BLACK HAT 2025 – SecurityScorecard today released new threat intelligence exposing how Iranian state-linked hacking groups coordinated cyberattacks in support of military operations during the 12-Day War with Israel. The company’s STRIKE team analyzed more than 250,000 messages across 178 Telegram groups, revealing a timeline of phishing campaigns, malware delivery and coordinated propaganda aligned with real-world airstrikes. This research shows how cyber operations now move in lockstep with kinetic conflict.

At the same time, SecurityScorecard reported a 124% year-over-year increase in channel-led pipeline, driven by the continued growth of its SCORE Partner Program and MAX managed service. More than 600 partners are now helping customers detect, escalate and resolve supply chain threats. Together, these developments show how SecurityScorecard is moving from passive risk scoring to active defense, giving security teams the intelligence, workflows and partner reach to reduce response time and take control of third-party risk.

STRIKE Research Exposes Iranian Cyber Operations Tied to Kinetic Warfare

SecurityScorecard’s STRIKE team's new research, “From The Depths of the Shadows: IRGC and Hacker Collectives Of The 12-Day War,” exposes how cyber-operations became a critical extension of the conflict between Iran and Israel in June 2025.

Key findings include:

• Coordinated campaigns across Telegram and other platforms: Hacktivist and state-linked groups used Telegram channels as command hubs for reconnaissance, propaganda and recruitment.
• Rapidly deployed phishing campaigns: STRIKE identified IRGC-linked phishing operations spun up within hours of the first air strikes, carrying malware payloads designed for disruption.
• Tactical shifts by Imperial Kitten (aka Tortoiseshell): The state-linked threat actor pivoted its operations in real time, aligning social engineering tactics and malware delivery with military actions.

“This research reveals how digital and kinetic warfare are now deeply intertwined,” said Ryan Sherstobitoff, Field Chief Threat Intelligence Officer at SecurityScorecard. “Partners and customers need this level of intelligence to prepare for the next wave of threats, because the next geopolitical flashpoint will likely bring the same combination of cyber disruption and real-world consequences.”

Channel-Led Growth Surges as SCORE Partner Program and MAX Drive Success

Alongside its threat intelligence leadership, SecurityScorecard reported 124% year-over-year growth in its channel-sourced pipeline. This momentum stems from its SCORE Partner Program and MAX managed service, both built to enable partners to deliver supply chain risk response at scale.

In the first half of 2025, the company:

• Increased total partner-affiliated pipeline by 30% year-over-year
• Increased partner-affiliated pipeline average sales price by 89% year-over-year
• Grew six-figure and above opportunities with channel partners by 69% year-over-year, resulting in almost 100 opportunities in the first half of 2025
• Built a global network of 600+ partners

“We’re investing deeply in our partners, and it’s paying off,” said Mark Stevens, SVP of Channels and Alliances at SecurityScorecard. "SCORE gives MSSPs and resellers the tools to deliver real cyber risk services. With third-party threats exploding, this isn't nice-to-have anymore. It's table stakes."

This momentum is being driven by MAX, SecurityScorecard’s managed service offering and the first solution built for Supply Chain Detection and Response. MAX empowers MSSPs to act as virtual supply chain incident responders, using SecurityScorecard’s threat telemetry, AI-driven scoring and workflows to detect and resolve risks across a customer’s extended ecosystem.

What’s Next for 2025

SecurityScorecard is offering select customers early access to a new Supply Chain Detection and Response platform powered by the company’s own threat intelligence, cybersecurity telemetry and global vendor exchange. Public beta will start at the end of 2025. Join the waitlist to get access before the launch.

Key Resources

• Visit the SecurityScorecard team at Black Hat August 6-7 at Booth 3457.
• Download the latest STRIKE threat research.
• Learn more about the SCORE Partner Program.
• Book a demo with the SecurityScorecard team.

About SecurityScorecard

SecurityScorecard created Supply Chain Detection and Response (SCDR), transforming how organizations defend against the fastest-growing threat vector—supply chain attacks. Our industry-leading security ratings serve as the foundation and core strength, while SCDR continuously monitors third-party risks using our factor-based ratings, automated assessments and proprietary threat intelligence, to resolve threats before they become breaches. MAX enables response and remediation capability, working through our service partners to protect the entire supply chain ecosystem while strengthening operational resilience, enhancing third-party risk management and mitigating concentrated risk.

Trusted by over 3,000 organizations—including two-thirds of the Fortune 100—and recognized as a trusted resource by the U.S. Cybersecurity & Infrastructure Security Agency (CISA). Backed by Evolution Equity Partners, Silver Lake Partners, Sequoia Capital, GV, NGP, Intel Capital and Riverwood Capital, SecurityScorecard delivers end-to-end supply chain cybersecurity that safeguards business continuity.

Learn more at securityscorecard.com or follow us on LinkedIn.

View source version on businesswire.com: https://www.businesswire.com/news/home/20250805406220/en/