Iranian-linked hacking groups are actively targeting critical infrastructure in the United States, specifically focusing on programmable logic controllers, which are crucial components in various sectors. This targeted campaign has prompted warnings from agencies, highlighting the potential risks to national security and public safety. The groups' tactics and techniques are designed to exploit vulnerabilities in these controllers, potentially allowing them to disrupt or manipulate critical systems. The targeting of programmable logic controllers is particularly concerning, as these devices are often used in industries such as energy, transportation, and healthcare, where disruption could have severe consequences. According to reports, policy developments related to Iran are creating new compliance challenges for technology organizations1. The warnings serve as a reminder of the ongoing threats posed by nation-state actors and the need for organizations to remain vigilant in protecting their systems and infrastructure. This heightened threat environment matters to practitioners, as it underscores the importance of proactive measures to secure critical infrastructure against sophisticated cyber threats.