ALL POSTS

Key Findings Censys identified 5,219 internet-exposed Rockwell Automation PLCs globally, with 74.6% located in the United States Iranian-linked APT groups have been actively targeting these devices since March 2026, causing operational disruptions and financial losses Approximately 3,891 exposed U.S. devices are concentrated on cellular networks, indicating field-deployed infrastructure at utilities and substations Most vulnerable devices run outdated firmware from the MicroL

Key Findings Iran-affiliated cyber actors are actively targeting internet-exposed programmable logic controllers (PLCs) across U.S. critical infrastructure sectors including government, water systems, and energy Attacks have caused diminished PLC functionality, manipulated display data, operational disruption, and financial losses Threat actors are exploiting Rockwell Automation and Allen-Bradley PLCs, specifically CompactLogix and Micro850 devices Initial access is gained th

Key Findings FCC bans all new foreign-made consumer routers from U.S. market effective immediately unless granted Conditional Approval by DoD or DHS Foreign routers pose unacceptable supply chain vulnerabilities and severe cybersecurity risks to critical infrastructure and American citizens Chinese state-sponsored actors including Volt Typhoon, Flax Typhoon, and Salt Typhoon have exploited compromised foreign routers to target U.S. critical infrastructure Ban applies only to