Cybersecurity and Infrastructure Security Agency (CISA)

Internet concentration risk

Reviewing February 2026 incident as critical infrastructure matter

On February 16, 2026, a misconfigured routing update at Cloudflare's Ashburn data center cascaded across the internet, taking down X for three hours and degrading AWS's largest region. Thousands of other websites went down too. The error took 40 minutes to identify but four hours to fix because corrupted routing tables spread to upstream providers.

Updated 4 hours ago

Microsoft's ongoing battle against zero-day exploits

Rule Changes

Tracking and mandating remediation of exploited vulnerabilities

Microsoft released its February 2026 Patch Tuesday update fixing 58 security flaws, including six zero-day vulnerabilities already being exploited; the most severe bypasses Windows SmartScreen, tricking users into running malicious software without warnings. CISA added all six to its Known Exploited Vulnerabilities catalog, giving federal agencies until March 3, 2026 to patch.

Updated 2 days ago

Microsoft flips the security switch

Rule Changes

Driving industry-wide secure-by-design adoption

On January 12, 2026, millions of Teams users woke up to find their security settings had changed overnight. Microsoft activated weaponizable file blocking, malicious URL detection, and phishing protections across every organization still using default configurations—no administrator approval required. Days earlier, it had expanded Zero-Hour Auto Purge malware removal to all Defender for Office 365 Plan 1 customers. These moves are part of Microsoft's $34 billion bet on 'secure by default' security, following Russian and Chinese attacks on its networks in 2023.

Updated May 20

China's silent invasion: hackers embedded in America's critical infrastructure

Force in Play

Lead agency for critical infrastructure cybersecurity defense

Chinese hackers have burrowed deep into America's power grids, water systems, telecommunications networks, and transportation infrastructure—not to steal secrets, but to flip a kill switch. The Pentagon's December 2024 report confirms Beijing expects to fight and win a war over Taiwan by 2027.

Updated May 16

Russia's Sandworm unit wages five-year shadow war on Western energy grid

Force in Play

Coordinating defense against Russian infrastructure targeting

From 2021 to 2025, Amazon exposed that Sandworm (GRU Unit 74455)—the team behind NotPetya and Ukraine's grid attacks—had shifted to infiltrating misconfigured devices at Western utilities, energy companies, and security providers. They compromised edge devices, harvested credentials, and penetrated networks across North America and Europe.