13th July – Threat Intelligence Report
Check Point Research's latest Threat Intelligence Report highlights significant cybersecurity events from the week of July 13, 2026. Among the top incidents was a breach at U.S. auto insurer AssuranceAmerica impacting 7 million individuals due to compromised employee credentials. Latvia’s state-owned forestry company also fell victim to a ransomware attack exploiting an unpatched system for two years. In the realm of vulnerabilities, multiple Tenda router models were found vulnerable via an undocumented backdoor (CVE-2026-11405), while Linux maintainers patched a severe flaw in the KVM hypervisor (CVE-2026-53359). Additionally, AI threats emerged with JadePuffer, an LLM-driven ransomware operation exploiting CVE-2025-3248. These developments underscore the growing complexity and scale of modern cyber threats.
For the latest discoveries in cyber research for the week of 13th July, please download our Threat Intelligence Bulletin.
TOP ATTACKS AND BREACHES
- U.S. auto insurer AssuranceAmerica has disclosed a data breach affecting approximately 7 million people. Attackers targeted an employee and used compromised credentials to access company systems, stealing names, contact information, driver’s license numbers, insurance policy and account data, vehicle information, and claims details.
- Latvia’s state-owned forestry company Latvijas Valsts Meži has suffered a ransomware attack that disrupted mapping, hunting, contractor, and customer systems. Attackers exploited a system that had remained unpatched for two years and leaked approximately 44GB of internal documents, credentials, cryptographic keys, source code, and email correspondence.
- Injective Labs, a developer of blockchain and cryptocurrency software, has experienced a supply chain compromise after attackers accessed its SDK project and published malicious npm packages. The affected releases exfiltrated cryptocurrency wallet private keys and seed phrases when developers used legitimate key-generation functions embedded in the compromised software.
- Moody Bible Institute, a U.S. faith-based educational institution, has disclosed a data breach affecting more than 2.3 million donors, students, alumni, and supporters. The ShinyHunters extortion group published allegedly stolen information, including names, dates of birth, residential addresses, email addresses, and phone numbers.…