Cavern Manticore campaign targeting Israeli government and IT organizations
Campaign
Summary
Hide ▲
Show ▼
The Cavern Manticore campaign is targeting Israeli government and IT organizations since early 2026, increasing the risk of unauthorized access and data theft in sensitive networks. The operation uses abused RMM software, browser-based remote desktop tools, and malicious updates to gain footholds and move laterally. Researchers also found a previously undocumented modular .NET C2 framework that helps the group evade detection and maintain persistence.
Related Happenings
Silver Dragon intrusion and phishing campaign targeting Europe, Southeast Asia, and Uzbekistan
Campaign
H score36
First: 04.03.2026 10:14
Last: 04.03.2026 10:14
Sources 1
About this happening:
The **Silver Dragon** campaign is actively using **public-facing internet servers** and **phishing emails with malicious attachments** to gain initial access, expanding risk acros...
Silver Dragon intrusion and phishing campaign targeting Europe, Southeast Asia, and Uzbekistan
CampaignAbout this happening: The **Silver Dragon** campaign is actively using **public-facing internet servers** and **phishing emails with malicious attachments** to gain initial access, expanding risk acros...
Konni blockchain developer targeting campaign with AI-generated PowerShell malware
Campaign
H score33
First: 24.01.2026 17:23
Last: 24.01.2026 17:23
Sources 1
About this happening:
**Konni (Opal Sleet, TA406)** is running an **active campaign** that uses **AI-generated PowerShell malware** to target **developers and engineers in the blockchain sector**, with...
Konni blockchain developer targeting campaign with AI-generated PowerShell malware
CampaignAbout this happening: **Konni (Opal Sleet, TA406)** is running an **active campaign** that uses **AI-generated PowerShell malware** to target **developers and engineers in the blockchain sector**, with...
Ink Dragon European government relay-node campaign
Campaign
H score31
First: 17.12.2025 11:30
Last: 17.12.2025 11:30
Sources 1
About this happening:
A **China-linked** group is turning **misconfigured European government servers** into relay nodes to hide **cyber-espionage**, expanding the operational footprint and making dete...
Ink Dragon European government relay-node campaign
CampaignAbout this happening: A **China-linked** group is turning **misconfigured European government servers** into relay nodes to hide **cyber-espionage**, expanding the operational footprint and making dete...
Timeline
-
06.07.2026 19:00 2 articles · 3d ago
Check Point details Cavern Manticore campaign against Israeli government and IT organizations
Initial DisclosureCheck Point Research identified Cavern Manticore as a new Iranian government-linked threat group targeting Israeli government and IT organizations since early 2026, and described a previously undocumented modular .NET command-and-control framework used to support access, persistence, reconnaissance, data theft, tunnelling, and lateral movement. The researchers also linked the operation to abuse of existing remote monitoring and management (RMM) software, browser-based remote desktop tools, SysAid software updates, and attacker infrastructure including cac.aspx and hospitalinstallation[.]com.
Show sources
- New Iran-Nexus Hacking Group Targets Israel Government and IT Sectors — www.infosecurity-magazine.com — 06.07.2026 19:00
- New Iran-Nexus Hacking Group Targets Israel Government and IT Sectors — www.infosecurity-magazine.com — 06.07.2026 19:00