On this roundup, Tony seems at assaults towards Polish water remedy services, how AI-directed assaults failed in Mexico, and what Google believes is the primary AI-generated zero-day exploit
29 Might 2026
It’s that point of month when ESET Chief Safety Evangelist Tony Anscombe seems again at a few of the high cybersecurity tales that made the information over the previous 30 or so days and affords insights that the they could maintain to your personal cyber-defenses. This is a few of what caught Tony’s consideration in Might 2026:
- Poland’s Inner Safety Company (ABW) has launched data about cyber-intrusions into ICS (industrial management methods) at 5 water remedy services within the nation in 2024 and 2025. The 2 major assault vectors – weak passwords and methods uncovered on to the web – have been the identical as these utilized in assaults towards the Polish power sector that leveraged DynoWiper described by ESET researchers right here.
- An unknown group lately exfiltrated troves of information from the federal government of Mexico in what has been described as one of many world’s first really AI-directed assaults, however the subsequent assault towards a water utility plant did not bridge the hole from IT to OT methods,
- Google has recognized what it believes is the primary zero-day exploit developed utilizing AI
- People misplaced greater than $388 million final 12 months to scams utilizing cryptocurrency kiosks, in response to the FBI.
What are some key mitigation steps towards assaults concentrating on OT methods? How do scams crypto ATMs work and find out how to keep secure? Study this and extra in Tony’s video and you should definitely try the April 2026 version of Tony’s month-to-month safety information roundup for extra insights.
