. The malware collects credentials during the npm install process and spreads by republishing infected packages to other accounts. Organizations are advised to consider systems that installed the affected packages as potentially compromised, as the payload executes during installation, not runtime use. The malware encrypts and sends credentials through web requests, with a fallback option to publish data to compromised GitHub repositories.

Ars Technica•

2 days ago

The Download: Trump’s new AI order, and smart glasses for warfare

MIT Technology Review•

8 hours ago

Trump signs AI executive order seeking 30-day government access to frontier models before release — voluntary framework will include classified benchmark to determine which models qualify

Tom's Hardware•

8 hours ago

MIT Technology Review

The Download: AI can run your admin department now

MIT Technology Review•

1 day ago

Dozens of Red Hat packages backdoored through its official NPM channel

Ars Technica•

2 days ago

US cybersecurity agency issues an urgent alert as Iranian hackers attack critical infrastructure — CISA guidance warns organizations to immediately shield certain programmable logic controllers from the internet to thwart future attacks

TL;DR

Similar Articles

The Download: Trump’s new AI order, and smart glasses for warfare

Trump signs AI executive order seeking 30-day government access to frontier models before release — voluntary framework will include classified benchmark to determine which models qualify

The Download: AI can run your admin department now

Dozens of Red Hat packages backdoored through its official NPM channel

We use cookies

US cybersecurity agency issues an urgent alert as Iranian hackers attack critical infrastructure — CISA guidance warns organizations to immediately shield certain programmable logic controllers from the internet to thwart future attacks

TL;DR

Similar Articles

The Download: Trump’s new AI order, and smart glasses for warfare

Trump signs AI executive order seeking 30-day government access to frontier models before release — voluntary framework will include classified benchmark to determine which models qualify

The Download: AI can run your admin department now

Dozens of Red Hat packages backdoored through its official NPM channel