Practical thinking on security and governance.

Live threats, compliance deadlines, and field notes from our audits — written for operators, not auditors.

Threat Intelligence

Latest Threats & CVEs

The vulnerabilities and active exploits our team is tracking this week, ranked by real-world impact on manufacturing environments.

Critical · CVSS 9.8 Updated 2 days ago

CVE-2026-31204 — Ivanti Endpoint Manager RCE

An unauthenticated remote code execution flaw in a widely deployed endpoint management agent, already seen exploited against mid-sized manufacturers running unpatched agents on the shop floor.

Remote Code Execution Endpoint Management Actively Exploited
Critical · CVSS 9.1 Updated 4 days ago

CVE-2026-27890 — Fortinet SSL-VPN Auth Bypass

An authentication bypass in a popular SSL-VPN appliance used by SMEs for remote plant access, allowing attackers to reach internal ERP and SCADA segments without valid credentials.

Auth Bypass VPN / Remote Access Patch Available
High · CVSS 8.2 Updated 6 days ago

CVE-2026-19045 — Legacy PLC Firmware Weak Auth

Hardcoded and weak default credentials on a common line of industrial PLCs still deployed across auto-component and engineering-goods plants, enabling unauthorized configuration changes.

ICS / SCADA Weak Credentials Mitigation Only
High · CVSS 7.9 Updated 1 week ago

CVE-2026-22417 — Tally/ERP Add-on SQL Injection

A SQL injection vulnerability in a widely used third-party ERP add-on module, letting an attacker with network access dump vendor, payroll, and pricing data undetected.

SQL Injection ERP Patch Available
Medium · CVSS 6.5 Updated 1 week ago

CVE-2026-20388 — DVR/NVR Default Credential Exposure

Internet-facing CCTV recorders shipped with unchanged default logins continue to be scanned and compromised en masse, often used as a pivot point into the wider office network.

CCTV / DVR Default Credentials Internet-Facing
Medium · CVSS 5.9 Updated 2 weeks ago

CVE-2026-18022 — Phishing Kit Targeting MSME Invoicing

A commodity phishing kit impersonating logistics and customs-clearance invoices is circulating specifically against Indian export-oriented manufacturers this quarter.

Phishing Business Email Compromise Awareness Training

Illustrative summary based on our current tracking — ask us for a tailored exposure check against your specific systems.

Compliance Calendar

Important Deadlines

Key dates for ISO 27001 certification cycles and DPDP Act compliance that manufacturing SMEs should be planning around.

Ongoing
DPDP Act

DPDP Rules rollout & compliance window

The DPDP Act 2023's rules are being phased in, with graded compliance timelines for consent management, breach notification, and data fiduciary obligations. Manufacturers processing worker biometrics or customer data should not wait for the final deadline to start.

Annual
ISO 27001

Surveillance audit (Year 1 & Year 2)

Every certified organization must pass a surveillance audit in each of the two years following initial certification, or risk suspension of the certificate. We recommend starting internal review 8–10 weeks before the scheduled date.

Every 3 Years
ISO 27001

Recertification audit

Full ISMS recertification is required every three years. Plants that treat this as a fresh certification — rather than a renewal — consistently pass with fewer nonconformities.

Quarterly
Internal Audit

ISMS internal audit cadence

Annex A and clause 9.2 expect a documented internal audit program; most SMEs run this quarterly across rotating control domains rather than all at once before the external audit.

72 Hours
DPDP Act

Data breach notification window

Once finalized rules take effect, significant personal data breaches will need to be reported to the Data Protection Board within a strict window — having an incident response plan ready in advance is not optional.

Dates reflect typical certification-cycle cadence and the current state of DPDP rulemaking; we'll confirm exact dates that apply to your certificate and data operations on a call.

This Week

Latest Cybersecurity News

What's happening in the wider security and compliance world, filtered for relevance to manufacturers.

Regulation

DPDP Act draft rules move closer to enforcement

Draft rules under India's DPDP Act continue to work through public consultation, with data fiduciaries expected to move on consent notices and grievance mechanisms well ahead of formal enforcement.

Policy Watch
Ransomware

Manufacturing remains the most-targeted sector for ransomware

Industry reporting continues to show manufacturing near the top of ransomware target lists, largely due to low tolerance for production downtime and inconsistent patching on legacy shop-floor systems.

Industry Report
Standards

ISO/IEC 27001:2022 transition deadline has passed

Organizations still certified against the 2013 version of ISO 27001 are past the transition deadline; certificates not upgraded to the 2022 revision are no longer valid for new business tenders requiring the standard.

Standards Body
Supply Chain

Third-party ERP and vendor-portal breaches on the rise

A growing share of incidents affecting SMEs originate through a compromised vendor or logistics partner's portal rather than a direct attack, underscoring the need for vendor risk assessment as part of ISMS scope.

Threat Report
Workforce

CERT-In advisories increasingly cite phishing as initial access

Recent advisories continue to flag targeted phishing — often disguised as invoices, shipping documents, or statutory notices — as the most common way attackers first get into Indian mid-market networks.

CERT-In
Cyber Insurance

Insurers now asking for proof of controls before renewal

Cyber insurance underwriters are increasingly requiring evidence of basic controls — MFA, patch cadence, backup testing — before renewing or pricing policies, mirroring what an ISO 27001 audit already checks.

Insurance Desk

Curated summary, refreshed periodically — not a live feed. Ask us on WhatsApp for the full source links behind any item.

Latest Articles

Frameworks, field notes & findings

Tap any topic to read the full breakdown.

Resources

Frequently asked questions

Select checklists and templates are available to clients as part of an active engagement. Reach out via the contact page for access.

Yes — we run tailored workshops on secure development practices, incident response tabletop exercises, and compliance awareness.

We refresh this section on a rolling basis based on what we're actually seeing in client engagements and public advisories. For a live, systemwide check against your exact software versions, ask us for a free security health check.

Have a specific governance question?

Our advisory desk answers scoped questions within one business day.