Hello. U.S. cybersecurity officials reiterated Tuesday that critical infrastructure companies should watch for potential cyberattacks from Iran and its proxies as conflict continues between the two countries.

Hackers linked to Iran continue to target industrial technology used in the U.S. energy grid, government services and other infrastructure, the Cybersecurity and Infrastructure Security Agency said in a joint alert with the Energy Department, Environmental Protection Agency, U.S. Cyber Command and other federal bodies.

Companies and municipalities that provide infrastructure services should review the tactics and methods associated with pro-Iran hacking groups, the alert said. In particular, they should shield programmable logic controllers from the public internet. 

"This advisory confirms what we've observed for months: Iran's cyber escalation follows a known playbook,” said Sergey Shykevich, threat intelligence group manager at cybersecurity company Check Point. “Organizations shouldn't treat this as a new threat, but as an accelerating one.”

More news below.

• Mythos has proved to be so capable at potentially dangerous things such as finding and exploiting software bugs that Anthropic has, at present, no plans to release it to the general public.
• Here's more from Anthropic about the project, which the company says "could reshape cybersecurity."

Massachusetts hospital diverts ambulances for a second day as it continues to respond to a cyberattack. Brockton Hospital, owned by Signature Healthcare, also canceled chemotherapy treatments and said its retail pharmacies aren't dispensing prescriptions. The hospital disclosed the attack Monday. 

Takedown: U.S. authorities stopped Russia's GRU Main Intelligence Directorate from using a network of corrupted home routers to hijack web domains, such as those used by Microsoft Outlook, the Justice Department said Tuesday. The GRU had taken over thousands of TP-Link routers worldwide since 2024.

• The Federal Bureau of Investigation was able to reset the compromised routers and collect digital evidence without disrupting home networks, the Justice Department said.

Mutual aid: Ten Japanese companies across industries plan to work together to share cyber intelligence and otherwise strengthen each other's corporate security. They include telecom firm NTT, food wholesaler Mitsubishi Shokuhin and beverage maker Asahi Group Japan, whose parent company was hit with a cyberattack last year that disrupted manufacturing. (Nippon.com)

The WSJ Pro Cybersecurity team is Deputy Bureau Chief Kim S. Nash and reporters Angus Loten and James Rundle. Follow us on X @WSJCyber. Reach the team by replying to any newsletter you receive or by emailing Kim at kim.nash@wsj.com.