Contact us

Questions, corrections, partnerships, drop us a note.

TheStateOfIsrael.com

About this site

What you'll find

  • Live News Updates
  • Knowledge bases
  • Hebrew tutorials
  • Community features

Get in touch

Please reach out with any questions, comments, or corrections.

Iran-Linked Cavern Malware Targets Israeli IT and Government Sectors

Check Point Research reported that Cavern Manticore, an Iran-nexus actor linked to Tehran's Ministry of Intelligence and Security, has used a modular .NET command-and-control framework against Israeli organizations, especially IT providers and government-sector targets. The report says the operators abused trusted RMM and supplier relationships, including a SysAid software-update path that loaded a trojanized uxtheme.dll agent, to move from an IT provider toward higher-value victims. The Cavern modules support file and database browsing, Active Directory reconnaissance, network scanning, brute-force attempts and tunneling. Iran's campaign against Israel continues in cyberspace even between missile rounds, so the finding reinforces the need for hardened supplier access, monitored remote-management tools and disciplined Israeli cyber defense.

Sources

Primary:Updated as of July 7, 20261Secondary:Updated as of July 7, 20262345

Comments

Iran-Linked Cavern Malware Targets Israeli IT and Government Sectors

Contact us

Questions, corrections, partnerships, drop us a note.

TheStateOfIsrael.com

About this site

What you'll find

  • Live News Updates
  • Knowledge bases
  • Hebrew tutorials
  • Community features

Get in touch

Please reach out with any questions, comments, or corrections.

Something went wrong

We couldn't complete that action. Check your connection and try again.