Reading view

From Stars to Upvotes: The Fake Reputation Economy Behind a Crypto Clipboard Hijackers

Key Findings Trust is being manufactured at scale. A single threat actor built a cross-platform ecosystem: a WordPress phishing hub, GitHub and SourceForge projects, a YouTube channel, crypto forums, and even posts on legitimate news sites, all engineered to make a malicious “tool” look popular, vetted, and safe Reputation systems themselves are now a target. The actor seeds benign votes and “safe” community comments on VirusTotal samples that already carry low detection rates, nudging reputation-based defenses toward misclassifying clearly malicious files as harmless AI is woven into the lure. Fake “tutorial” videos pair real-looking desktop demos with AI-generated narrators and […]

The post From Stars to Upvotes: The Fake Reputation Economy Behind a Crypto Clipboard Hijackers appeared first on Check Point Blog.

  •  

AI Red Teaming Makes the Unknowns Known

AI Red Teaming Makes the Unknowns Known

AI security is getting attention because AI has stopped being a side experiment.  It is now part of how work gets done. Employees use copilots to write, research, code, and analyze. Product teams are adding AI into customer experiences. Developers are building applications on top of foundation models. Business teams are experimenting with agents that can read email, summarize documents, query data, and trigger workflows.  That is a very different world from the one many AI review processes were designed for.  An AI system can pass a benchmark and still fail in production. It can behave safely in a clean test environment and then encounter real […]

The post AI Red Teaming Makes the Unknowns Known appeared first on Check Point Blog.

  •  

Check Point and Illumio Expand Partnership to Secure Hybrid Environments

Building on our previous Illumio Insights integration, Check Point and Illumio are expanding their partnership with an integration to Illumio Segmentation, helping organizations prevent threats, expose risky paths, contain lateral movement across hybrid and multi-cloud environments, and better align gateway enforcement with microsegmentation policy. Hybrid environments keep getting more complex. Applications and data now span data centers, private cloud, public cloud, SaaS, remote access paths, and shared services, while attackers are using AI to move faster from intrusion to impact. Security teams are not just trying to stop threats at the edge. They also need to see how traffic moves […]

The post Check Point and Illumio Expand Partnership to Secure Hybrid Environments appeared first on Check Point Blog.

  •  

The NCSC Patch Wave Is Coming. Do You Know Where Your Risk Lives?

The National Cyber Security Centre (NCSC) is warning organisations to prepare for an unprecedented wave of vulnerability disclosures, driven by AI-accelerated exploitation of technical debt. This commentary sets out how Check Point Exposure Management helps government, public sector, and CNI organisations get ahead of it.  The NCSC’s CTO, Ollie Whitehouse, published a clear and urgent warning in May 2026: AI is enabling threat actors to exploit long-standing technical debt at a scale and speed the industry has not seen before. A “patch wave” – a surge of vulnerability disclosures requiring rapid, large-scale remediation – is expected. For organisations operating critical […]

The post The NCSC Patch Wave Is Coming. Do You Know Where Your Risk Lives? appeared first on Check Point Blog.

  •  

Energy, Healthcare, and Finance: Why Midwest Industries Are Facing Surging Cyber Attacks

Across the United States, the average organization faced slightly fewer cyber attacks per week in May 2026 than it did a year earlier, according to Check Point Research — the national figure was essentially flat year over year. In the Central US, however, the trend ran the other way. Organizations there faced more attacks than a year ago, and more than the national average — as they did in every month of 2026.  Through the first five months of the year, the typical Central US organization faced about 1,552 cyber attacks per week, roughly 7% above the national average of […]

The post Energy, Healthcare, and Finance: Why Midwest Industries Are Facing Surging Cyber Attacks appeared first on Check Point Blog.

  •  

Travel Phishing and Cyber Attacks are Surging in 2026, Growing 122% over the last 3 years. Here’s What Cyber Criminals Are Actually Doing

Every summer, hundreds of millions of people book flights, reserve hotels, and plan vacations online. And every summer, cyber criminals show up to take advantage of exactly that. Check Point Research tracked the threat landscape heading into the 2026 summer travel season, and what they found should give travelers pause before they click “confirm booking.”  The hospitality sector is under targeted attack  The hospitality, travel, and recreation sector recorded 2,291 average weekly cyberattacks per organization in May 2026, a 24% increase compared to the same month last year. To put that in context, the global year-over-year rise across all industries […]

The post Travel Phishing and Cyber Attacks are Surging in 2026, Growing 122% over the last 3 years. Here’s What Cyber Criminals Are Actually Doing appeared first on Check Point Blog.

  •  

The AI Your Security Team Can’t See Is the One You Should Worry About

Shadow AI is no longer a theoretical risk. Employees are adopting AI tools faster than security teams can track them, often without IT’s knowledge, and frequently on devices and surfaces that traditional security tools simply can’t see. If you asked your security team right now how many AI tools are active across your organization, on which surfaces, and what’s being shared, could they answer? For most organizations, the honest answer is no. And that gap, between what your employees are doing with AI and what your security team can actually see, is where enterprise risk lives today.  AI adoption in the enterprise didn’t slow down and wait for governance to catch […]

The post The AI Your Security Team Can’t See Is the One You Should Worry About appeared first on Check Point Blog.

  •  

Check Point Engage Public Sector 2026: AI Is the New Battlefield

Last week, public sector leaders, cyber security practitioners, and technology experts gathered at the International Spy Museum in Washington, D.C. for Check Point Engage Public Sector: Securing the Mission of Public Sector Organizations in a Hyperconnected AI World. And what was on everyone’s mind? You guessed it – how federal and other public sector organizations secure mission-critical operations in an era where AI is transforming both cyber security defense and cyber warfare. What the audience learned across our several superb panel discussions was that AI has definitively become a challenging and fast-evolving battleground in the push and pull between attackers […]

The post Check Point Engage Public Sector 2026: AI Is the New Battlefield appeared first on Check Point Blog.

  •  

Check Point Joins OpenAI’s Trusted Access for Cyber Program and Daybreak Initiative

The model behind a security workflow shapes how fast a threat is caught, how accurately an incident is investigated, and how much a defender can trust the result. We treat that choice with care. Today we’re taking a clear step forward: Check Point has joined OpenAI’s Daybreak initiative through its Trusted Access for Cyber (TAC) program. These are real steps in how we bring AI into our defensive operations, and in the security we deliver to our customers. What Trusted Access for Cyber Gives Us Trusted Access for Cyber is OpenAI’s program for vetted security organizations that need its most […]

The post Check Point Joins OpenAI’s Trusted Access for Cyber Program and Daybreak Initiative appeared first on Check Point Blog.

  •  

When Your AI Agent’s Memory Becomes a Security Liability

Key Findings:   Check Point Research identified a critical vulnerability chain in LangGraph, an open-source framework from the creators of LangChain that enables developers to build complex, stateful, and controllable AI agent workflows using LLMs; they have approximately 46.5 million monthly downloads, making it one of the most widely adopted AI agent platforms in the world An SQL injection in LangGraph’s function could allow attackers to gain full control via remote code execution of a server by exploiting weaknesses in how the system processes and handles data. A compromised LangGraph server exposes everything the agent touches, including LLM API keys, customer data, CRM credentials, conversation history, and internal network […]

The post When Your AI Agent’s Memory Becomes a Security Liability appeared first on Check Point Blog.

  •  

Security Advisory – Action Required – Active Exploitation of Check Point VPN Authentication Bypass (CVE-2026-50751)

Check Point Research has identified active exploitation of CVE-2026-50751, a critical authentication bypass vulnerability affecting Check Point Remote Access VPN and Mobile Access deployments configured to use the deprecated IKEv1 key exchange protocol. By exploiting a logic flaw in certificate validation, an attacker can establish a VPN session without possession of a valid password, effectively bypassing authentication requirements. Additional post-authentication activity is required to access internal resources or escalate privileges. To date, the observed exploitation has been limited to a few dozen targeted organizations globally. One case involved confirmed post-compromise activity associated with Qilin ransomware affiliate. Customers using IKEv1 key […]

The post Security Advisory – Action Required – Active Exploitation of Check Point VPN Authentication Bypass (CVE-2026-50751) appeared first on Check Point Blog.

  •  

Fraud, Ransomware, and Fake Apps Are Already Targeting FIFA 2026

The FIFA World Cup 2026 kicks off on June 11. Across 16 cities in the US, Canada, and Mexico, billions of people will be watching, traveling, betting, and spending. Threat actors have been watching too, and for far longer. Check Point Research and Check Point Exposure Management spent the past year tracking the cyber threat landscape building around this tournament. What emerged is a coordinated pre-positioning effort across three sectors that sit at the center of the World Cup economy: finance, travel and hospitality, and gambling. The infrastructure is already built, with most of them already live. Financial Sector: Fraud […]

The post Fraud, Ransomware, and Fake Apps Are Already Targeting FIFA 2026 appeared first on Check Point Blog.

  •  

The AI Defense Plane: Securing the New Enterprise Execution Layer

AI Defense Plane

Enterprise security has always had a comforting assumption baked into it: systems do what they were built to do. Sometimes badly. Sometimes insecurely. Sometimes in ways that make auditors develop a nervous twitch. But still, the basic shape was understandable. Applications processed requests. Databases stored data. APIs connected systems. Users clicked things they probably should not have clicked. Then AI arrived and made the whole thing a little weird. AI did not introduce one neat new risk category. Security teams are very good at turning new risk categories into taxonomies, dashboards, and meetings with names like “working group.” The real […]

The post The AI Defense Plane: Securing the New Enterprise Execution Layer appeared first on Check Point Blog.

  •  

The Meta AI Account Recovery Incident Wasn’t Just a Chatbot Problem

When people hear about hackers “asking an AI chatbot” to help them take over Instagram accounts, the instinctive reaction is to file it under prompt injection, jailbreaks, or “the model got tricked.”  That may be the wrong lesson.  According to reporting from 404 Media, hackers claimed they used Meta’s AI support chatbot to gain access to high-profile Instagram accounts by asking it to change the email address associated with the target account. The reported incidents coincided with several high-profile account takeovers, including accounts linked to the Obama White House, Sephora, and the Chief Master Sergeant of the Space Force.    […]

The post The Meta AI Account Recovery Incident Wasn’t Just a Chatbot Problem appeared first on Check Point Blog.

  •  

The 2026 U.S. Midterms Have a Cyber Problem, But it’s Not at the Ballot Box

As the U.S. approaches the 2026 elections in November, the greatest threat to voting integrity will likely not be from hackers targeting voting machines or altering ballots, but from a growing war over reality itself.   Voter influence operations are increasingly focused on manipulating the information environment surrounding voters, flooding social media and search results with misleading narratives and fake content, and impersonated news sources designed to erode trust in what people see and hear online. Sophisticated operators have already cloned major media brands like Reuters, The Washington Post, and Fox News using look-alike domains that can fool even attentive readers at a glance. In this new era of AI-powered disinformation, the […]

The post The 2026 U.S. Midterms Have a Cyber Problem, But it’s Not at the Ballot Box appeared first on Check Point Blog.

  •  

The Server Seizure That Affects Also Iran’s Cyber Operations

On May 22, 2026, Dutch financial-crime investigators walked into data centers in Dronten and Schiphol-Rijk and seized approximately 800 servers. The target was WorkTitans B.V., a hosting provider that, on the surface, looked like any other internet infrastructure company. What investigators uncovered, however, was something far more significant: a ghost operation built on sanctioned infrastructure, quietly serving as the backbone for some of Iran’s most active cyber espionage campaigns. The story starts a year earlier. In May 2025, the European Union sanctioned Stark Industries, an internet service provider linked to Russian information-warfare operations. Rather than shutting down, the people behind […]

The post The Server Seizure That Affects Also Iran’s Cyber Operations appeared first on Check Point Blog.

  •  

Check Point Lays the Groundwork for the Future of AI Factory Security with NVIDIA

At GTC Taipei during COMPUTEX 2026, NVIDIA is highlighting the growing adoption of its NVIDIA Vera BlueField-4 STX architecture and introducing new NVIDIA DOCA-powered innovations designed to secure the next generation of enterprise AI infrastructure. As organizations continue scaling AI factories, private LLM environments, distributed inference systems, and increasingly autonomous AI operations, enterprise infrastructure requirements are rapidly evolving. Modern AI environments combine high-performance compute, distributed storage systems, inference pipelines, Kubernetes clusters, APIs, GPU server farms, and sensitive enterprise data operating continuously at enormous scale. At the same time, AI-driven environments are introducing increasingly dynamic machine-to-machine interactions across infrastructure, applications, and […]

The post Check Point Lays the Groundwork for the Future of AI Factory Security with NVIDIA appeared first on Check Point Blog.

  •  

The Autonomous Security Platform Built for Attacker Speed

Attackers are now agentic. AI agents run reconnaissance, test exploits, and weaponize vulnerabilities at machine speed – collapsing the mean time from CVE disclosure to confirmed exploitation from 2.3 years in 2018 to roughly 10 hours in 2026, with 72.7% of exploited CVEs in 2026 hitting as zero days, up from 16.1% in 2018.   Every year, the major breach reports tell the same story. Misconfigurations. Unpatched systems. Identity sprawl. Flat networks. The root causes barely change, and yet organizations continue to get breached, not because they lack visibility into these problems, but because closing them at scale is genuinely hard. Too many […]

The post The Autonomous Security Platform Built for Attacker Speed appeared first on Check Point Blog.

  •  

Check Point Frontier AI Models Readiness Program – Security Update

At Check Point we don’t wait for threats to evolve; we evolve ahead of them. This is why we’ve been running our Frontier AI Models Readiness Program: a proactive, structured initiative designed to ensure that our products remain resilient as AI models grow increasingly capable of understanding complex software systems and assisting adversaries in attacking them. As part of this program, we conducted large-scale AI-driven code scanning across our products, performed extensive security reviews, hardened components where needed, refined our time-to-patch procedures, and accelerated our protection development processes to meet the pace of emerging AI-driven threats. Today’s Jumbo Security Release […]

The post Check Point Frontier AI Models Readiness Program – Security Update appeared first on Check Point Blog.

  •  

2026 Cloud Security Report: Why Traditional Network, Cloud, and Security Architecture Are Lagging Behind the AI Transformation

As AI rapidly reshapes industries, the role of the cloud has become even more critical. From automated customer experiences to intelligent cyber security and predictive analytics, AI transformations are increasingly being built on a cloud-first foundation. Over the past two years, AI has swiftly moved from an experimental state to an operational reality, with every leading organization embedding AI into the core of how they build, operate, and compete. However, security architectures have not kept pace with the AI transformation. Closing that gap requires more than incremental fixes. It demands a rethinking of how security is designed, deployed, and enforced […]

The post 2026 Cloud Security Report: Why Traditional Network, Cloud, and Security Architecture Are Lagging Behind the AI Transformation appeared first on Check Point Blog.

  •  
❌