A look at PolarEdge Adjacent Infrastructure

Censys ARC published a correction to prior PolarEdge research: the TLS certificate previously associated with PolarEdge also exists in older Mbed TLS (PolarSSL) releases, reducing confidence that the RPX server analyzed is uniquely tied to the actor. The team concludes the actor likely leverages known, exposed certificates to avoid unique fingerprints and that the RPX host was probably attacker infrastructure or a relay; the update emphasizes transparency and reproducibility in their reporting.