For the latest discoveries in cyber research for the week of 6th July, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES The International Criminal Court (ICC) disclosed a sophisticated cyber‐security incident in late June 2025, its second such event in recent years. The intrusion, which occurred in June 2025, was promptly detected and […]
The post 6th July – Threat Intelligence Report appeared first on Check Point Research.
For the latest discoveries in cyber research for the week of 29th June, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Grocery giant Ahold Delhaize has disclosed a data breach that resulted in the theft of personal, financial, employment, and health information belonging to over 2.2 million individuals from its American business systems. […]
The post 29th June – Threat Intelligence Report appeared first on Check Point Research.
Key findings Introduction For the last few years, Check Point Research has been monitoring the activity of the Iranian APT group, Educated Manticore. This group aligns with activity tracked by the wider security community as APT42, Charming Kitten, or Mint Sandstorm, and is believed to operate on behalf of the Islamic Revolutionary Guard Corps’ Intelligence […]
The post Iranian Educated Manticore Targets Leading Tech Academics appeared first on Check Point Research.
In this write-up we present a malware sample found in the wild that boasts a novel and unusual evasion mechanism — an attempted prompt injection (”Ignore all previous instructions…”) aimed to manipulate AI models processing the sample. The sample gives the impression of an isolated component or an experimental proof-of-concept, and we can only speculate […]
The post In the Wild: Malware Prototype with Embedded Prompt Injection appeared first on Check Point Research.
For the latest discoveries in cyber research for the week of 23rd June, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Scania, a Swedish manufacturer of heavy trucks and engines, has suffered a data breach that resulted in the theft of insurance claim documents from its Financial Services systems via compromised credentials of […]
The post 23rd June – Threat Intelligence Report appeared first on Check Point Research.
Research by: Jaromír Hořejší (@JaromirHorejsi), Antonis Terefos (@Tera0017) Key Points Introduction Minecraft is a popular video game with a massive global player base, with over 200 million monthly active players. The game has also sold over 300 million copies, making it one of the best-selling video games ever. Minecraft supports mods (user-created modifications), which enrich the […]
The post Fake Minecraft mods distributed by the Stargazers Ghost Network to steal gamers’ data appeared first on Check Point Research.
For the latest discoveries in cyber research for the week of 16th June, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES One of South Korea’s largest ticketing platforms Yes24 has been a victim of a ransomware attack that resulted in a four-day service outage, disrupting online bookings for concerts, e-book access, and community […]
The post 16th June – Threat Intelligence Report appeared first on Check Point Research.
Key Takeaways Introduction Discord is a heavily used, widely trusted platform favored by gamers, communities, businesses and others who need to connect securely and quickly. But what if your trusted platform unknowingly becomes a trap? Check Point Research uncovered a flaw in Discord’s invitation system which allows attackers to hijack expired or deleted invite links and secretly redirect unsuspecting […]
The post From Trust to Threat: Hijacked Discord Invites Used for Multi-Stage Malware Delivery appeared first on Check Point Research.
Notorious APT group, Stealth Falcon, attacks high-profile targets in the Middle East with a .url file that uses a LOLBin (Living off the Land Binary) to execute malware from an actor-controlled WebDAV server with a technique we named Remote Path Interception by Search Order Hijacking.
The post CVE-2025-33053, Stealth Falcon and Horus: A Saga of Middle Eastern Cyber Espionage appeared first on Check Point Research.
For the latest discoveries in cyber research for the week of 9th June, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES American tax company, Optima Tax Relief, has disclosed a ransomware attack that resulted in the theft of 69GB of sensitive data, including corporate records and customer case files containing personal information such […]
The post 9th June – Threat Intelligence Report appeared first on Check Point Research.
For the latest discoveries in cyber research for the week of 2nd June, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES IT management software company ConnectWise confirmed that a sophisticated nation-state cyberattack had compromised its environment, affecting a limited number of customers using its ScreenConnect remote access tool. The company launched a forensic […]
The post 2nd June – Threat Intelligence Report appeared first on Check Point Research.
For the latest discoveries in cyber research for the week of 26th May, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Cellcom, a Wisconsin-based wireless provider, has been impacted by a cyberattack that resulted in widespread outages of voice and SMS services beginning on May 14, 2025. The incident disrupted communication for customers […]
The post 26th May – Threat Intelligence Report appeared first on Check Point Research.
The post The Sting of Fake Kling: Facebook Malvertising Lures Victims to Fake AI Generation Website appeared first on Check Point Research.
For the latest discoveries in cyber research for the week of 19th May, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Fashion giant Dior confirmed a data breach that exposed customer information from its Fashion and Accessories line. The leaked data includes names, gender, phone numbers, email addresses, postal addresses, and purchase history […]
The post 19th May – Threat Intelligence Report appeared first on Check Point Research.
For the latest discoveries in cyber research for the week of 12th May, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES The UK’s Legal Aid Agency has suffered a cyberattack. The agency, which operates under the Ministry of Justice to provide billions in legal aid funding, has stated that financial information relating to […]
The post 12th May – Threat Intelligence Report appeared first on Check Point Research.
Key Takeaways Introduction In recent years, cryptocurrency scams have evolved into a highly organized business model known as “Drainer-as-a-Service.” Within this model, developers create specialized set of malicious scripts, smart contracts, and infrastructure enabling other cyber criminals to efficiently steal cryptocurrency from users’ wallets. Attackers simply need to set up a phishing website and embed […]
The post Inferno Drainer Reloaded: Deep Dive into the Return of the Most Sophisticated Crypto Drainer appeared first on Check Point Research.
For the latest discoveries in cyber research for the week of 5th May, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Three major UK retailers – Co-op, Harrods and Marks & Spencer (M&S) – were hit by cyberattacks that disrupted operations and compromised sensitive data. The attacks are believed linked to the Scattered […]
The post 5th May – Threat Intelligence Report appeared first on Check Point Research.
Artificial intelligence is rapidly reshaping the cyber security landscape—but how exactly is it being used, and what risks does it introduce? At Check Point Research, we set out to evaluate the current AI security environment by examining real-world threats, analyzing how researchers and attackers are leveraging AI, and assessing how today’s security tools are evolving […]
The post Exploring the State of AI in Cyber Security: Past, Present, and Future appeared first on Check Point Research.
For the latest discoveries in cyber research for the week of 28th April, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES British retailer Marks & Spencer (M&S) experienced a cyber-attack that caused disruptions to its online order system and in-store contactless payments. The company suspended online orders temporarily, refunded some customers, and reported […]
The post 28th April – Threat Intelligence Report appeared first on Check Point Research.
For the latest discoveries in cyber research for the week of 21st April, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Retail giant Ahold Delhaize has suffered a cyber-attack resulting in data theft of customer information from its US business systems. The attack, claimed by ransomware group INC Ransom, impacted Ahold Delhaize USA […]
The post 21st April – Threat Intelligence Report appeared first on Check Point Research.
