The story that should not get buried under this week's patch pile is a quiet one from the ICS/OT section: attackers used #Claude and #ChatGPT to assist an intrusion into a water utility in Monterrey. The OT #breach ultimately failed — but that's almost beside the point. What the Dragos report actually documents is AI being used as a competent recon assistant: autonomously identifying a vNode SCADA/IIoT interface, recommending a password-spray attack, and generating a Python toolkit on the fly. No novel exploit. No nation-state budget. Just patience and a chat window.

This is the part of the AI-in-security conversation that tends to get lost between the breathless vendor marketing and the "fully autonomous AI attacks are not yet observed" reassurances. The threat doesn't need to be autonomous to be meaningful. Lowering the reconnaissance floor — making #OT infrastructure more legible to attackers who previously lacked the domain knowledge to navigate it — is already a significant capability shift. The Monterrey incident didn't succeed. The next one will be run by someone who learned from it.

→ Week #19/2026 also covers: A 64-day cPanel zero-day window, #ShinyHunters hits an ed-tech giant, and Europe blocks #Huawei from its solar grid.

Full issue https://infosec-mashup.santolaria.net/p/infosec-mashup-19-2026-offense-just-got-a-co-pilot

If you find it useful, subscribe to get it in your inbox every weekend #infosecMASHUP #cybersecurity #infosec #threatintel #AI