https://www.otbriefing.comIndependent intelligence platform for European OT and ICS cybersecurity.enhttps://www.otbriefing.com/posts/2026-05-18-abb-optimax-auth-bypass-azure-ad-sso-7duihttps://www.otbriefing.com/posts/2026-05-18-abb-optimax-auth-bypass-azure-ad-sso-7duiFri, 15 May 2026 12:58:02 GMTCVE-2025-14510 in ABB Ability OPTIMAX allows full authentication bypass when Azure Active Directory SSO is enabled, with no fix available for version 6.1 or 6.2 - part of a six-advisory ABB batch published 30 April 2026 affecting EU water and energy operators.https://www.otbriefing.com/posts/2026-05-18-siemens-six-critical-ot-patches-plr1https://www.otbriefing.com/posts/2026-05-18-siemens-six-critical-ot-patches-plr1Thu, 14 May 2026 04:46:24 GMTSiemens issued six security advisories affecting critical OT infrastructure, highlighting accelerating patch burdens under NIS2 vulnerability management obligations.https://www.otbriefing.com/posts/2026-05-18-abb-optimax-azure-ad-bypass-risk-i9hthttps://www.otbriefing.com/posts/2026-05-18-abb-optimax-azure-ad-bypass-risk-i9htWed, 13 May 2026 08:00:14 GMTCVE-2025-14510 enables complete authentication bypass in ABB OPTIMAX systems using Azure AD integration, demonstrating cloud identity risks in OT environments.https://www.otbriefing.com/posts/2026-05-18-sicam-a8000-cpci85-path-traversal-ssa-770890-s2o0https://www.otbriefing.com/posts/2026-05-18-sicam-a8000-cpci85-path-traversal-ssa-770890-s2o0Wed, 13 May 2026 06:31:21 GMTSSA-770890 discloses a path traversal flaw in CPCI85 firmware of SICAM A8000 CP-8031 and CP-8050 substation RTUs; exposure depends on debug support activation state, making configuration audit the first step before patching.https://www.otbriefing.com/posts/2026-04-29-ai-assisted-reconnaissance-monterreyhttps://www.otbriefing.com/posts/2026-04-29-ai-assisted-reconnaissance-monterreySat, 02 May 2026 08:00:00 GMTA Mexican water utility disclosed eleven days of read-only access enabled by LLM-assisted reconnaissance. European sectoral SOCs face the same threat class within months. Behavioral baselines tuned to manual probing no longer detect the new tempo.https://www.otbriefing.com/posts/2026-04-22-schneider-modicon-cve-2026-3041https://www.otbriefing.com/posts/2026-04-22-schneider-modicon-cve-2026-3041Sun, 26 Apr 2026 07:30:00 GMTSchneider Electric disclosed a CVSS 9.8 pre-authentication remote code execution flaw in Modicon M340 and M580 PLCs on 22 April. Working exploit code appeared seventy-two hours later. EU operators should patch within fourteen days, not the ninety-day cycle NIS2 minimum language permits.https://www.otbriefing.com/posts/2026-04-18-ransomware-eu-water-h1-2026https://www.otbriefing.com/posts/2026-04-18-ransomware-eu-water-h1-2026Wed, 22 Apr 2026 09:00:00 GMTSix European water utilities disclosed ransomware between January and mid-April 2026, against three in the same period of 2025. The doubling reflects three distinct criminal ecosystems pivoting toward critical infrastructure with operational impact pricing in their negotiation logic.https://www.otbriefing.com/posts/2026-04-10-nis2-article-21-implementation-patternshttps://www.otbriefing.com/posts/2026-04-10-nis2-article-21-implementation-patternsWed, 15 Apr 2026 08:30:00 GMTQ1 2026 NIS2 Article 21 audits across nine EU member states surfaced three implementation patterns: supply-chain flow-down versus technical validation, encryption-at-rest scope, and governance documentation depth. The divergences will narrow with ENISA Q4 guidance.https://www.otbriefing.com/posts/2026-04-03-siemens-simatic-s7-1500-firmware-2026-q2https://www.otbriefing.com/posts/2026-04-03-siemens-simatic-s7-1500-firmware-2026-q2Wed, 08 Apr 2026 07:00:00 GMTSiemens ProductCERT released the Q2 2026 firmware bundle for SIMATIC S7-1500 controllers, containing five CVEs from CVSS 5.4 to 8.2. None are pre-authentication remote code execution. Thirty-day deployment window with internet-reachable units prioritized.