Cyber·Monitoring
Shai-Hulud Supply-Chain Attack Trojanizes 19 PyPI Packages
PyPI repository (global online service)· Global4 Jun
5 reportsPROPCYCAS
MediumAI Refreshed
ClosedMedium impactAI Generated
CISA Emergency Directive on Actively Exploited Schneider Electric ICS Zero-Day Vulnerability
Detected 24 May 2026Occurrence date not yet established -- showing first detection by the desk.·
🇺🇸 United States; CISA headquarters Washington D.C., with affected infrastructure distributed nationally across energy and water treatment sectors1 reportEnded 29 May 2026
CyberPropertyEnergy
CISA has issued Emergency Directive ED-26-03 addressing a zero-day vulnerability in Schneider Electric industrial control systems deployed in energy and water treatment sectors. Federal agencies have been given 48 hours to apply mitigations. Active exploitation has been confirmed in at least two critical infrastructure sectors, raising significant concerns about cascading impacts to essential services.
AI-generated from linked source reports. See our correction policy.
Impact verdict
Medium impact. MEDIUM: Second-pass historical recalibration. This cyber advisory or vulnerability item is relevant to Cyber and technology-dependent Property/Casualty books, but it does not evidence confirmed insured loss, claims activity, ransomware/business interruption, critical infrastructure outage, or quantified market impact sufficient for HIGH.
View assessment methodologyHow we grade what we know -- Known · Reported · Uncertain. Methodology →
Geographic Zone Matches
1 active match
- TRIA Certified AreasRule-basedConfidence 100%
Geographic zone matches are RiskEvents spatial/analytical indicators, not coverage determinations or Lloyd's official classifications.
Affected countries
🇺🇸 United States
Timeline
Status Change29 May 2026, 12:33
Lifecycle changed
monitoring → closed
Closure29 May 2026, 12:33
Event Closed
Seeded/test data cleanup: synthetic scenario row from 2026-05-24 demo batch; source items have null url/published_at; should not appear in the current public RiskEvents feed.
Status Change29 May 2026, 05:30
Status changed to monitoring
Auto-transitioned: no updates for 6 hours
active → monitoring
Status Change28 May 2026, 22:34
Status changed to active
evidence_trigger: authoritative_fast_track
signal → active
De-escalation25 May 2026, 17:12
Impact changed
high → medium
Initial Detection24 May 2026, 21:40
Initial Detection
CISA has issued Emergency Directive ED-26-03 addressing a zero-day vulnerability in Schneider Electric industrial control systems deployed in energy and water treatment sectors. Federal agencies have been given 48 hours to apply mitigations. Active exploitation has been confirmed in at least two critical infrastructure sectors, raising significant concerns about cascading impacts to essential services.
CISA has issued Emergency Directive ED-26-03 regarding zero-day vulnerability in Schneider Electric industrial control systems used in energy, water treatment. Federal agencies have 48 hours to apply mitigations. Confirmed exploitation in at least two critical infrastructure sectors.
Source: CISA (Official Advisory)
Lloyd's classifications
Tracking this kind of risk? Get an email when Cyber events escalate.
Get alerts