TP-Link’s routers are being targeted globally by hackers, raising security fears. Founded in 1996 in Shenzhen, they’re a major network gear maker.
The FCC has updated its 'Covered List' to block new consumer routers produced outside the US, citing national security risks. Existing models remain usable, but future imports will require approval. The move aims to reduce vulnerabilities exploited by foreign actors, especially China-based manufacturers like TP-Link.
Since March 2026, Iran-linked hackers have targeted US critical infrastructure by compromising programmable logic controllers (PLCs) used in water, energy, and government sectors. The FBI, CISA, NSA, and others have issued urgent warnings about disruptions and financial losses. Separately, Russian APT28 has hijacked thousands of routers globally to intercept credentials, escalating cyber threats.
Researchers identified a campaign where Russian-backed group APT28 hijacked 18,000 to 40,000 consumer routers across 120 countries. The group exploited unpatched devices to spy, intercept credentials, and redirect traffic, raising concerns about widespread vulnerabilities and national security risks.