-
Educated Manticore Reemerges: Iranian Spear-Phishing Campaign Targeting High-Profile Figures
Amid growing warnings from agencies like the FBI and DHS about Iranian cyber activity, Check Point Research is sharing fresh, real-world examples from the past few days to shed light on how these threats are playing out in practice. We’ve identified the reemergence of an active, global spear-phishing campaign attributed to the Iranian threat actor…
-
PDFguard: AI Engine Against Growing Threats in PDFs
In recent years, PDFs emerged as a primary vector for attack chains, with threat actors exploiting their ubiquity and complexity to deliver malware through sophisticated social engineering tactics. Recognizing this escalating threat, Check Point introduces PDFguard, an advanced AI engine designed to prevent malicious PDFs that employ deceptive tactics. Impressively, PDFguard has identified 25% more…
-
Defeating PumaBot: How Check Point Quantum IoT Protect Nano Agent Shields Surveillance Devices
The threat at a glance Darktrace researchers have identified PumaBot, a Go-based Linux botnet that focuses on embedded surveillance cameras and other IoT devices.Unlike spray-and-pray botnets that scan the whole internet, PumaBot pulls a curated IP list from its C2 and then brute-forces SSH logins on port 22 until it gets a shell. Once in,…
-
The illusion of control: Can we ever fully secure autonomous industrial systems?
In the rapidly evolving world of industrial IoT (IIoT), the integration of AI-driven decision-making into operational technology (OT) systems has created the impression of tighter control, smarter response times and predictive efficiency. This feeling of having control might actually be a risky illusion. Autonomous systems are now responsible for critical infrastructure: smart grids, manufacturing lines…
-
Third-Party Access: The Cyber Risk Manufacturers Can’t Afford to Ignore
Nearly 20% of all data breaches in recent years involved a third-party vendor, and they weren’t minor. According to IBM’s Cost of a Data Breach Report, breaches tied to third-party access took an average of 26 days longer to identify and cost more than those that didn’t – $4.46 million per incident compared to the…
-
The Hidden AI Threat to Your Software Supply Chain
AI-powered coding assistants like GitHub’s Copilot, Cursor AI and ChatGPT have swiftly transitioned from intriguing gadgets to indispensable sidekicks for modern developers. A recent survey by Stack Overflow revealed that over 76% of developers now rely on these assistants, with more than 80% reporting significant productivity improvements by using AI code generators & augmented code…
-
Minecraft Players Targeted in Sophisticated Malware Campaign
Malicious Minecraft Mods Discovered: Check Point Research (CPR) uncovered a multistage malware campaign in which the malware itself was embedded within fake Minecraft mods, shared on GitHub to specifically target active players. Three-Stage Infection Chain: The attack involves a Java downloader, a second-stage stealer, and a final advanced stealer that harvests passwords, crypto wallets, and…
-
DMV-Themed Phishing Campaign Targeting U.S. Citizens
In May 2025, a sophisticated phishing campaign emerged, impersonating several U.S. state Departments of Motor Vehicles (DMVs). This campaign leveraged widespread SMS phishing (smishing) and deceptive web infrastructure to harvest personal and financial data from unsuspecting citizens. Victims received alarming messages concerning unpaid toll violations and were directed to fake DMV websites that prompted them…
-
A bit more on Twitter/X’s new encrypted messaging
Update 6/10: Based on a short conversation with an engineering lead at X, some of the devices used at X are claimed to be using HSMs. See more further below. Matthew Garrett has a nice post about Twitter (uh, X)’s new end-to-end encryption messaging protocol, which is now called XChat. The TL;DR of Matthew’s post…
-
The 16 Billion Passwords Panic: What Really Happened and Why It Matters (Or Doesn’t)
In June 2025, headlines shouted that 16 billion passwords had leaked. Major outlets warned that credentials for Apple, Google, and other platforms were now exposed. As expected, this triggered a wave of public anxiety and standard advice: change your passwords immediately. Upon closer examination, however, technical sources clarified the situation. This was not a new…