Check Point Research @_CPResearch_
Fighting cyber threats one research at a time. News from Check Point’s (@checkpointSW) Research team. research.checkpoint.com The Internet Joined April 2018-
Tweets592
-
Followers25K
-
Following120
-
Likes379
Fake trust is attacker infrastructure: GitHub starts, YouTube views, news websites and even "safe" VirusTotal comments to sell legitimacy. research.checkpoint.com/2026/from-star……
Lookalike Ghidra, dnSpy, and other download sites turned trusted clicks into TDS redirects. CPR found click hijacking, gated routing, and multiple malware families downstream — including an evasive, previously undocumented framework we call SessionGate. research.checkpoint.com/2026/impersona……
Iranian threat actor #NimbusManticore rapidly developed its tooling, introducing the AI-assisted MiniFast backdoor and new delivery methods including trojanized software and SEO-poisoned sites. Read More --> research.checkpoint.com/2026/fast-and-…
"The Gentlemen" ran a tight RaaS operation. Then they got breached. CPR analyzed the full leak: org structure, access brokers, active CVEs, victim comms, and financials. Real operators, real tradecraft, fully exposed. research.checkpoint.com/2026/thus-spok…
VECT RaaS is making headlines via partnerships with BreachForums and TeamPCP. Behind the polished image is a weak operator: the ransomware is bug-ridden, poorly built, and most encrypted files aren’t fully recoverable, even with the decryption key. research.checkpoint.com/2026/vect-rans…
Rare glimpse behind the 2nd most dangerous RaaS for 2026, publicly claiming 225+ victims. CP<r> shares behind-the-scenes details that reveal the real number is potentially over 1,570 victims. research.checkpoint.com/2026/dfir-repo…
⚠️ Iranian APT conducts a wide M365 password spray campaign - focus on Israeli and UAE orgs 🌐TOR used to scan and spray, Israeli VPN infrastructure used for successful logins 🏙️ Israeli municipalities - key focus, likely for missiles BDA Read more : blog.checkpoint.com/research/iran-…
Operation TrueChaos Zero-day exploited in the wild by Chinese-nexus actor 💥 TrueConf client CVE-2026-3502 🌏 Southeast Asian government entities 🧰 Havoc C2, DLL sideloading, UAC bypass Read more : research.checkpoint.com/2026/operation…
One malicious prompt was enough. We found a way to turn ChatGPT into a covert data exfiltration channel. No warning. No approval. research.checkpoint.com/2026/chatgpt-d…
🎯Yesterday, “Handala Hack,” operated by MOIS-affiliated threat actor, expanded its disruptive operations into the US 👁️ After years of tracking its activity, we’re sharing the latest and most common TTPs of to this actor: Void Manticore Read More : research.checkpoint.com/2026/handala-h…
🦹Iranian actors are using ransomware affiliate programs, stealers, and MaaS to expand their reach and capabilities. 🔖Dive in to see how these threat actors leverage the cybercrime ecosystem to pursue strategic goals while complicating attribution: research.checkpoint.com/2026/iranian-m…
🚨ALERT🚨 Gulf countries, Cyprus & Israel - A massive wave of IP camera scanning and exploitation from Iran-linked infrastructure. ✅ Patch to the latest version 🔐 Enforce strong, unique passwords and restrict external access Read More : research.checkpoint.com/2026/interplay…
#SilverDragon is a new threat cluster with ties to #APT41. 🎯Activity across Asia & Europe, exploiting internet-facing servers and running targeted phishing. ☁️New .NET implants alongside Cobalt Strike and abuse of cloud services for C2. Read more -> research.checkpoint.com/2026/silver-dr…
📜🤫2025: The Untold Stories of Check Point Research Zero-days, wipers, election interference - much of what we uncover never makes it into public reports. From #APT36 to #MuddyWater, #COLDRIVER to #FlaxTyphoon, here's what we tracked across every region. research.checkpoint.com/2026/2025-the-…
AI tools are now part of the attack surface. CPR demonstrated “AI as a proxy”: Grok & Copilot can be steered to fetch attacker URLs and relay C2. Pair that with AI-driven malware, and you get prompt-powered implants that adapt at runtime. research.checkpoint.com/2026/ai-in-the…
In 2025, Amaranth-Dragon APT weaponized the popular WinRAR CVE-2025-8088 for targeted espionage across Southeast Asia. Custom loader, Telegram RAT, geofenced C2, and event-themed lures. research.checkpoint.com/2026/amaranth-…
Florian Roth ⚡️ @cyb3rops
221K Followers 3K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
blackorbird @blackorbird
42K Followers 702 Following Peace and Love. Just Analysis/Hunter/Youtuber/AiCoder/Entrepreneur/. #APT #threatIntelligence #Exploit #CTI #meme #cyber #hacker #OSINT #Ai Need Remote Job
Thomas Roccia 🤘 @fr0gger_
35K Followers 2K Following AI Security x Threat Intel · Threat Researcher · Creator of #Unprotect & #NOVA · Malware Warlock · Python 🧡 · Prev @Microsoft @McAfee_Labs
Ali Hadi | B!n@ry @binaryz0ne
35K Followers 569 Following DFIR and Adversary Simulation | All posts reflect the views and interests of the person behind this account only |
hasherezade @hasherezade
91K Followers 957 Following Programmer, #malware analyst. Author of #PEbear, #PEsieve, #TinyTracer. Private account. All opinions expressed here are mine only (not of my employer etc)
Karsten Hahn @struppigel
26K Followers 781 Following MalwareAnalysisForHedgehogs, Principal Malware Researcher at GDATA, he/him 🦔🌈🏳️⚧️
Jiří Vinopal @vinopaljiri
10K Followers 566 Following Threat Researcher at Check Point @_CPResearch_ All opinions expressed here are mine only. https://t.co/iWvwWF1AnN
Will @BushidoToken
38K Followers 3K Following Senior Threat Intel Advisor @TeamCymru Co-founder @CuratedIntel Co-author @SANSForensics FOR589 Co-founder @BSidesBournemth @darknetdiaries #126: REvil
Blue Team News @blueteamsec1
56K Followers 9K Following The cybersecurity home for the latest #BlueTeam, #DFIR, and #ThreatHunting news and tools.
Stephan Berger @malmoeb
29K Followers 1K Following Head of Investigations @InfoGuardAG https://t.co/A5lnFAu7eX
Matthew @embee_research
14K Followers 2K Following Security Researcher, Creating and Sharing Educational Content.
Clandestine @akaclandestine
61K Followers 5K Following | Security | Osint | Threat Research | Opsec | Threat Intelligence | Infosec | Threat Hunting | Humint |
James @James_inthe_box
22K Followers 466 Following
Adam Chester 🏴�... @_xpn_
39K Followers 545 Following Hacker for Hire at @SpecterOps | Blog at https://t.co/tjfTOlmau2 | Insta at https://t.co/PqR6CZQ48T
an0n @an0n_r0
14K Followers 732 Following CRT(E|O|L) | OSCP | @RingZer0_CTF 1st (for 2yrs) | HackTheBox Top10 | RPISEC MBE | Flare-On completer | GoogleCTF writeup winner | SSD research | Math MSc |🇭🇺
Mike Felch (Stay Read... @ustayready
17K Followers 2K Following Offensive @ TrustedSec | Hacking since Renegade BBS backdoors | Prior CrowdStrike/BHIS | In Christ's grip | Fighter for truth | K1HAQ
mgeeky | Mariusz Bana... @mariuszbit
15K Followers 960 Following 🔴 Offensive Security Developer @ Outflank, Red Team operator, ex-AV dev, ex- malware researcher 🫖 Green tea lover
ϻг_ϻε @steventseeley
23K Followers 558 Following Artist disguised as a logician. Pwn2Own Winner. Spiritual Alchemy. An adept in the making.
筱花 @lf7BjCzmXbcF6es
0 Followers 28 Following
Moundy @xxmoundyx
0 Followers 61 Following
Dinos @DFaggico78423
0 Followers 172 Following
Binanio @b1n4n1o
0 Followers 214 Following
Thanh @NguyenThanh2k2
0 Followers 17 Following
Roey Bartov @BartovRoey
0 Followers 64 Following
John Miller @JohnMiller1z
0 Followers 67 Following
back @backfree20
0 Followers 14 Following
Ali Jutt @AMuhammad95579
0 Followers 84 Following
Adam Voros @AdamVoros143619
0 Followers 19 Following
Phương Mai @pmai127
0 Followers 66 Following
snufkin @snufkin959744
1 Followers 127 Following
Gh0stM3rc @Gh0stM3rc
8 Followers 534 Following
Packet Ninjas @packetninjas
824 Followers 388 Following We break into things. Legally. Penetration testing, continuous security validation, and the hard truths your risk register isn't telling you. https://t.co/L9FJ0dpyrp
MalwareObserver @MalwareObserver
4 Followers 56 Following 🔍 The eye on cyber threats. Aggregating malware campaigns, vulnerability disclosures, threat intel, breach reports, and security research. Signal. Not noise.
Adonijah Ilunga @AdoniEzranRobin
18 Followers 1K Following Software engineer, tech innovator, Visionary, entrepreneur, philanthropist and full stack developer and soon to be CEO at JengaNova Technologies Incorporated.
Halit Alptekin @crimedisruptor
82 Followers 448 Following Final Boss of the Threat Actors • Cybercrime Disruptor • Heir of the Akindji • Silent in noise, lethal in shadow.
Pritu @iPr1tu
71 Followers 4K Following
Matei Viorel @Matviorel
1 Followers 120 Following
Alejandro Toledo @AlejandroT8476
14 Followers 457 Following
Micaela Niemi @micaela_niemi
17 Followers 215 Following
0xCisco @Cisco0x
1 Followers 56 Following
Yoke “fairytale” ... @new_yoke92054
0 Followers 105 Following
Alberico Ciriello @Alber_Cir
1 Followers 63 Following
Martynas @Prancing2922
1 Followers 171 Following
Eslam Badr @EslamBadr197909
1 Followers 33 Following
Satoshi Koido @KoidoSatoshi
14 Followers 146 Following
株式会社アドホ... @dceM4uBv9G37698
161 Followers 433 Following 私は大阪に住んでますから会うことは出来るのかは分からないけど経営者だから暇は有るけどね~(笑)
ECHO @_E_nn_
45 Followers 1K Following
Shehab Anwer, MD @ShehabAnwer
2K Followers 2K Following MD Cardiology A wayfarer: across #cardiology, #art & #technology! ✒️Digital Media Editor #EHJIMP #EACVI @ESC_Journals ✒️Social Media Editor @IJCVImaging #IJCVI
Volkan Yaman @yaman_volki
0 Followers 100 Following 🌏🇹🇷💛💙🤸♂️🥈🪂⛷️🤿🧗♂️🎸 Dalını kıranın ağacını kökünden sökeceksin.
congcat @congcatpertamax
0 Followers 72 Following
tomer @tomer4824
1 Followers 52 Following
rosie @rosie0189125909
1 Followers 247 Following
alfred @alfred9_
1 Followers 250 Following
Matthew @mmatthew2x
1 Followers 102 Following
Florian Roth ⚡️ @cyb3rops
221K Followers 3K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
hasherezade @hasherezade
91K Followers 957 Following Programmer, #malware analyst. Author of #PEbear, #PEsieve, #TinyTracer. Private account. All opinions expressed here are mine only (not of my employer etc)
Jiří Vinopal @vinopaljiri
10K Followers 566 Following Threat Researcher at Check Point @_CPResearch_ All opinions expressed here are mine only. https://t.co/iWvwWF1AnN
Will @BushidoToken
38K Followers 3K Following Senior Threat Intel Advisor @TeamCymru Co-founder @CuratedIntel Co-author @SANSForensics FOR589 Co-founder @BSidesBournemth @darknetdiaries #126: REvil
James @James_inthe_box
22K Followers 466 Following
JAMESWT @JAMESWT_WT
37K Followers 545 Following #Independent #Malware #Hunter #CyberSecurity #InfoSec https://t.co/KCFBJcHHcW https://t.co/WODUKncjFy
0verfl0w @0verfl0w_
16K Followers 257 Following Malware Reverse Engineer & Malware Analysis Course Author | RE @ Unit 42
CISA Cyber @CISACyber
299K Followers 73 Following Part of @CISAgov, we respond to major incidents, analyze threats, and exchange critical cybersecurity information with partners around the world.
Righard Zwienenberg @RighardZw
839 Followers 119 Following Currently: Senior Research Fellow at ESET, Public International Speaker, Advisory Group Member of Europol EC3
EXPMON @EXPMON_
2K Followers 86 Following Advanced sandbox-based system specifically designed and built for detecting file-based zero-day and hard-to-detect exploits. By @HaifeiLi.
Smadj @elismadja
57 Followers 185 Following
Jenna McLaughlin @JennaMC_Laugh
35K Followers 4K Following @NPR cybersecurity correspondent. I don't regularly use this account.
RedDrip Team @RedDrip7
17K Followers 29 Following Technical Twitter of QiAnXin Technology, leading Chinese security vendor. It is operated by RedDrip Team which focuses on malware, APT and threat intelligence.
Ronen Bergman @ronenbergman
70K Followers 2K Following The New York Times, Yedioth Ahronoth, Author of “Rise and Kill First", a Mossad History.
Patrick Beuth @PatrickBeuth
6K Followers 1K Following Team lead @SPIEGEL_Netz [email protected] https://t.co/hjLhnHXEUx
Boris Larin @oct0xor
19K Followers 704 Following Former console hacker (PS3/PS4). Hunting in the wild 0-days at Kaspersky GReAT. All tweets are my own.
Andy Greenberg (@agre... @a_greenberg
72K Followers 1K Following WIRED writer, author of SANDWORM and now TRACERS IN THE DARK: The Global Hunt for the Crime Lords of Cryptocurrency. Andy.01 on Signal. [email protected]
sagitz @sagitz_
8K Followers 890 Following Cloud Security Researcher at @wiz_io • Microsoft Most Valuable Researcher 21/22/23 • Black Hat Speaker • Ask me anything about https://t.co/57lyhfcUee
Gal Elbaz @GalElbaz1
502 Followers 577 Following Co-founder & CTO @ Oligo Security (@OligoSecurity) Security vulnerability researcher at Check Point (@_CPResearch_).
Alex Ilgayev @_alex_il_
599 Followers 551 Following Security Researcher @CycodeHQ | Former Malware Researcher at @_CPResearch_ | Reversing, CTFs and other naughty stuff.
Gili Yankovitch @GiliYankovitch
132 Followers 151 Following Embedded Security Expert 💻, Entrepreneur 👨💼, Maker 🔧, D&D DM 🐲, Hacker 👨💻, Learner 📖
TrendAI™ Research @trendai_RSRCH
52K Followers 358 Following Security research, news, and information direct from @trendaisecurity
PhishingReel 🎣 @phishingreel
671 Followers 43 Following 👋🤖 An in-development bot which analyses emerging phishing threats. 🔴 OFFLINE (for now) Made by @sysgoblin now actively maintained by @thumbscrw
J. A. Guerrero-Saade @juanandres_gs
16K Followers 445 Following VP Intelligence & Sr Technical Fellow (AI Research) @ SentinelOne | Distinguished Fellow @SAISHopkins Alperovitch | https://t.co/9Mj3l5xmcW | Three Buddy Problem
SwiftOnSecurity @SwiftOnSecurity
411K Followers 9K Following computer security person. former helpdesk.
Catalin Cimpanu @campuscodi
106K Followers 2K Following Cybersecurity reporter. I'm mostly active on BlueSky and Mastodon.
Dew Steel @dew_steel
8 Followers 416 Following
Adam Donenfeld @doadam
11K Followers 344 Following iOS security, politics, tech and traveling. Not really on social media anymore.
Bart @bartblaze
14K Followers 654 Following Threat Intel and more. Opinions are my own, unless retweeted. Open DMs.
Yoav Arad Pinkas @arad_yoav
23 Followers 26 Following
thaddeus e. grugq @thegrugq
128K Followers 420 Following Hacker :: PhD researcher @warstudies @KingsCollegeLon :: [email protected] :: PGP https://t.co/dYipV8y3bo
Irina Shalem @IrinaShalem
10 Followers 68 Following
Yonatan Porat @YonatanPorat
25 Followers 99 Following
Inbar Raz @inbarraz
3K Followers 802 Following Hacker of Things. Research at @zenitysec. Co-organizer of Geekcon, @BSidesTLV, @dc9723. Opinions are mine.
Vitaly Kamluk @vkamluk
4K Followers 461 Following POP, NOP and ROP walk into a bar. Follow me on Mastodon: https://t.co/sKz7VC2unX
Costin Raiu @craiu
39K Followers 8K Following Cybersecurity researcher focused on threat intel & APTs. Breaking down attacks, hunting threats, and crafting YARA rules. Buddy @ Three Buddy Problem
Yellow Jinjy @omer_shliva
103 Followers 132 Following אוהד מכבי תל-אביב בכל ענפי הספורט, אבל מנוי לשער 11. חובב NBA מושבע ומבשל נהדר.
Tamir Bahar @tmr232
1K Followers 1K Following No longer active here. Leaving this on as a redirect. @[email protected] | He/Him
Gal Z @0xgalz
6K Followers 441 Following Security Researcher. Reverse Engineering 💙 Vulnerability Research 💜 Embedded 🤖 C++🤩 OS Internals 🤍 Sewing🧵 Classical Music🎼 Opinions are my own.
Amit Serper @0xAmit
24K Followers 892 Following Hacker, (in)security researcher, musician,Politics nerd. Not necessarily in that order.▪️ Security Research Lead @Crowdstrike. Mostly on Mastodon
Lawrence Abrams @LawrenceAbrams
18K Followers 834 Following Ransomware, Online Security, and Malware. Owner, Editor in Chief of @bleepincomputer. DM on Signal: LawrenceA.11 * https://t.co/LXVRoICs8Z
qerter @qerter
27 Followers 158 FollowingYou might like
