Kategorie
Spain arrests suspected member of pro-Russian hacktivist groups
DEBULL Tooling Abuses Microsoft Device-Code Flow to Target M365 Accounts
Hardening Linux KVM Against VM Escape Attacks
Detection-as-Code for Linux: Building Security Rules That Last
Public GitHub Issue Could Trick GitHub Agentic Workflows Into Leaking Private Repo Data
The GitHub Actions Attack Pattern Your CI Security Scanners Miss
Court Filing Reveals Windows Device ID Helped FBI Trace Alleged Scattered Spider Hacker
Writer AI Flaw Could Let Agent Previews Leak Session Tokens Across Tenants
Envirotech Vehicles Closes Merger with Azio AI Ahead of Schedule, Positioning Combined Company to Capture $487 Billion 2026 AI Infrastructure Opportunity
Revised transaction structure enables immediate closing, accelerating the Company’s strategic pivot toward AI data centers, enterprise GPU compute, and digital power infrastructure.
Envirotech Vehicles, Inc. (NASDAQ: EVTV) (“EVTV” or the “Company”) today announced the successful completion of its merger with Azio AI Corporation (“Azio AI”) on July 2, 2026, paving the way for the Company to transform to an AI Datacenter Provider and meeting the growing market demand for artificial intelligence (“AI”) infrastructure, enterprise GPU compute, digital power solutions, data center development, and digital asset infrastructure; a market that the International Data Corporation (IDC) projects will reach $487 billion in global spending in 2026 and exceed $1 trillion by 2029.[1] The transaction marks a defining milestone in the Company’s strategic transformation and establishes the foundation for its next phase of commercial execution and long-term growth.
The parties amended the proposed transaction structure to expedite the closing timeline, allowing the combined company to begin operating as a fully integrated public company significantly sooner than originally anticipated. The accelerated closing enables management to immediately focus on commercialization across its expanding AI Datacenter strategy.
With the merger complete and the combined company operating as one organization, management is now fully focused on commercial execution, infrastructure deployment, strategic growth initiatives, and creating long-term shareholder value.
Over the past several months, the Company advanced development activities at its South Texas site and deployed six megawatts of off-grid power for its modular data centers. The Company further secured rights to a 548-acre site with the capacity to scale up to 500 MW, supporting the future development of AI hyperscale data centers.
Management believes these achievements demonstrate that the combined company is entering its next phase with meaningful operational momentum already in place rather than beginning from a standing start. Infrastructure deployment is underway, customer commitments have already been established, commercial execution is actively progressing, and the Company’s corporate structure is now aligned with an operating platform built to support long-term expansion.
The completion of the merger comes at a time when investment in AI infrastructure continues to accelerate globally as enterprises increasingly require access to high-performance computing resources, GPU infrastructure, and scalable digital power solutions. Management believes the combined company is well positioned to capitalize on these long-term industry trends through a diversified infrastructure strategy designed to monetize power assets across multiple complementary revenue streams, including AI data centers, enterprise compute infrastructure, power hosting, and digital asset mining operations.
Following the closing of the transaction, the Company intends to continue expanding its AI Infrastructure strategy through AI data center development, enterprise GPU compute solutions, power hosting services, digital asset mining operations, strategic infrastructure investments, and additional commercial partnerships designed to maximize utilization of its power resources while creating multiple long-term revenue opportunities.
In connection with the closing of the merger, Phillip Oldridge has stepped down as Chief Executive Officer. Jason Maddox vacates the President position and is now the Chief Financial Officer. The Company’s Board of Directors appointed Simon Yu as President and Chris Young as Chief Executive Officer, effective immediately.
Mr. Yu is a serial entrepreneur and public markets operator with almost a decade of experience taking companies public, executing capital raises, and scaling businesses. He has previously served in founder, C-suite, and board roles at three publicly traded companies, two of which reached market capitalizations in excess of $1 billion. Mr. Yu has led legal, accounting, and advisory teams through Regulation A+ Tier 2 offerings, PCAOB audits, and public company reporting, alongside leading M&A transactions. As an active early-stage venture investor, he has evaluated investment opportunities across artificial intelligence, SaaS, and B2B technology.
Mr. Young brings extensive experience in launching and leading public companies and investing in and advising emerging technology companies, with a particular focus on artificial intelligence, software innovation, and strategic growth initiatives. Prior to joining EVTV, he served as Chief Executive Officer of Clubhouse Media Group, a publicly traded social media company and an Entrepreneur in Residence at Amplify, where he worked alongside founders and venture-backed technology companies to accelerate commercialization and support the development of high-growth technology businesses.
“Today’s announcement represents far more than the completion of a merger—it marks the beginning of our next chapter,” said Chris Young, Chief Executive Officer of EVTV. “Over the past several months, our teams have been building the operational foundation of this business while simultaneously working toward completing this transaction. With the merger now finalized, we move forward as one company with one leadership team and one strategy, focused on executing against the opportunities in front of us. We believe demand for AI infrastructure, enterprise compute, and digital infrastructure will continue expanding for years to come. Our objective is to build a scalable platform capable of serving that demand while creating long-term value for our shareholders.”
Jason Maddox, Chief Financial Officer of EVTV, added, “Completing this transaction under the amended merger structure allows us to immediately focus on execution. We have already established meaningful operational momentum, and we believe operating as a unified public company enhances our ability to deploy infrastructure, serve customers, pursue strategic growth opportunities, and continue building long-term shareholder value.”
The transaction establishes a unified operating platform designed to support the Company’s long-term growth strategy through continued investment in AI infrastructure, enterprise computing, digital power assets, and digital infrastructure development. Management believes the completion of the merger provides the operational and organizational foundation necessary to pursue the next phase of commercialization while expanding its presence across some of the fastest-growing sectors of the global technology market.
Transaction and Operational Highlights- Successfully completed the merger with Azio AI pursuant to an amended and restated merger agreement.
- Approximately six megawatts of off-grid digital infrastructure deployed at the Company’s South Texas development site.
- Development footprint exceeding 548 acres with the potential to support up to 500 MW of AI infrastructure capacity.
- Combined company positioned to accelerate commercialization across AI infrastructure, enterprise GPU compute, digital power solutions, and digital asset mining operations.
- Merger consideration consisted of 2,655,157 shares of common stock and 973,450 shares of non-voting convertible preferred stock in exchange for 100% of outstanding capital stock of Azio AI, of which 194,807 shares of common stock were reserved for convertible notes of Azio AI assumed by the Company upon closing.
- Each share of preferred stock convertible into 100 shares of Company common stock subject to stockholder approval.
- Chris Young appointed Chief Executive Officer and Chairman of the Board.
- Simon Yu appointed President.
- Jason Maddox appointed Chief Financial Officer.
- Phillip Oldridge stepped down as Chief Executive Officer.
About Envirotech Vehicles, Inc.
Envirotech Vehicles, Inc. (NASDAQ: EVTV) is a technology infrastructure company focused on developing, owning, and operating artificial intelligence data centers, enterprise GPU compute infrastructure, digital power solutions, and digital asset mining operations. Following its acquisition of Azio AI, the Company operates an integrated AI infrastructure business encompassing AI data center development, the sale and distribution of enterprise GPU systems and server infrastructure, high-performance computing solutions, power hosting, and strategic technology investments, serving enterprise and institutional customers across domestic and international markets. Through this diversified AI infrastructure strategy, the Company is positioned to capitalize on the rapidly expanding global demand for AI infrastructure, compute capacity, digital power, and next-generation AI technologies.
For more information please visit: www.azioai.ai and for potential partnerships contact: [email protected]
Forward-Looking Statements
This press release contains forward-looking statements within the meaning of the Private Securities Litigation Reform Act of 1995. In some cases, you can identify forward-looking statements by words such as “may,” “will,” “could,” “expect,” “anticipate,” “believe,” “estimate,” “project,” “intend,” “continue,” “potential,” “ongoing,” or the negative of these terms or other comparable terminology, although not all forward-looking statements contain these words. Forward-looking statements include statements regarding the Company’s ability to capitalize on accelerating demand for AI infrastructure, enterprise GPU compute, digital power solutions, data center development, and digital asset infrastructure; the Company’s plans to continue expanding its digital infrastructure platform through AI data center development, enterprise GPU compute solutions, power hosting services, digital asset mining operations, strategic infrastructure investments, and additional commercial partnerships; the Company’s ability to maximize utilization of its power resources while creating multiple long-term revenue opportunities; the ability to continue deploying modular digital infrastructure at the Company’s South Texas site; the anticipated deployment and scaling of NVIDIA B200 and B300 GPU systems; the ability to advance and execute against the Company’s commercial infrastructure pipeline; the anticipated development of the Company’s footprint; the ability to monetize power assets across multiple complementary revenue streams, including AI data centers, enterprise compute infrastructure, power hosting, and digital asset mining operations; customer demand for AI infrastructure, enterprise compute, and digital infrastructure; the Company’s ability to build a scalable platform designed to serve that demand and create long-term shareholder value; and the Company’s broader business strategy and long-term growth objectives.
These statements are based on current expectations and assumptions that involve risks and uncertainties that could cause actual results to differ materially. Most of these factors are outside the Company’s control and are difficult to predict. Factors that may affect actual results include, but are not limited to, the Company’s limited operating history within AI infrastructure and compute operations, project scope, engineering challenges, supply chain constraints, installation timelines, energy availability, finalization of site usage rights, regulatory considerations, equipment performance, ability to raise capital required for expansion activities, changes in digital asset markets, evolving compute demand, market conditions, the Company’s ability to successfully integrate the combined business following the completion of the merger, the risk that the anticipated benefits and synergies of the merger are not realized, the risk of unexpected costs, charges, or expenses resulting from or relating to the merger, potential adverse reactions or changes to business relationships resulting from the completion of the merger, risks related to the diversion of management’s attention from ongoing business operations during the post-closing integration period, the risk that required stockholder approval for the conversion of preferred stock issued in the merger as required by rules of The Nasdaq Stock Market LLC (the “Conversion Proposal”) is not obtained, and additional risks and uncertainties described in the Company’s most recent Annual Report on Form 10-K and subsequent Quarterly Reports on Form 10-Q filed with the SEC, which are available at www.sec.gov. The Company undertakes no obligation to update forward-looking statements except as required by law.
Important Information About the Merger and Where to Find it
The Company expects to file a proxy statement with the SEC relating to the Conversion Proposal. The definitive proxy statement will be sent to all Company stockholders. Before making any voting decision, investors and security-holders of the Company are urged to read the proxy statement and all other relevant documents filed or that will be filed with the SEC in connection with the Conversion Proposal as they become available because they will contain important information about the amended and restated merger agreement between the parties and the related transactions and the Conversion Proposal to be voted upon by the Company’s stockholders. Investors and security-holders will be able to obtain free copies of the proxy statement and all other relevant documents filed or that will be filed with the SEC by the Company through the website maintained by the SEC at www.sec.gov.
Participants in the Solicitation
The Company and its directors and executive officers may be considered participants in the solicitation of proxies from EVTV’s stockholders with respect to the Conversion Proposal under the rules of the SEC. Information about the directors and executive officers of EVTV is set forth in its Annual Report on Form 10-K for the year ended December 31, 2025, which was filed with the SEC on April 13, 2026, and in subsequent Quarterly Reports on Form 10-Q and other documents filed by the Company from time to time with the SEC. Additional information regarding the persons who may be deemed participants in the proxy solicitation and a description of their direct and indirect interests, by security holdings or otherwise, will also be included in the proxy statement, and other relevant materials to be filed with the SEC when they become available. You may obtain free copies of these documents as described above.
¹ Source: International Data Corporation (IDC), “AI Infrastructure Spending Caps Historic Year at ~$90 Billion in Q4 2025; 2029 Spending to Eclipse $1 Trillion,” April 16, 2026. The Company has not independently verified the data or projections contained in this report, and there can be no assurance that the projections will be realized.
ContactPhoenix MGMT & Consulting
Webinar tomorrow: Why modern email attacks require a new approach to defense
New Januscape Linux flaw allows VM escape on Intel, AMD devices
What Changes When Your Software Supply Chain Includes AI Writing Your Code?
Talk, talk, talk: The rise of AI dictation tools at work
For workers who routinely spend hours a day interacting with various AI assistants, banging out prompts on a keyboard can quickly become a chore.
“Whether it’s a coding task, helping write a document or think about strategy — there’s just so much typing and typing and typing you do as a part of that,” said Chris Patalano, chief technology officer at Thumbtack, an online marketplace for professional services.
With that in mind, Patalano and other senior colleagues last year began experimenting with new ways to interact with AI systems within Thumbtack. The idea was to test AI-assisted dictation tools developed by startups such as Monologue, Superwhisper, Willow Voice, and Wispr.
Unlike previous generations of dictation apps that aimed to produce a verbatim transcript, newer tools rely on large language models (LLMs) to craft polished, edited text. The companies behind them claim users can produce text several times faster than typing, with greater accuracy than voice tools built into other apps.
That has sparked renewed interest in using voice prompts to carry out routine tasks in the workplace.
After one of Thumbtack’s principal engineers suggested Wispr Flow, Patalano kicked off a small pilot project with a handful of colleagues over a couple of months. The pilot was a success, and Wispr Flow is now available to more than 200 IT and engineering staffers; they use it for a variety of tasks, including interactions with AI assistants and drafting Slack messages to colleagues.
Although Patalano said he still prefers typing for certain apps, Wispr Flow’s AI dictation tool has become a part of his daily workflow. “It’s becoming the primary interface that I have for any AI tools. It’s just so much more effective and efficient than having to type,” he said.
“I’ve used it to help me build prototypes, explore the code base, help me explore my own technical strategy. I’ve used it to do analytics across data sets — even very specific acute things, like ‘What do I need to make sure is on my to-do list this week?’”
A new generation of dictation toolsSoftware that translates spoken words into text isn’t new to the workplace. Speech-to-text dictation tools have been around in various forms for decades. The earliest example dates back to 1952, when Bell Labs created Audrey, widely regarded as the first automatic speech recognition system. (Audrey could recognize the spoken digits 0-9 with 90% accuracy when used by the machine’s developer, HK Davis.)
Commercial products appeared in the 1980s, with broader adoption in the 1990s via software such as Dragon Dictate. These were specialized — and expensive — applications with limited functionality, appealing mostly to professionals for whom dictation was already a part of their workflow, such as doctors and lawyers, rather than a wide range of office workers.
In recent years, speech-to-text software has become more accessible, especially with the integration of speech recognition into smartphones and computers by Apple, Google, Microsoft, and others. Deep learning has also significantly improved accuracy.
That’s made voice input more common in the workplace and an important accessibility tool for people who find typing difficult — even though the systems can still be “quite brittle,” said Benjamin Cowan, professor at the School of Information and Communication Studies at University College Dublin. That’s especially true of early voice input technology.
“Not only did they get things wrong all the time, they wrote everything you said — even if you didn’t want it to,” he said. “This meant that a lot of time was taken editing the notes after they were dictated.”
Now, several startups offering AI dictation tools, including Wispr, aim to make voice a viable alternative to typing for everyday computer tasks. The key difference from earlier iterations of tools is the use of AI models to edit text in near-real-time, removing disfluencies such as “umms,” “ahhs” and filler words to create a polished sentence.
Whispr Flow offers shortcuts, or “snippets” with its voice tool.
Whispr Flow snippets
In most cases, users can invoke an AI dictation tool across mobile and desktop applications with a text field – whether that’s a document editor, email client, a vibe-coding app or anything else – by pressing and holding a designated key or button while talking. Users can add words to the app’s dictionary so it can pick up on uncommon names, abbreviations, and industry jargon.
“The technology itself has improved dramatically” compared to previous tools that sought to transcribe speech verbatim and could be frustratingly inaccurate, said Maria Bell, senior research analyst at CCS Insight.
“These modern systems are much more contextual; they understand your intent, they can help structure your thoughts and rewrite while you speak. They function more like writing assistants rather than just dictation.”
Wispr is among the best-funded startups in the market, having raised $81 million to date. Bloomberg reported in May that the company was in talks to raise a further $260 million at a $2 billion valuation. Other vendors have also attracted investor backing, with Willow Voice announcing a $4.2 million funding round last year.
The software is typically available via a freemium model, with a free tier offering basic functionality and usage limits alongside paid premium versions. Superwhisper Pro is $8.49 per user each month; Willow Voice’s Team Pro and Individual Pro are $10 and $12 per user each month, respectively; and Wispr Flow Pro costs $12 per user each month. Enterprise pricing is not publicly available from these vendors.
Larger tech firms have also invested in AI-assisted voice functionality. Apple, for instance, recently announced AI-powered dictation for its revamped Siri AI assistant, while Google is building in similar functionality for the Gboard keyboard on Android devices. Google is also developing a standalone AI dictation tool – Edge Eloquent – although its approach differs from that of startups in the space because the tool is not available across separate applications.
Why use AI dictation?The key promise of AI dictation is that it can increase a knowledge worker’s words-per-minute (wpm) output versus typing.
According to Superwhisper, most office workers can knock out between 40 and 70 words a minute on a keyboard, though some can be much faster. (New York Times reporters vary from 36 to 134 wpm, according to a Times article earlier this year.) People talk much faster, at a rate of 160 to 180 wpm, and AI dictation app vendors promise low latency processing to turn speech into edited text (usually less than a second; some claim under 200 milliseconds).
It’s not just about speed: Willow Voice, for instance, claims its app is three times more accurate than dictation tools built into other applications.
The prospect of accelerating routine writing and communication tasks has obvious appeal, particularly as AI threatens to increase rather than reduce the burden on office workers. “We all feel like we’re working faster – we have to do more with less time,” said Bell.
“Employees are overloaded with communication work, and they’re spending huge amounts of time every day writing emails, messaging colleagues, using generative AI,” she said. “Voice tools are appealing because some feel they can do wor] faster. It reduces friction around all the tasks they’re being asked to do.”
The technology is potentially suited to a variety of jobs, said Cowan — not only those that require dictation — helping with tasks such as writing to-do lists and documents, or sending messages and emails.
Accessibility is important, too. “These dictation tools also mean that people who find it hard to type or cannot type now have much better apps to help them with writing,” said Cowan.
What’s holding the technology back?Despite these potential benefits, the idea of talking to a laptop or smartphone throughout the day might not be appealing for a lot of people, particularly those in a busy office.
“Some might find it embarrassing or uncomfortable, they’ll be worried about distracting colleagues or creating a disruption,” said Bell. “That’s still a major behavioral barrier that you have to overcome.
“The technology is ready, but maybe workplace etiquette and culture is not necessarily there yet,” she said.
Working remotely, Patalano said he and his team can side-step some of this awkwardness. But it still took time to adjust to voice inputs.
“Because we’re fully remote, we don’t have the challenge of everybody sitting side by side in an office talking into their computers, which would be more challenging, I suspect. But even getting comfortable with talking out loud alone in a room took a minute,” he said.
As with any AI tool, there’s also the question of accuracy.
Even if vendors promise a low error rate, LLM outputs can still have errors, requiring users to check the results. “They can still mis-recognize what’s being said,” said Cowan. Those in high-risk sectors such as healthcare still need to go through the AI-edited text and “double- and triple-check” the dictation.
This friction means extra steps for a user working with the technology.
It doesn’t take much to dissuade workers from adopting a new tool, said Jon Arnold, research analyst at J Arnold & Associates. “There’s definitely a lot of use cases where it would have a lot of value, but you’ve got to trust it — if it’s not giving what you think it will, you’re either going to fine tune it or go back to the keyboard and do it the old-fashioned way,” he said.
There are also privacy concerns. Because some tools send voice data to the cloud for processing, organizations in heavily regulated industries such as finance, healthcare and government might move cautiously.
Bell points to two types of privacy: social, such as “having colleagues overhear what you’re saying,” and digital privacy, which relates to who else can access the conversation data.
App providers take different approaches; some process voice data on device, others send it to the cloud. That’s an important distinction for organizations with strict data protection requirements, said Bell.
“Where’s the voice data processed? Where is it stored? How can it be accessed? Enterprises are very, very focused on governance and data security and data privacy,” she said.
Evan Yang Too soon to ditch the keyboard?Despite growing interest in the technology, it’s still unclear whether a large number of workers will choose talking over typing. And remains to be seen whether startups that offer a best-of-breed AI dictation app can gain traction, or fade if the technology simply becomes embedded within the software ecosystems of larger tech firms.
Workers are more familiar with voice technology, thanks to AI assistants in smartphones and smart speakers at home. That, said Bell, could improve the prospects of wider use in business settings.
“Voice interaction feels less niche than it did about five years ago,” she said. “Overall, the technology is improving quickly…, but how we’re really going to determine success is whether we can change human behavior.”
Arnold is bullish about the use of voice technology in the workplace: “Five or 10 years [from now], we won’t think twice about it. It’ll just be the norm.”
Bell is more cautious.She sees potential for AI dictation as a supplementary tool for communication-heavy work. “I don’t think it’s going to replace the keyboard, but I do think it could become a secondary interface,” she said.
Even Patalano doesn’t expect AI-assisted voice dictation to entirely replace typing “Your speaking voice and your written voice will always, to some degree, be different, and that’s okay: we should probably lean into that,” he said.
“I think there will always be a place for wordsmithing, crafting, writing – and the same with coding, too. There’s going to be lots of cases where every single word matters.”
He plans to continue using AI dictation, whether with Wispr Flow or other similar tools that might emerge in the future.
While a lack of accuracy slowed adoption in the past, continued advances could open the door to wider workplace uptake.
“When I try to use a voice tool and it misses even once, you kind of throw up your hands and walk away, because the cost of having to correct it is way more than the benefit of using it versus typing,” Patalano said. “But, especially with the improvements in LLMs and AI models generally, the accuracy of these is going to keep getting better and better.
“I’m already looking for more and more opportunities to use voice instead of having to type.”
Threat landscape for industrial automation systems. Q1 2026
The percentage of ICS computers on which malicious objects were blocked continued to decrease, reaching 19.6% in Q1 2026. This is the lowest value in three years, and it is 1.4 times lower than in Q2 2023.
Percentage of ICS computers on which malicious objects were blocked, Q2 2023–Q1 2026
Regionally, the percentages ranged from 9.1% in Northern Europe to 27.4% in Africa.
Regions ranked by percentage of attacked ICS computers
The percentage of ICS computers on which malicious objects were blocked increased in five regions over the quarter, most notably in Southern Europe, Northern Europe, and Russia.
In Q1 2026, Southern Europe led the way in growth for internet and email threats. The region also saw the fastest growth in spyware, as well as malicious scripts and phishing pages.
In Russia, the percentage of ICS computers on which malicious objects were blocked exceeded the figures for the previous two quarters. Russia saw an increase in the percentage for threats from the internet, and a slight increase in the figure for threats from email clients (Russia is one of three regions where this figure did not decrease).
Among the threat categories, the greatest increases were observed in the percentages for denylisted internet resources, as well as spyware (distributed in the region via the internet and email clients).
Selected industriesBiometric systems (26.4%) traditionally rank top among the industries and OT infrastructure types covered in this report in terms of the percentage of ICS computers on which malicious objects were blocked. These systems are characterized by internet access, extensive email use for data exchange and approvals (such as access granting), and, in many cases, minimal cybersecurity controls within the organizations that use these systems.
Industries ranked by the percentage of ICS computers on which malicious objects were blocked
Biometric systems rank first among industries in terms of email threats. At the same time, unlike other industries, the percentage for email threats in biometric systems exceeds that for internet threats.
In all selected industries, the global average follows a downward trend. In Q1 2026, the percentage of ICS computers on which malicious objects were blocked increased only in the manufacturing sector — by 1.0 pp. The percentages for this industry increased across 10 regions, with the most notable increases in Western Europe, Northern Europe, and Russia.
Threat categoriesIn Q1 2026, Kaspersky security solutions blocked malware from 10,052 different malware families of various categories on industrial automation systems.
Over the quarter, the percentage of ICS computers on which denylisted internet resources were blocked increased (after decreasing over the previous two quarters), and there was a slight increase in the percentage for AutoCAD malware.
Percentage of ICS computers on which the activity of malicious objects from various categories was prevented
Malicious scripts and phishing pages (JS and HTML)Malicious scripts and phishing pages retained their to spot among threat categories by the percentage of ICS computers on which these threats were blocked. The global average in Q1 2026 was 6.56%.
Over the quarter, the percentages increased in four regions. The most significant change was observed in Southern Europe (9.85%, +0.94 pp). The figures for malicious scripts in the region increased over three consecutive quarters.
Among the selected industries, across all regions, the highest percentages for the malicious scripts and phishing pages category were recorded for biometric systems (19.59%) and building automation (15.43%) in Southern Europe. These same industries lead in similar rankings for malicious documents and spyware.
SpywareThe percentage of ICS computers on which spyware was blocked decreased over two consecutive quarters, dropping to 3.73%. Despite the decline, spyware has ranked second among threat categories by the percentage of attacked computers for three consecutive quarters.
The percentages increased in five regions over the quarter, most notably in Southern Europe (5.46%, +0.35 pp) and Russia (2.84%, +0.24 pp).
In Southern Europe, the percentage of ICS computers on which spyware was blocked increased in all the selected industries except manufacturing. The greatest increase was observed in biometric systems.
Among the selected industries, the highest percentage of spyware in Russia was recorded in biometric systems. That said, the percentage of ICS computers on which spyware was blocked increased in all industries in the region except construction. The percentage figure has been increasing for two consecutive quarters in the oil and gas industry (by a factor of 1.63 over six months), and for three consecutive quarters in engineering and ICS integration, as well as electric power. In the remaining sectors, the values have been fluctuating.
Percentage of ICS computers on which spyware was blocked in various industries in Russia, Q3 2025–Q1 2026
Denylisted internet resourcesThe percentage of ICS computers on which denylisted internet resources were blocked increased to 3.54%.
The most notable increase over the quarter occurred in Southeast Asia (4.58%, +0.65 pp). Among the industries in the region, the highest percentage figures for this threat category were recorded in electric power and construction. Over the quarter, the largest increases in percentages figures were observed in the electric power and manufacturing industries.
In North America (Canada), denylisted internet resources (2.14%) showed the greatest increase among all categories — by a factor of 1.22.
Among the selected industries across all regions, the highest percentage figures for the denylisted internet resources category were in the electric power (7.11%) and construction (6.25%) industries in Southeast Asia.
Malicious documents (Microsoft Office + PDF)The percentage figure for this category decreased over two consecutive quarters, reaching its lowest value (1.56%) for the entire period of observations in Q1 2026. It increased just in two regions: Australia and New Zealand (1.12%, +0.04 pp), and Russia (0.62%, +0.01 pp).
Among the selected industries across all regions, the highest percentages for malicious documents were recorded for biometric systems (9.02%) and building automation (6.97%) in Southern Europe. These same industries also lead in similar rankings for malicious scripts and spyware.
RansomwareThe percentage of ICS computers on which ransomware was blocked has decreased for two consecutive quarters, dropping to 0.14%. This is the lowest value among all categories.
The percentage increased in two regions: North America (Canada) (0.11%, +0.04 pp) and slightly in Northern Europe (0.06%, +0.01 pp).
Among the selected industries across all regions, the highest percentages for ransomware were recorded in the oil and gas and manufacturing industries (0.92% and 0.65%, respectively) in Central Asia and the South Caucasus, and in biometric systems (0.89%) in Russia.
Miners in the form of executable files for WindowsThe percentage of ICS computers on which miners in the form of executable files for Windows were blocked decreased to 0.59%.
The percentage increased in seven regions. The largest increase was observed in Africa (0.63%, +0.16 pp). Among the selected industries, the largest increases in the region were in the manufacturing and oil and gas industries.
Among the selected industries across all regions, the highest percentages for miners in the form of executable files were recorded in construction (1.99%), biometric systems (1.98%), and the oil and gas industry (1.97%) in Central Asia and the South Caucasus.
Web minersThe percentage of ICS computers on which web miners were blocked has been declining for a year, and in Q1 2026, it reached the lowest value for the entire period under review (0.22%).
At the same time, the percentage increased in seven regions. The largest increases were observed in South Asia (0.28%, +0.11 pp), the Middle East (0.31%, +0.09 pp), and Africa (0.34%, +0.08 pp). Despite the increases, the percentages in these regions for Q1 2026 did not exceed those observed in 2023–2024 and in Q1 2025.
Among the selected industries across all regions, the highest percentages for web miners were recorded for biometric systems (0.97%) in Russia. Biometric systems in South Asia (0.79%) ranked second, and the electric power sector in Southeast Asia (0.76%) ranked third.
WormsThe percentage of ICS computers on which worms were blocked decreased to 1.33%.
The percentage decreased across all regions following an increase in the previous quarter (due to a wave of phishing attacks that distributed the Backdoor.MSIL.XWorm backdoor worm across all regions of the world).
Among the selected industries across all regions, the highest percentage figure for worms was recorded for biometric systems (4.80%) in Central Asia and the South Caucasus. Two industries in Africa – biometric systems (4.04%) and electric power (3.53%) – took the second and third spots, respectively.
VirusesThe percentage of ICS computers on which viruses were blocked decreased to 1.31%.
The top 3 regions by this figure remained the same: Southeast Asia (6.11%, first by a wide margin), Africa (4.15%), and East Asia (2.97%). These same regions are also among the leaders by the percentage of systems affected by AutoCAD malware. The largest increase in this figure was observed in Africa (+0.41 pp).
Among the selected industries across all regions, the highest percentages for viruses were recorded in the construction industry (6.35%) and building automation (5.50%) in Southeast Asia.
Malware for AutoCADThe percentage of ICS computers on which malware for AutoCAD was blocked increased to 0.30%.
The most notable increase over the quarter was observed in Africa, with the region’s percentage figure rising by 0.47 pp, a very significant increase for this category, and almost doubling (to 0.91%).
Among the selected industries across all regions, the highest percentages for AutoCAD malware were recorded in the construction industry in East Asia (5.58%) and Southeast Asia (3.87%).
Main threat sourcesIn Q1 2026, the average percentages across all threat sources, except threats from the internet, decreased globally.
Percentage of ICS computers on which malicious objects from various sources were blocked
InternetThe percentage of ICS computers on which threats from the internet were blocked increased to 7.88%. However, over the past three years, the percentage figure for internet threats has followed a downward trend.
The largest increases in the percentages were recorded in Southern Europe (8.59%, +0.59 pp), Southeast Asia (10.16%, +0.55 pp), and Northern Europe (4.47%, +0.51 pp).
Among the selected industries across all regions, the highest percentages for threats from the internet were recorded in electric power (13.16%) and construction (12.55%) in Southeast Asia, and in the engineering and ICS integration sector (12.33%) in South Asia.
Email clientsThe percentage of ICS computers on which threats delivered via email clients were blocked decreased to 2.59%. This is a three-year low.
The percentage of this threat source increased in three regions: Southern Europe (6.54%, +0.2 pp), East Asia (1.5%, +0.09 pp), and slightly in Russia (0.7%, +0.04 pp).
Among the selected industries across all regions, the highest percentages for email threats were recorded for biometric systems (19.78%) and building automation (12.34%) in Southern Europe. In these two industries, the percentage of ICS computers on which email threats are blocked is higher than the percentage for threats from the internet. A similar situation was observed in two other instances, both in biometric systems (in South America and Southeast Asia).
Removable mediaThe percentage of ICS computers on which threats were detected when connecting removable media continued to decrease, reaching its lowest value for the period under review (0.26%).
Among the selected industries across all regions, the highest percentages for removable media threats blocked on ICS computers were observed in the electric power sector in Central Asia and the South Caucasus (1.45%), East Asia (1.34%), and Africa (1.16%).
Network foldersThe percentage of ICS computers on which threats are blocked in network folders is steadily decreasing. In Q1 2026, it was the lowest for the period under review (0.029%).
East Asia has traditionally led by a wide margin. The percentage for East Asia (0.135%) is 27 times higher than the lowest regional value (recorded in Northern Europe).
The largest increases in the percentages for threats from network folders were observed in Africa (0.037%, +0.006 pp) and South America (0.013%, +0.006 pp).
Among the selected industries across all regions, the construction industry in East Asia, at 0.36%, holds the top positions in the ranking by the percentage of ICS computers on which threats are blocked in network folders.
For more information on industrial threats see the full version of the report.
Microsoft to enable Windows settings backup by default for orgs
Suspected China-Aligned Hackers Exploit Roundcube Flaws Against Universities
BeyondTrust warns of critical flaws in remote access software
Microsoft testing new Cloud Rebuild Windows 11 recovery feature
CERT/CC Warns of Hidden Admin Backdoor in Tenda Router Firmware
BeyondTrust Patches Critical Auth Bypass Flaws in Remote Support and PRA
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- …
- následující ›
- poslední »



