Normal view

Received — 8 June 2026 Check Point Blog

Security Advisory – Action Required – Active Exploitation of Check Point VPN Authentication Bypass (CVE-2026-50751)

8 June 2026 at 12:35

Check Point Research has identified active exploitation of CVE-2026-50751, a critical authentication bypass vulnerability affecting Check Point Remote Access VPN and Mobile Access deployments configured to use the deprecated IKEv1 key exchange protocol. By exploiting a logic flaw in certificate validation, an attacker can establish a VPN session without possession of a valid password, effectively bypassing authentication requirements. Additional post-authentication activity is required to access internal resources or escalate privileges. To date, the observed exploitation has been limited to a few dozen targeted organizations globally. One case involved confirmed post-compromise activity associated with Qilin ransomware affiliate. Customers using IKEv1 key […]

The post Security Advisory – Action Required – Active Exploitation of Check Point VPN Authentication Bypass (CVE-2026-50751) appeared first on Check Point Blog.

The AI Defense Plane: Securing the New Enterprise Execution Layer

3 June 2026 at 10:02
AI Defense Plane

Enterprise security has always had a comforting assumption baked into it: systems do what they were built to do. Sometimes badly. Sometimes insecurely. Sometimes in ways that make auditors develop a nervous twitch. But still, the basic shape was understandable. Applications processed requests. Databases stored data. APIs connected systems. Users clicked things they probably should not have clicked. Then AI arrived and made the whole thing a little weird. AI did not introduce one neat new risk category. Security teams are very good at turning new risk categories into taxonomies, dashboards, and meetings with names like “working group.” The real […]

The post The AI Defense Plane: Securing the New Enterprise Execution Layer appeared first on Check Point Blog.

The Meta AI Account Recovery Incident Wasn’t Just a Chatbot Problem

2 June 2026 at 21:57

When people hear about hackers “asking an AI chatbot” to help them take over Instagram accounts, the instinctive reaction is to file it under prompt injection, jailbreaks, or “the model got tricked.”  That may be the wrong lesson.  According to reporting from 404 Media, hackers claimed they used Meta’s AI support chatbot to gain access to high-profile Instagram accounts by asking it to change the email address associated with the target account. The reported incidents coincided with several high-profile account takeovers, including accounts linked to the Obama White House, Sephora, and the Chief Master Sergeant of the Space Force.    […]

The post The Meta AI Account Recovery Incident Wasn’t Just a Chatbot Problem appeared first on Check Point Blog.

The Server Seizure That Affects Also Iran’s Cyber Operations

1 June 2026 at 10:55

On May 22, 2026, Dutch financial-crime investigators walked into data centers in Dronten and Schiphol-Rijk and seized approximately 800 servers. The target was WorkTitans B.V., a hosting provider that, on the surface, looked like any other internet infrastructure company. What investigators uncovered, however, was something far more significant: a ghost operation built on sanctioned infrastructure, quietly serving as the backbone for some of Iran’s most active cyber espionage campaigns. The story starts a year earlier. In May 2025, the European Union sanctioned Stark Industries, an internet service provider linked to Russian information-warfare operations. Rather than shutting down, the people behind […]

The post The Server Seizure That Affects Also Iran’s Cyber Operations appeared first on Check Point Blog.

Check Point Lays the Groundwork for the Future of AI Factory Security with NVIDIA

1 June 2026 at 07:30

At GTC Taipei during COMPUTEX 2026, NVIDIA is highlighting the growing adoption of its NVIDIA Vera BlueField-4 STX architecture and introducing new NVIDIA DOCA-powered innovations designed to secure the next generation of enterprise AI infrastructure. As organizations continue scaling AI factories, private LLM environments, distributed inference systems, and increasingly autonomous AI operations, enterprise infrastructure requirements are rapidly evolving. Modern AI environments combine high-performance compute, distributed storage systems, inference pipelines, Kubernetes clusters, APIs, GPU server farms, and sensitive enterprise data operating continuously at enormous scale. At the same time, AI-driven environments are introducing increasingly dynamic machine-to-machine interactions across infrastructure, applications, and […]

The post Check Point Lays the Groundwork for the Future of AI Factory Security with NVIDIA appeared first on Check Point Blog.

Check Point Frontier AI Models Readiness Program – Security Update

26 May 2026 at 14:50

At Check Point we don’t wait for threats to evolve; we evolve ahead of them. This is why we’ve been running our Frontier AI Models Readiness Program: a proactive, structured initiative designed to ensure that our products remain resilient as AI models grow increasingly capable of understanding complex software systems and assisting adversaries in attacking them. As part of this program, we conducted large-scale AI-driven code scanning across our products, performed extensive security reviews, hardened components where needed, refined our time-to-patch procedures, and accelerated our protection development processes to meet the pace of emerging AI-driven threats. Today’s Jumbo Security Release […]

The post Check Point Frontier AI Models Readiness Program – Security Update appeared first on Check Point Blog.

2026 Cloud Security Report: Why Traditional Network, Cloud, and Security Architecture Are Lagging Behind the AI Transformation

By: anap
26 May 2026 at 14:40

As AI rapidly reshapes industries, the role of the cloud has become even more critical. From automated customer experiences to intelligent cyber security and predictive analytics, AI transformations are increasingly being built on a cloud-first foundation. Over the past two years, AI has swiftly moved from an experimental state to an operational reality, with every leading organization embedding AI into the core of how they build, operate, and compete. However, security architectures have not kept pace with the AI transformation. Closing that gap requires more than incremental fixes. It demands a rethinking of how security is designed, deployed, and enforced […]

The post 2026 Cloud Security Report: Why Traditional Network, Cloud, and Security Architecture Are Lagging Behind the AI Transformation appeared first on Check Point Blog.

Received — 19 May 2026 Check Point Blog

The Network Security Problem No One Could Solve – Until Now.

19 May 2026 at 15:00

Networks used to be simple. A perimeter. A data center. A set of rules a single engineer could hold in their head. That world is long gone. Every wave of enterprise transformation – cloud migration, M&A, hybrid multi-cloud, IoT, remote work – added another layer of complexity. Each with its own topology, traffic patterns, and security assumptions. The complexity grew exponentially. And security followed, manually – more policies to author, more configurations to validate, more vendors to manage. The part that doesn’t show up in vendor presentations is that modern network security runs on institutional know-how. It lives in the […]

The post The Network Security Problem No One Could Solve – Until Now. appeared first on Check Point Blog.

Before the First Whistle: How Cyber Criminals Are Targeting World Cup 2026

14 May 2026 at 14:55

The FIFA World Cup 2026 is one of the most anticipated sporting events in history, and cyber criminals are already capitalizing on excitement. As matches kick off across the United States, Canada, and Mexico, threat actors are flooding the internet with fake merchandise stores, fraudulent betting platforms, and phishing domains designed to steal your money and personal data. This report breaks down the latest threat landscape so fans can stay safe while enjoying the beautiful game.  As the host countries of the FIFA World Cup 2026, the United States, Canada, and Mexico all recorded an increase in the weekly average number of cyber-attacks per organization in April 2026 compared to both […]

The post Before the First Whistle: How Cyber Criminals Are Targeting World Cup 2026 appeared first on Check Point Blog.

Received — 11 May 2026 Check Point Blog

Q1 2026 Ransomware Report: Fewer Groups, Higher Impact

11 May 2026 at 12:00

Ransomware activity remained elevated in Q1 2026, continuing the trend established over the past year. According to the State of Ransomware Q1 2026 report from Check Point Research, overall attack volume stayed near historic highs. At the same time, the structure of the ransomware ecosystem changed materially. After two years of increasing fragmentation, activity is consolidating around a smaller number of dominant groups. For organizations, this shift reduces the number of active actors but increases the potential impact of individual incidents.  Key Findings: 2,122 organizations were listed on ransomware data leak sites in Q1 2026, making it the second-highest Q1 on record The top […]

The post Q1 2026 Ransomware Report: Fewer Groups, Higher Impact appeared first on Check Point Blog.

World Password Day 2026: Why “Strong Passwords” Can’t Save You from AI, Infostealers, and the Telegram Underground

7 May 2026 at 15:00

As we recognize World Password Day in 2026, the traditional advice to “use a complex password with numbers and symbols” feels hopelessly outdated. Today, a 16-character password is useless if an infostealer malware extracts it directly from a browser cache, or if an employee willingly pastes it into an unmanaged AI chatbot. Welcome to the real World Password Day 2026. Not the one where we remind you to add an exclamation mark to “Password123.” The one where we pull back the curtain on the global industrial marketplace that has quietly been built on the back of our collective password failures — a […]

The post World Password Day 2026: Why “Strong Passwords” Can’t Save You from AI, Infostealers, and the Telegram Underground appeared first on Check Point Blog.

Check Point Cyber Security Now Available Across All Levels of U.S. Government

30 April 2026 at 14:00

We’re proud to announce that Check Point has earned GovRAMP Authorization for the Check Point Infinity Platform for Government. This is a big milestone for the company and is a reflection of our unparalleled prevention-first capabilities, which were recently ranked #1 for the fourth consecutive year in Miercom’s 2026 Hybrid Mesh Network Security Assessment (Check Point achieved the top overall security effectiveness score of 99.8%, with 100% phishing detection and 99.9% AI-powered malware prevention versus leading competitors).  Combined with FedRAMP Authorization achieved in 2025, this means Check Point now delivers security-vetted protection across federal, state, local, and tribal governments, providing a consistent, trusted cyber security framework across all levels of U.S. public sector operations.  This […]

The post Check Point Cyber Security Now Available Across All Levels of U.S. Government appeared first on Check Point Blog.

VECT Ransomware: Why Paying Won’t Get Your Files Back

28 April 2026 at 15:00

Do not pay the ransom. VECT permanently destroys large files rather than locking them. Even the attackers cannot recover them. Payment will not restore your data  VECT partnered with TeamPCP and BreachForums to build one of the largest ransomware affiliate networks ever assembled, giving them a ready-made pipeline to thousands of potential victims  The encryption flaw exists across all versions. Windows, Linux, and ESXi variants are all affected. The bug has been present since before the public 2.0 release and has never been fixed  Advertised features don’t work. Encryption speed modes, anti-analysis protections, and other capabilities are either unimplemented or broken  Check Point Threat Emulation and Harmony Endpoint provide full protection against all known […]

The post VECT Ransomware: Why Paying Won’t Get Your Files Back appeared first on Check Point Blog.

Received — 23 April 2026 Check Point Blog

Experience AI-Powered Check Point Firewall at Google Cloud Next

22 April 2026 at 15:00

Today’s enterprises demand Zero Trust security, everywhere. Cloud security teams require high-performance protection without the burden of managing firewalls at scale. For this reason, organizations are seeking managed network security solutions that reduce operational overhead while improving consistency, visibility, and prevention across complex multi-cloud environments. Responding to that demand, Check Point is continuing rollout of an AI-powered cloud firewall as a service now available for preview on Google Cloud, as well as Amazon Web Services (AWS) and Microsoft Azure.  There will be demos of the new firewall service at the Check Point Booth #3101 in the Google Next Solution Expo.  Check Point Cloud Firewall as a Service eliminates the complex overhead of managing firewall software infrastructure, giving busy DevOps and Security teams time to focus on policy management, compliance, and other strategic initiatives.   Continued Evolution of Cloud Firewalls  Cloud Firewall as a Service on Google Cloud marketplace delivers the power of Cloud Firewall (formerly Guard Network Security) with advanced threat prevention, AI-driven security intelligence, automated policy […]

The post Experience AI-Powered Check Point Firewall at Google Cloud Next appeared first on Check Point Blog.

AI Finds Every Gap: How Many Can Your Network Survive?

21 April 2026 at 15:00

Anthropic’s reported development of Claude Mythos signals a shift: AI is compressing attack timelines by accelerating vulnerability discovery, exploit development, and multi-step attack planning. More broadly, AI is increasing the speed and scale of attacks across malware, phishing, and vulnerabilities. Attackers can now run these vectors in parallel, reducing time to compromise and increasing exposure. AI also enables more targeted phishing, faster malware iteration, and rapid vulnerability discovery, exposing gaps in detection and exposure management earlier and requiring prevention-first controls and real-time detection. To see how these challenges translate into real-world performance, and how leading security vendors handle them under […]

The post AI Finds Every Gap: How Many Can Your Network Survive? appeared first on Check Point Blog.

The Phishing Paradox: The World’s Most Trusted Brands Are Cyber Criminals’ Entry Point of Choice

16 April 2026 at 14:00

In Q1 2026, Microsoft continued to be the most impersonated brand in phishing attacks, accounting for 22% of all brand impersonation attempts, according to data from Check Point Research (CPR). The results reinforce a long‑standing trend: attackers consistently exploit highly trusted brands to steal credentials and gain initial access to personal and enterprise environments. Apple climbed to second place with 11%, reflecting attackers’ increasing focus on consumer ecosystems tied to payments, identity, and personal devices. Google followed closely in third place at 9%, while Amazon ranked fourth with 7%. LinkedIn rose to fifth place with 6%, highlighting sustained attacker interest […]

The post The Phishing Paradox: The World’s Most Trusted Brands Are Cyber Criminals’ Entry Point of Choice appeared first on Check Point Blog.

World Quantum Day 2026: The Harvest Has Already Begun, Are You Prepared?

By: anap
14 April 2026 at 15:00

On World Quantum Day, much of the conversation celebrates breakthroughs in medicine, materials, and computing. But for cyber security leaders, quantum computing represents a fundamental disruption to the cryptographic foundations that secure our digital world. Q-Day is closer than you think What was once considered a distant, theoretical risk is rapidly becoming reality. Advances in quantum computing, including improved algorithms and reduced qubit requirements, are accelerating timelines. What the industry once viewed as a 2040s challenge is now approaching within years. In late 2025, Gartner elevated Post-Quantum Cryptography (PQC) migration to a board-level priority, urging action ahead of a 2030 […]

The post World Quantum Day 2026: The Harvest Has Already Begun, Are You Prepared? appeared first on Check Point Blog.

Why Manufacturing Cyber Security is Becoming More Complex as Cyber Attacks Accelerate

13 April 2026 at 15:50

The global manufacturing sector entered 2025 facing one of the most aggressive cyber threat environments in its history. Digital transformation, smart factories, and interconnected supply chains have expanded operational efficiency to places 50 years ago we wouldn’t have thought possible. But, this comes with unprecedented cyber risk. According to the Manufacturing Threat Landscape 2025 report, cyber incidents targeting manufacturing increased sharply year over year, placing the industry at the center of global ransomware activity. Manufacturing Becomes the Primary Ransomware Target In 2025, global ransomware incidents reached 7,419 documented cases, representing a 32 percent increase year over year. Manufacturing was the […]

The post Why Manufacturing Cyber Security is Becoming More Complex as Cyber Attacks Accelerate appeared first on Check Point Blog.

Two Types of Threat Intelligence That Make Security Work

18 February 2026 at 13:00

The problem isn’t that we lack threat intelligence. It’s that we lack the right kind of intelligence, intelligence that connects what’s happening inside your environment with what attackers are planning outside it. That’s why two types of threat intelligence matter: internal and external. Alone, each tells part of the story. Together, they create clarity. Why Threat Intelligence Alone Falls Short Most organizations subscribe to multiple threat feeds. They pour in from every direction, generic, fragmented, and often delayed. Instead of clarifying risk, they confuse it. “Organizations still make critical decisions based on incomplete or underrefined threat data.” — Gartner, The […]

The post Two Types of Threat Intelligence That Make Security Work appeared first on Check Point Blog.

Unzipping the Threat: How to Block Malware Hidden in Password-Protected ZIP Files

13 February 2026 at 13:00

As malware evades detection by hiding inside password-protect zip files, new Threat Emulation capabilities enable inspecting and blocking malicious ZIP files without requiring their password. As cyber defenses evolve, so do attacker tactics. One of the most persistent evasion techniques in the wild involves embedding malware inside password-protected ZIP files, making it difficult for traditional security tools to inspect their content. The Challenge: Breaking the Password Delivery Chain Attackers have adapted. Their new strategy? Splitting the delivery path: The malicious ZIP file is sent via email. The password arrives through an out-of-band channel, often SMS or messaging apps. This multi-channel […]

The post Unzipping the Threat: How to Block Malware Hidden in Password-Protected ZIP Files appeared first on Check Point Blog.

❌