Zero trust is no longer a nice to have security architecture. It is the only credible way to respond to attacks that target trust in all its forms: users, authentication, vendors, infrastructure and more.

These sit in privileged network positions, are unavoidably exposed to hostiles, and make excellent pivot points for reconnaissance and lateral movement. At the same time, they are often significantly less visible in the traditional security stack, making compromise even more valuable to an attacker.

What really concerns me is not simply the volume, but where these zero days are landing. We are seeing a continued rise in zero days affecting exposed edge devices, especially networking and security appliances (~20% of the 2025 total).

Contractors? Have they not even *seen* Slow Horses?

Thank you!

Remember? It’s still happening.

Not sure if it’s a Xi-phoon or a Xi-clone though, difficult to tell them apart, they all rely on Xiploits.

I used to have the same problem back when I was doing PGP technical support, “I’ve lost my private key can you decrypt to my data for me?”

And possibly also because many (?) of them are eventually reunited with their owners.

Facetime and regular calls are about the only things that work in Lost Mode. No notifications, no apple pay and device is locked (duh).

You can “Mark as lost” using Find My, which disables it until found.