VYPR
advisoryPublished Jul 13, 2026· 1 source

Check Point Research Weekly Bulletin Details Major Breaches, AI-Driven Attacks, and Critical Vulnerabilities

Check Point Research's latest threat intelligence report covers a wide array of cyber incidents, including a massive data breach at AssuranceAmerica, ransomware attacks, supply chain compromises, and novel AI-powered threats.

Check Point Research has released its weekly threat intelligence bulletin, detailing a diverse range of cyber incidents that occurred during the week of July 13th. The report highlights significant data breaches, sophisticated ransomware operations, and emerging threats leveraging artificial intelligence.

In the realm of data breaches, U.S. auto insurer AssuranceAmerica disclosed an incident affecting approximately 7 million individuals. Attackers gained access to company systems using compromised credentials, exfiltrating sensitive data such as names, contact information, driver's license numbers, insurance policy details, and vehicle information. Similarly, Latvia's state-owned forestry company, Latvijas Valsts Meži, fell victim to a ransomware attack that disrupted its operations. The attackers exploited an unpatched system, leading to the leakage of 44GB of internal documents, credentials, and source code.

Supply chain attacks remain a significant concern, with Injective Labs, a developer of blockchain and cryptocurrency software, experiencing a compromise. Malicious npm packages were published to its SDK project, which, when used by developers, exfiltrated cryptocurrency wallet private keys and seed phrases. Moody Bible Institute also reported a breach affecting over 2.3 million donors, students, and alumni, with the ShinyHunters group allegedly publishing stolen personal information.

The report also sheds light on the growing threat of AI in cyberattacks. Researchers profiled JadePuffer, an autonomous ransomware operation that utilized a large language model to conduct an intrusion without direct human intervention. This operation exploited CVE-2025-3248 in an exposed Langflow instance, leading to data exfiltration, database deletion, and an extortion demand. Furthermore, researchers demonstrated how malicious instructions hidden within open-source project files could be executed by AI coding agents like Anthropic Claude Code and OpenAI Codex, posing a risk to automated development tools.

Beyond AI-driven threats, several critical vulnerabilities were detailed. Multiple Tenda router models are affected by CVE-2026-11405, an undocumented authentication backdoor allowing administrative access. Linux maintainers have patched CVE-2026-53359, a critical vulnerability in the Kernel-based Virtual Machine (KVM) hypervisor that could allow a malicious guest virtual machine to escape to the host environment. Additionally, six vulnerabilities in U-Boot affecting signature verification of Flattened Image Tree files were addressed, with some enabling arbitrary code execution.

Opera has also patched a critical vulnerability in its Opera GX browser that allowed malicious websites to install modifications without user confirmation, potentially leading to information leakage and browser crashes. The report also covers emerging threat actors, such as Cavern Manticore, an Iran-linked group targeting Israeli organizations, and provides an analysis of global cyberattack activity in June 2026, which saw a 33% increase in ransomware incidents compared to the previous year.

Overall, the Check Point Research bulletin underscores the dynamic and evolving threat landscape, emphasizing the need for continuous vigilance against both traditional cyber threats and novel AI-powered attacks, alongside prompt patching of known vulnerabilities.

Synthesized by Vypr AI