A new Israeli startup, malanta.ai, recently uncovered a critical security vulnerability that allows remote access to the internal networks of hundreds of companies and essential infrastructure across Israel. The report was immediately forwarded to the Israel National Cyber Directorate, which mobilized resources and personnel to patch the flaw in dozens of organizations classified as critically exposed, all during the height of the country’s wartime efforts.
Thousands of Unsecured Devices
malanta.ai, which develops an AI-based solution for proactive security exposure detection, conducted a comprehensive scan of all IP addresses in Israel. The company identified around 600 devices, including routers, firewalls, processors, IoT equipment, and more, running outdated software with no security capabilities. The implication was alarming: unrestricted access from the public internet to internal organizational networks, with the potential to disable or seriously damage critical infrastructure.
In addition, the company's researchers uncovered 3,476 devices across 98 different organizations that were accessible using default passwords. The list includes a major financial institution, leading tech firms, internet service providers, energy companies, academic institutions, and other strategically important entities. The potential damage hostile attackers could have inflicted is difficult to overstate.
Dana Toren, head of the CERT division (Cyber Emergency Response Team) at the Israel National Cyber Directorate, emphasized the importance of collaboration with companies like malanta.ai, especially at a time when the Directorate is on the front line of a global wave of cyberattacks, particularly from Iran.
“Thanks to this close cooperation,” she said, “hundreds of critical exposures that posed a real threat to Israel’s cyber domain were identified in advance and swiftly and effectively addressed by the Cyber Directorate. The sharing of professional and reliable information between cyber entities is a cornerstone of national defense. When companies like malanta.ai choose to report and share their findings with the Israel National Cyber Directorate, they strengthen national resilience and help close security gaps that put us all at risk. This is the kind of collaboration that delivers real value and changes reality.”
A Ceasefire on the Ground, Not Online
According to Kobi Ben-Naim, co-founder and CEO of malanta.ai and formerly head of research and innovation at CyberArk, there is no room for doubt: “The ceasefire reached between Israel and Iran does not extend to cyberspace. It has become the primary focus of Iran and its proxies as they seek to gain an advantage over Israel by targeting its critical infrastructure.”
He explains, “The type of vulnerability we discovered is the holy grail for attackers. It offers a dominant position inside the target and a single point of access to the entire organizational network of companies and critical infrastructure.” The holy grail, if you will, only this time it drips malicious code instead of the blood of the Messiah.
Get the Ynetnews app on your smartphone: Google Play: https://bit.ly/4eJ37pE | Apple App Store: https://bit.ly/3ZL7iNv
Ben-Naim stresses that Israel’s adversaries are not resting for a moment. “At this time, the main objective of our enemies is to cause as much damage as possible. It’s important to understand that they are using advanced artificial intelligence capabilities that act as a force multiplier, enabling scanning, detection, and exploitation of vulnerabilities on a superhuman scale.”
It seems that even in war, those who fail to adapt technologically get left behind. “In response to the threat, we are developing AI agents that can scan massive amounts of infrastructure and data, think like hackers, and detect and block dangerous vulnerabilities in advance,” he concludes.
malanta.ai is focused on strengthening organizational networks and critical infrastructure against modern cyber threats. The company targets AI-driven attackers that rapidly collect, analyze, and exploit security vulnerabilities at unprecedented speed and scale.
To date, the company has raised approximately 8 million dollars from both local and international investors. Its AI-based platform provides proactive, continuous, and in-depth monitoring of large and complex IT and communication networks, identifying vulnerabilities before AI attackers can exploit them.
malanta.ai was founded by Kobi Ben-Naim, Yossi Dantes, Tal Kandel, and Guy Ben Arie, all former senior executives at CyberArk and longtime veterans of Israel’s cybersecurity industry. It seems they know a thing or two about how to lock the digital door.