Yotam Gutman
19.5.2026
A CVSS 9.9 pre-authentication RCE in BeyondTrust Remote Support and Privileged Remote Access went from public PoC to active ransomware exploitation in 24 hours. The post explains why the architecture is the problem, not the patch cycle, and
13.5.2026
CISA's CI Fortify initiative treats isolation as a buildable capability. VPN, ZTNA, and PAM architectures satisfy it reactively. Fantom satisfies it by architecture. Here is the distinction that matters for procurement.
11.5.2026
Palo Alto has disclosed CVE-2026-0300, an unauthenticated buffer overflow in PAN-OS that allows root-level remote code execution. No patch until May 13. This is not a Palo Alto problem. It is a category problem.
07/05/2026
Fortinet SSL-VPN End of Engineering Support lands May 11. No more security patches. Here are the three migration paths and the one question you should ask before you pick one.
6.5.2026
An air gap means no network connection. Remote access requires one. Here is how hardware-enforced architecture resolves that contradiction without breaking the isolation, and why software cannot
4.5.2026
VPN creates a direct network path into environments built to be isolated. Here is what industrial remote access security actually requires - and why the architecture matters more than the configuration
29.4.2026
A stolen VPN credential was all it took to walk into an enterprise network. What came next included a Windows zero-day with no available patch, a persistent backdoor, and an open tunnel out.
26/04/2026
ChipSoft was hit by ransomware. 80% of Dutch hospitals went offline. The breach was ChipSoft's. The blast radius came from the VPN
23/4/2026
Iran-affiliated actors hit US PLCs without a zero-day. They needed exposure, legitimate tools, and open engineering paths. That is the real problem.
20.04.2026
CVE-2026-3055 leaks session tokens from Citrix NetScaler with no credentials. The patch closes the hole. The architecture remains the same.
15.4.2026
NIS2 is now enforced. The regulation mandates physical or cryptographic isolation for remote access. What this means for critical infrastructure.
13.4.2026
A global FortiGate campaign shows how generative AI and MCP orchestration are turning common security gaps into scalable, AI-native cyber attacks against internet-exposed devices.
09/04/2026
AI is rapidly transforming cybersecurity—often in favor of attackers. Project Glasswing highlights a new reality where AI-driven threats outpace traditional defenses.
06/04/2026
A sophisticated supply chain attack targeting Trivy, an open-source security scanner by Aqua Security, escalated into a global campaign compromising CI/CD pipelines, cloud credentials, and major private and public organizations
26.3.2026
Iranian cyber operations in 2026 are increasingly driven by exploitation of remote access technologies such as VPNs and RDP, enabling scalable attacks against critical infrastructure and enterprise environments.
24.3.2026
Anthropic’s Claude can now control your PC remotely. Read Zeroport's deep dive into the massive security risks, critical CVEs, and how hackers hijack AI agents
18.3.2026
Stop falling into the VPN trap. Discover how rogue and fake VPN clients subvert enterprise security by creating "invisible" backdoors into your network.
16.3.2026
Six years after the shift to remote work, the traditional corporate security perimeter has dissolved. Explore how legacy remote access tools like VPNs have become prime targets for attackers
12.3.2026
The Ivanti saga proves the "Trusted Perimeter" model is dead. Read our post-mortem on the systemic failures of traditional VPNs and discover how Zeroport’s non-IP secured remote connection offers a safer alternative to VPNs
9.3.2026
In late December 2025, A coordinated cyberattack targeted the Polish power grid, specifically focusing on Distributed Energy Resources. This blog and white paper explain the attack and subsequent shift in defence tactics.
Lavi Friedman
3/3/2026
AI agents are everywhere — from OpenClaw to ChatGPT — promising to manage your life locally while keeping your data safe. But look closer, and most of them still rely on a cloud “brain.” That means your sensitive data leaves your perimeter.
26.2.2026
Remote Access and Admin tools leave the door open for hacker to exploit your organization
Joseph Gertz
We are witnessing a fundamental re-mapping of the cybersecurity stack. Commercial AI is making once-essential security software redundant, but some solutions are more resilient than others.
Zeroport blog
14-01-2026
There comes a special moment in every startup life- the moment it emerges from stealth. Today- it’s Zeroport’s turn.
Yotam Gurtman
29-12-2025
Remote work has amplified insider threats by extending VPN-based access beyond the perimeter. When credentials become the only gate, disgruntled or compromised insiders can exfiltrate data at scale—turning trusted access into a breach path.
24-12-2025
Remote hiring has become a security boundary. North Korean IT workers exploit stolen identities, VPNs, and laptop farms to gain trusted access, steal data, and extort companies—turning VPN-based remote work into a scalable attack surface.
06-05-2026
Attackers no longer need to exploit VPN vulnerabilities. They buy credentials, log in, and blend in. This post breaks down how VPN credentials are stolen, sold, and used, and why standard defences are not enough.
16-12-2025
Water utilities are increasingly targeted through insecure remote access. Real-world attacks reveal how VPNs and remote tools expose OT systems, highlighting the need for hardware-enforced, non-IP protection.
25-11-2025
In 2025, VPNs became prime attack targets. While adoption surged, attackers shifted from exploiting VPN vulnerabilities to abusing stolen credentials at scale,turning remote access into a high-impact entry point for ransomware.
Empower global teams with secure, hardware-enforced remote access, no VPNs, no data exposure, no risk.
