Check Point Research Latest Research by our Team
- AI Security Report 2026by matthewsu on July 14, 2026 at 12:51 am
For years, the cyberâŻsecurity industry tracked AI as a force multiplier: something that made existing attack techniques faster, cheaper, and more accessible. That framing wasâŻaccurate.âŻBut theâŻAnnualâŻAI Security Report 2026 from Check Point Research documents a transition that goes further.âŻAI has crossed from assistant to operator. Where it once helped attackers prepare, it now runs the The post AI Security Report 2026 appeared first on Check Point Research.
- 13th July â Threat Intelligence Reportby urias on July 13, 2026 at 1:06 pm
For the latest discoveries in cyber research for the week of 13th July, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES U.S. auto insurer AssuranceAmerica has disclosed a data breach affecting approximately 7 million people. Attackers targeted an employee and used compromised credentials to access company systems, stealing names, contact information, driverâs license The post 13th July â Threat Intelligence Report appeared first on Check Point Research.
- Cavern Manticore: Exposing Iran-Linked Modular C2 Frameworkby stcpresearch on July 6, 2026 at 12:25 pm
Key Points Introduction Since early 2026, Check Point Research (CPR) has tracked a new modular command-and-control framework used by Cavern Manticore, an Iran-nexus APT group primarily targeting Israeli organizations, with a focus on IT providers, and government sectors. Cavern Manticore is an Iran MOIS (Ministry of Intelligence and Security)-linked actor, with links to the OilRig The post Cavern Manticore: Exposing Iran-Linked Modular C2 Framework appeared first on Check Point Research.
- 6th July â Threat Intelligence Reportby urias on July 6, 2026 at 12:01 pm
For the latest discoveries in cyber research for the week of 6th July, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES River Bank & Trust, a US financial institution, has experienced a ransomware incident after an unauthorized actor accessed the network of parent company River Financial Corporation on June 16. The bank found The post 6th July â Threat Intelligence Report appeared first on Check Point Research.
- 22nd June â Threat Intelligence Reportby urias on July 1, 2026 at 11:29 am
For the latest discoveries in cyber research for the week of 22nd June, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Texas Parks and Wildlife Department has been affected by a third-party data breach involving its license system vendor. The incident exposed driverâs license information, passport numbers, emails, phone numbers, and residential addresses for The post 22nd June â Threat Intelligence Report appeared first on Check Point Research.
- Browser-Only Ransomware: From LLM Hallucinations to a Practical Attack Techniqueby stcpresearch on July 1, 2026 at 10:05 am
Research by:Â Alexey Bukhteyev Key Takeaways Introduction Over the past several years, large language models have reshaped software development, and malware development has followed the same path. Check Point Research has documented this trend from early experiments showing that AI systems could generate offensive components, to cases of cybercriminals using ChatGPT to create malicious tools, and The post Browser-Only Ransomware: From LLM Hallucinations to a Practical Attack Technique appeared first on Check Point Research.
- 29th June â Threat Intelligence Reportby urias on June 29, 2026 at 2:06 pm
For the latest discoveries in cyber research for the week of 29th June, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Polymarket, a large cryptocurrency-based prediction market, has confirmed a supply chain attack after a third-party frontend vendor breach led to malicious JavaScript being injected into its website. Attackers tricked users into approving fraudulent The post 29th June â Threat Intelligence Report appeared first on Check Point Research.
- From Stars to Upvotes: Fake Reputation Fueling a Crypto Clipboard Hijackerby stcpresearch on June 17, 2026 at 1:38 pm
Key Points Introduction In this research, we analyze a clipboard hijacker campaign that is hidden inside a collection of âsolutionsâ and âtoolsâ that claim to give users an unfair advantage. These offers include Solana and Pump.fun sniper bots (automated tools that try to buy new tokens or meme coins faster than other traders), Aviator Predictor The post From Stars to Upvotes: Fake Reputation Fueling a Crypto Clipboard Hijacker appeared first on Check Point Research.
- 15th June â Threat Intelligence Reportby urias on June 15, 2026 at 1:40 pm
For the latest discoveries in cyber research for the week of 15th June, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES The University of Nottingham, a UK research university, has suffered a data breach after ShinyHunters accessed its student records system. The incident affected about 454,600 current and former students and exposed contact details, The post 15th June â Threat Intelligence Report appeared first on Check Point Research.
- From SQLi to RCE â Exploiting LangGraphâs Checkpointerby stcpresearch on June 11, 2026 at 1:37 pm
By Yarden Porat AI agents need memory. Frameworks like LangGraph provide it through checkpointers â persistence layers that store execution state. But what happens when that persistence layer isnât locked down? Key Points Background LangGraph is an open-source framework for building stateful, multi-agent AI systems with built-in persistence. Itâs an extension of LangChain, with over The post From SQLi to RCE â Exploiting LangGraphâs Checkpointer appeared first on Check Point Research.
- 8th June â Threat Intelligence Reportby urias on June 8, 2026 at 2:47 pm
For the latest discoveries in cyber research for the week of 8th June, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES DentaQuest, a U.S. dental benefits administrator owned by Sun Life, has suffered a data breach after threat group ShinyHunters leaked exfiltrated data. Analysts assessed that 2.6 million accounts were exposed, including names, emails, The post 8th June â Threat Intelligence Report appeared first on Check Point Research.
- Impersonation, Click Hijacking, and TDS: Inside a Malware Distribution Ecosystemby stcpresearch on June 3, 2026 at 1:21 pm
Research by:Â Alexey Bukhteyev Key Takeaways Introduction When we search Google for a popular piece of software, we usually click the first result, sometimes without even looking at the rest, because official project sites tend to rank highest and appear near the top of the results. After landing on a site with a professional design and The post Impersonation, Click Hijacking, and TDS: Inside a Malware Distribution Ecosystem appeared first on Check Point Research.
- 1st June â Threat Intelligence Reportby urias on June 1, 2026 at 2:43 pm
For the latest discoveries in cyber research for the week of 1st June, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Carnival Corporation, a global cruise line operator, has confirmed a data breach affecting nearly 6 million people after attackers used social engineering to compromise an employee account. Exposed information may include names, contact The post 1st June â Threat Intelligence Report appeared first on Check Point Research.













