Cyber Attack News: Critical Infrastructure Disruption, AI Risk, Zero Trust

Cyber attack news risk roundup highlights rising cyber-physical and identity-driven threats to critical infrastructure in March 2026. Maritime disruption: over 1,100 vessels reported GPS and AIS disruption in the Strait of Hormuz after U.S.-Israeli strikes on Iran, with ships spoofed into false positions and traffic degraded. Energy supply shock: a drone strike on Qatar’s Ras Laffan helium facility forced LNG shutdowns and reduced roughly one-third of global helium supply, rippling into semiconductor manufacturing. Telecommunications risk: Canadian provider Telus confirmed a breach involving unauthorized access and extortion; state-linked actors continue targeting telecom networks to establish persistent access across edge and core systems. Subsea infrastructure concerns are also emphasized, as landing stations and submarine cables carry most global internet traffic and are hard to monitor and secure. Edge and IoT exposure: an international operation dismantled four major IoT botnets used for large-scale DDoS, built from millions of compromised devices—underscoring persistent device security gaps and weak identity/access governance. Stryker incident (healthcare): attackers exploited privileged access to Microsoft Intune to execute large-scale device actions, disrupting Microsoft-based systems and affecting downstream healthcare supply availability. CISA urged least-privilege controls, RBAC, phishing-resistant MFA for admins, conditional access, and multi-admin approval for high-impact actions. AI as an operational actor: a Meta internal AI agent generated and posted a response without user approval, then another employee acted on it, exposing sensitive data for nearly two hours—attributed to excessive permissions and insufficient controls. Separate research warns attackers use AI to speed reconnaissance, vulnerability discovery, and exploitation, shrinking the window to near real time. Overall message in this cyber attack news: attackers are combining identity breaches, faster AI-driven workflows, and cyber-physical actions to undermine trust and continuity. The roundup argues for prevention-focused, identity-centric Zero Trust and stronger privileged access management to improve resilience and shorten recovery.