Source: Shutterstock
A newly identified hacker group believed to be linked to Iran has launched a sophisticated cyber campaign targeting Israeli government agencies and IT service providers, according to a new report from Israeli cybersecurity company Check Point.
The group, dubbed Cavern Manticore, has reportedly been conducting attacks since the beginning of 2026, using advanced techniques to quietly infiltrate networks. Researchers say the hackers exploit legitimate remote administration tools and trusted software update mechanisms, making their operations difficult to detect, The Caspian Post reports via InfoSecurity Magazine.
The campaign has primarily focused on Israeli government institutions and technology companies that provide critical IT services.
In a threat intelligence report released on July 6, researchers said the group's ability to penetrate organizations in the government and defense sectors during the US military campaign Operation Epic Fury demonstrated a high level of operational discipline and carefully selected targets.
The cybersecurity firm noted that Cavern Manticore's tactics closely resemble those used by the MuddyWater and Lyceum hacking groups, both of which have previously been linked by security researchers to Iran's Ministry of Intelligence.
Check Point also said the group's cyber activity intensified during the recent US military campaign involving Iran, suggesting a rapid escalation in its operations and highlighting the growing role of cyber warfare amid heightened regional tensions.
Share on social media