On this roundup, Tony appears to be like at assaults towards Polish water remedy services, how AI-directed assaults failed in Mexico, and what Google believes is the primary AI-generated zero-day exploit
29 Might 2026
It’s that point of month when ESET Chief Safety Evangelist Tony Anscombe appears to be like again at among the high cybersecurity tales that made the information over the previous 30 or so days and affords insights that the they could maintain to your personal cyber-defenses. This is a few of what caught Tony’s consideration in Might 2026:
- Poland’s Inside Safety Company (ABW) has launched info about cyber-intrusions into ICS (industrial management programs) at 5 water remedy services within the nation in 2024 and 2025. The 2 important assault vectors – weak passwords and programs uncovered on to the web – had been the identical as these utilized in assaults towards the Polish power sector that leveraged DynoWiper described by ESET researchers right here.
- An unknown group not too long ago exfiltrated troves of information from the federal government of Mexico in what has been described as one of many world’s first really AI-directed assaults, however the subsequent assault towards a water utility plant did not bridge the hole from IT to OT programs,
- Google has recognized what it believes is the primary zero-day exploit developed utilizing AI
- People misplaced greater than $388 million final yr to scams utilizing cryptocurrency kiosks, based on the FBI.
What are some key mitigation steps towards assaults focusing on OT programs? How do scams crypto ATMs work and how you can keep secure? Be taught this and extra in Tony’s video and make sure to take a look at the April 2026 version of Tony’s month-to-month safety information roundup for extra insights.
