Latest Internet & Cybersecurity News
Iran suspected in cyber breach of US gas station tank-monitoring systems
US officials suspect Iranian hackers may be behind intrusions targeting automatic tank gauge systems used to monitor fuel levels at gas stations across multiple US states. Investigators say the systems were exposed online with weak or no password protection, and the incidents did not affect actual fuel quantities, though they could have operational and safety implications.
IRDAI orders insurers to review cybersecurity against AI-driven threats
India’s insurance regulator has directed insurers’ CISOs to immediately assess cybersecurity preparedness against frontier AI-related cyber risks and submit an Action Taken Report by May 22, 2026. The directive follows rising concern that advanced AI could amplify attacks, while CERT-In has also warned about critical vulnerabilities in widely used enterprise systems.
US fuel-storage cyber probe highlights exposed industrial systems
A CNN-reported investigation into gas-station fuel-monitoring intrusions underscores how internet-facing industrial control systems can be vulnerable when left exposed online. Officials warned that attackers could potentially hide fuel leaks or disrupt monitoring, even if no physical damage has been reported.
Iran-linked hacking raises concerns over critical infrastructure targeting
The suspected involvement of Iranian-linked actors in the US gas-station incident fits a broader pattern of state-linked cyber activity against energy and infrastructure targets. Researchers note that the attack surface remains broad because many operational systems still rely on weak security configurations.
Industry coalition calls for whole-of-nation response to AI cyber risks
A broad coalition of industry groups is pushing for a coordinated national approach to manage cybersecurity threats created by AI capabilities. The proposal reflects growing concern that AI could lower the barrier for sophisticated attacks and accelerate both scale and speed of cyber operations.
EU privacy and cybersecurity agenda continues to expand in 2026
European regulators are advancing a wide range of digital governance measures, including cybersecurity-related guidance and enforcement themes tied to the GDPR, DSA, DMA, and AI Act. Recent updates also point to increasing scrutiny of cloud security standards, age verification, and coordinated enforcement across the EU.
BSI updates cloud-security catalogue to strengthen provider standards
Germany’s BSI has released a new version of its cloud-security catalogue, updating a key security framework for cloud providers. The changes are part of a broader European push to raise baseline cyber resilience and improve trust in cloud infrastructure.
France’s CNIL sets 2026 guidance roadmap including cybersecurity
CNIL’s 2026 roadmap includes upcoming guidance on AI, health data, consent, access rights, and cybersecurity. The work program shows that privacy regulators are increasingly treating cyber resilience as inseparable from data protection and governance obligations.
Dutch AP begins preventive inspections of ICT suppliers
The Netherlands’ AP has introduced preventive inspections of ICT suppliers as part of a broader cyber-risk supervision strategy. The move signals tighter oversight of third-party technology providers that support regulated and data-sensitive organizations.
Poland’s revised cybersecurity framework enters into force
Poland’s updated cybersecurity framework has taken effect, activating the first compliance deadlines for entities covered under NIS 2 transposition. This is a major step in tightening critical-infrastructure security obligations across the country.
Gunra ransomware expands its RaaS operations
Gunra ransomware has rapidly evolved from a new threat into a broader ransomware-as-a-service operation, reportedly impacting dozens of organizations in under a year. Its expansion highlights the ongoing professionalization of cybercrime and the continued pressure on enterprise defenders.
Critical vulnerabilities remain a major concern for enterprises
Alongside threat activity, defenders are being warned about serious vulnerabilities in enterprise systems, including widely deployed SAP products used by banks, insurers, and large corporates. These flaws reinforce the need for rapid patching, monitoring, and stronger incident response planning.