The rise of GenAI has pushed social engineering and phishing to new levels. What once required manual effort can now be generated in seconds, resulting in hyper-personalized messages, cloned executive voices, and even realistic video impersonations. Deepfake incidents have already moved from online curiosity to real business risk, driving financial loss and operational disruption in organizations worldwide.  On everyday collaboration platforms, verifying identity has become increasingly difficult. Real-time face and voice cloning remove many traditional warning signs, making scams harder to spot than ever. As the threat landscape shifts, organizations need modern defenses and smarter awareness programs designed for the realities of the AI era.  Check Point Services has recently expanded its training portfolio to help […]

The post Augmented Phishing: Social Engineering in the Age of AI appeared first on Check Point Blog.

Global Attack Volumes Remain Elevated Worldwide  In February 2026, global cyber attack activity remained near record levels, confirming that elevated attack volumes are becoming the new normal for organizations worldwide. The average number of weekly cyber attacks per organization reached 2,086, representing a 9.6% increase year over year, while remaining essentially flat month over month (-0.2% compared to January 2026). This stabilization at a high baseline reflects a sustained pressure environment rather than a short‑term surge. Despite a slowdown in ransomware activity compared to the same period last year, overall attack volumes continue to rise, driven by automation, expanding digital footprints, and persistent exposure risks linked to enterprise GenAI usage. Check Point Research data shows that February’s […]

The post Global Cyber Attacks Remain Near Record Highs in February 2026 Despite Ransomware Decline appeared first on Check Point Blog.

Key Findings Since the recent escalation in the Middle East, Check Point Research has observed increased activity by Chinese-nexus APT actors in the region, particularly targeting Qatar The Chinese-nexus threat actor Camaro Dragon attempted to deploy a variant of PlugX malware against Qatari targets within one day of the launch of Operation Epic Fury and the onset of the escalation in the Middle East The attackers leveraged the ongoing war in the Middle East to make their lures more credible and engaging, demonstrating the ability to rapidly adapt to major developments and breaking news The use of payloads such as […]

The post China-Nexus Activity Against Qatar Observed Amid Expanding Regional Tensions appeared first on Check Point Blog.

Fragmented products and solutions sprawled across multiple environments create significant visibility gaps, which attackers look for to exploit. To close these gaps, Check Point Services has now introduced CPR Act, an expert‑led unit that covers the entire security lifecycle with continuous intelligence, coordinated action, and clear outcomes. This unified approach eliminates blind spots and ensures that every phase of security feeds into the next, creating a connected and predictable defense.  This elite team of experts brings top researchers, analysts, and responders together to provide organizations with a clear, research‑based insight to act decisively. It operates through four foundational pillars:  Intelligence: […]

The post Introducing CPR Act: A Unified Approach for a Full‑Lifecycle Security appeared first on Check Point Blog.

Recognizing Excellence, Innovation, and Impact Across the Region  Check Point Software Technologies recognized the top partners across the Asia Pacific region, during the Check Point Software Technologies Sales Kickoff APAC event in Bangkok, Thailand, attended by almost 1,000 employees and partners. These awards are handed out to outstanding partners across Asia Pacific who have delivered exceptional customer outcomes, driven sustained growth, and advanced prevention first, AI powered cyber security across the region.   As cyber threats across Asia Pacific continue to intensify in both scale and sophistication — fuelled by AI-driven attacks, expanding hybrid and cloud ecosystems, and growing regulatory and operational complexity across the varied APAC countries, especially around AI, our top-performing partners play a critical role in helping organizations strengthen […]

The post Powering Cyber Resilience Across APAC: Celebrating Check Point’s APAC FY25 Partner Award Winners appeared first on Check Point Blog.

Your whitelist is not a wall. For nation-state attackers, it’s a map, showing exactly who to compromise to get to your assets. $1,788,000,000 STOLEN FROM INSTITUTIONS WITH WHITELISTS, MULTISIGS, AND HARDWARE WALLETS IN PLACE TL;DR When you hold significant assets on a public blockchain, nation-state groups will target you – not if, but when Your whitelist tells attackers exactly which vendors and counterparties to compromise to reach your funds Bybit ($1.5B), WazirX ($235M), and Radiant ($53M) all had whitelists. All were drained through whitelisted entities The correct assumption: every whitelisted address is potentially compromised. Trust must be verified in real […]

The post The Whitelist Illusion – When Your Trusted List Becomes a Billion Dollar Attack Path appeared first on Check Point Blog.

Silver Dragon is a China nexus cyber espionage group targeting government ministries and public sector organizations across Southeast Asia, with additional victims identified in Europe The group gains initial access through exploitation of public-facing servers and targeted phishing campaigns aimed at government entities It maintains long-term persistence by hijacking legitimate Windows services, thus allowing malware processes to blend into normal system activity A custom backdoor, GearDoor, enables covert command-and-control communications via Google Drive, blending malicious traffic with normal cloud usage The campaign remains relevant as attackers continue to abuse trusted enterprise services and legitimate system components to evade detection Based […]

The post Silver Dragon: China Nexus Cyber Espionage Group Targeting Governments in Asia and Europe appeared first on Check Point Blog.

The CVSS Blind Spot For years, CVSS scores have been the default metric for vulnerability severity. But severity does not equal risk. A CVSS 9.8 vulnerability that is never exploited is less dangerous than a CVSS 6.5 actively used in ransomware campaigns. Yet many organizations still chase the highest scores first, wasting time and leaving real threats exposed. KEV lists help, but they are reactive and often lag behind active exploitation. Attackers move faster than static scoring systems. If your prioritization strategy starts and ends with CVSS, you are playing catch-up. If vulnerability management feels overwhelming, the numbers explain why. […]

The post How Threat Intelligence and Multi-Source Data Drive Smarter Vulnerability Prioritization appeared first on Check Point Blog.

A Practical Q&A Guide for Leaders Navigating NIST, Zero Trust, and AI Governance  Q1. Why does national cyber security feel more urgent than ever?  Answer:  Cyber security is no longer something that happens quietly in server rooms or security operations centers. It now affects fuel availability, hospital operations, elections, financial markets, and public trust.  What has changed is not just the volume of cyber attacks, but their intent. Adversaries are no longer satisfied with stealing data. They are embedding themselves into systems, waiting patiently, and positioning for disruption at moments of national stress. Cloud platforms, AI systems, and operational technology have dramatically expanded the attack […]

The post National Cyber Resilience in the AI Era appeared first on Check Point Blog.