Nearly 4,000 industrial devices in the US are vulnerable to cyberattacks from Iranian-linked hackers, primarily due to exposed programmable logic controllers (PLCs) from Rockwell Automation. These devices, used in critical infrastructure networks, pose a significant risk as they can be easily accessed and exploited by malicious actors. The targeted attack surface is substantial, with thousands of devices potentially compromised. The vulnerability of these devices underscores the need for enhanced security measures to protect critical infrastructure from state-sponsored cyber threats. Iranian-linked hackers have been known to target US critical infrastructure, and this latest development highlights the ongoing threat. The exposure of these devices is particularly concerning, as it could allow attackers to disrupt or manipulate industrial processes, potentially causing significant damage. This vulnerability matters to security practitioners because it highlights the need for proactive measures to secure critical infrastructure against nation-state threats1.