Iranian-linked hackers have targeted nearly 4,000 internet-exposed industrial devices in the US, focusing on programmable logic controllers (PLCs) manufactured by Rockwell Automation.
The attack surface encompasses critical infrastructure networks across the country. Programmable logic controllers are essential components in industrial automation systems, controlling machinery and processes in manufacturing, utilities, and other sectors.
Rockwell Automation is a major supplier of PLCs and industrial control systems used extensively in US infrastructure. The exposure of these devices suggests inadequate network segmentation or security configurations that leave critical equipment directly accessible from the internet.
Iranian state-sponsored cyber groups have previously targeted US infrastructure as part of broader geopolitical tensions. The discovery highlights ongoing vulnerabilities in industrial control systems, where legacy equipment often lacks modern security features.
Experts recommend air-gapping critical systems, implementing network segmentation, and deploying intrusion detection systems. Organizations operating PLCs should audit their network exposure and apply available security patches and updates from Rockwell Automation.
Federal investigators report that the Department of Government Efficiency (DOGE) deleted records that would have shown whether the agency accessed sensitive government systems. A government report claims DOGE did not access those systems.
Madison Square Garden kept a detailed database categorizing hundreds of celebrities, including LGBTQIA labels and risk assessments. The list tracked famous attendees and Taylor Swift's wedding guests.
Interpol and law enforcement agencies have arrested 5,811 suspects and seized $293 million across 97 countries in a coordinated operation targeting social engineering scams and fraud.