Threat Research · CyberHawk Cyber Intelligence News

HIGH Full article 14 May 2026

Kimsuky targets organizations with PebbleDash-based tools

Kaspersky researchers analyze a range of new PebbleDash-based tools used in recent Kimsuky campaigns and reveal their connection to the AppleSeed malware cluste

Securelist (Kaspersky) Read →

CRITICAL Full article 13 May 2026

Thus Spoke…The Gentlemen

Key Points Introduction The Gentlemen ransomware‑as‑a‑service (RaaS) operation is a relatively new group that emerged around mid‑2025. Its operators advertise t

Check Point Research Read →

CRITICAL Full article 11 May 2026

The State of Ransomware – Q1 2026

Key Findings Ransomware in Q1 2026: Consolidation at Scale During the first quarter of 2026, we monitored more than 70 active data leak sites (DLS) that collect

Check Point Research Read →

CRITICAL Full article 28 Apr 2026

VECT: Ransomware by design, Wiper by accident

Key Takeaways Background VECT Ransomware is a Ransomware-as-a-Service (RaaS) program that made its first appearance in December 2025 on a Russian-language cyber

Check Point Research Read →

CRITICAL Full article 20 Apr 2026

DFIR Report – The Gentlemen & SystemBC: A Sneak Peek Behind the Proxy

Key Points The Gentlemen RaaS The Gentlemen ransomware‑as‑a‑service (RaaS) operation is a relatively new group that emerged around mid‑2025. The operators adver

Check Point Research Read →

LOW Full article 3d ago

Updating the taxonomy of failure modes in agentic AI systems: What a year of red teaming taught us

A surge in real-world attacks against agentic AI systems is reshaping how we think about risk. Based on 12 months of red teaming, this update introduces seven n

Microsoft Security Blog Read →

LOW Full article 5d ago

Microsoft Build 2026: Securing code, agents, and models across the development lifecycle

Discover how Microsoft enables fast, secure AI development with MDASH and new security capabilities. The post Microsoft Build 2026: Securing code, agents, and m

Microsoft Security Blog Read →

CRITICAL Full article 6d ago

1st June – Threat Intelligence Report

For the latest discoveries in cyber research for the week of 1st June, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Carnival Corpo

Check Point Research Read →

MEDIUM Full article 25 May 2026

25th May – Threat Intelligence Report

For the latest discoveries in cyber research for the week of 25th May, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES 7-Eleven, the

Check Point Research Read →

LOW Full article 18 May 2026

18th May – Threat Intelligence Report

For the latest discoveries in cyber research for the week of 18th May, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Vodafone, a ma

Check Point Research Read →

CRITICAL Full article 11 May 2026

11th May – Threat Intelligence Report

For the latest discoveries in cyber research for the week of 11th May, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Instructure, t

Check Point Research Read →

LOW Full article 4 May 2026

4th May – Threat Intelligence Report

For the latest discoveries in cyber research for the week of 4th May, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Medtronic, a gl

Check Point Research Read →

MEDIUM Full article 27 Apr 2026

27th April – Threat Intelligence Report

For the latest discoveries in cyber research for the week of 27th April, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Vercel, a fr

Check Point Research Read →

CRITICAL Full article 20 Apr 2026

20th April – Threat Intelligence Report

For the latest discoveries in cyber research for the week of 20th April, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Booking.com,

Check Point Research Read →

CRITICAL Full article 13 Apr 2026

13th April – Threat Intelligence Report

For the latest discoveries in cyber research for the week of 13th April, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES The Los Ange

Check Point Research Read →

CRITICAL 2d ago

Threat Brief: Active Exploitation of PAN-OS CVE-2026-0257

We include indicators of activity and mitigations for PAN-OS vulnerability CVE-2026-0257. The post Threat Brief: Active Exploitation of PAN-OS CVE-2026-0257 app

Palo Alto Unit42 Read →

HIGH 5d ago

The npm Threat Landscape: Attack Surface and Mitigations (Updated June 2)

Unit 42 analyzes npm supply chain evolution post-Shai Hulud. Discover wormable malware, CI/CD persistence, multi-stage attacks and more. The post The npm Threat

Palo Alto Unit42 Read →

HIGH 5d ago

Operation FlutterBridge: macOS Malvertising Campaign Spreads New FlutterShell Backdoor

Operation FlutterBridge is a malvertising campaign targeting macOS users. It distributed the new backdoor FlutterShell, built using the Flutter framework. The p

Palo Alto Unit42 Read →

CRITICAL 28 May 2026

2026 World Cup: Discussing The World’s Biggest Game’s Attack Surface

The 2026 World Cup presents major cyber risks from ransomware groups, state-aligned actors, and other groups targeting critical infrastructure. Learn more here.

Palo Alto Unit42 Read →

LOW 27 May 2026

Out of the Crypt: The Evolving Cyber Extortion Economy

Unit 42 explores trends in data theft and extortion, outlining key strategies for organizations as frontier AI models advance. The post Out of the Crypt: The Ev

Palo Alto Unit42 Read →

Get Deeper Threat Research Intelligence

The CyberHawk platform goes far beyond news. Scan indicators, track active campaigns, monitor infostealer feeds, and access a complete analyst toolkit — all free to join.

IOC Scanner — 3.6M+ indicators

Live IOC Feed — filterable threat data

Infostealer Intelligence — live cred logs

Live Threat Map — real-time attacks

MISP Threat Feeds — CIRCL, Feodo, more

GitHub Arsenal — security tools library

Security Blog — deep-dive research

Video Courses — training and education

SOPs — SecOps procedures

Analyst Library — references and toolkits