Category: Check Point Blog

New Group, Fast Growth: Yurei ransomware first appeared on September 5, already listing three victims in Sri Lanka, India, and Nigeria within its first week. Copy-Paste Malware: The ransomware is largely based on the open-source Prince-Ransomware project, showing how attackers…

Read more →

In August 2025, the global cyber threat landscape presented a complex interplay of stability and alarming new challenges. Organizations around the world confronted an average of nearly 2,000 cyber attacks each week—a slight 1% decrease from July but a stark…

Read more →

On September 8, 2025, the JavaScript ecosystem experienced what is now considered the largest supply chain attack in npm history. A sophisticated phishing campaign led to the compromise of a trusted maintainer’s account, resulting in the injection of cryptocurrency-stealing malware into 18+ foundational npm packages.…

Read more →

Today’s workplace is no longer defined by office walls. Consequently, IT and security teams must rethink their approach to access and security. Enter Secure Access Service Edge (SASE), an architecture that merges network and security services into a unified, cloud-delivered…

Read more →

Imagine walking into a kitchen where you can shout out recipes and a robot instantly cooks up a meal. You ask for pasta, and within minutes you have a steaming plate in front of you.  The speed and convenience are…

Read more →

Whether it’s a pandemic, war, or natural disaster, one thing is certain: disruption is inevitable. For information security professionals, the important question is whether your network is ready to keep operations running securely. There are two essential tactics you can…

Read more →

Key Findings: Newly released framework called Hexstrike-AI provides threat actors with an orchestration “brain” that can direct more than 150 specialized AI agents to autonomously scan, exploit, and persist inside targets. Within hours of its release, dark web chatter shows…

Read more →

A SaaS Security nightmare for IT managers everywhere recently came true. Attackers leveraged legitimate OAuth tokens from Salesloft’s Drift chatbot integration with Salesforce to silently exfiltrate customer data from the popular CRM platform, according to Google Threat Intelligence Group. The…

Read more →

Julia, can you tell us a bit about yourself? I’m a system architect in the Quantum Network Security Products department. My main responsibilities focus on building system solutions and related architectural work, but I’m also very passionate about promoting a…

Read more →

As millions of students return to classrooms and campuses, schools are facing another challenge: a sharp rise in cyber attacks. According to Check Point Research, from January through July 2025, the education sector continued its streak as the most targeted…

Read more →

Delivering AI-powered network security across on-premises, cloud and SASE to prevent the most advanced threats Check Point is named a Leader in the 2025 Gartner® Magic Quadrant™ for Hybrid Mesh Firewall.  Gartner recognized Check Point for ability to execute and completeness…

Read more →

ZipLine is one of the most advanced social engineering phishing campaigns seen by Check Point Research. Attackers reverse the usual phishing flow by starting contact through a company’s public “Contact Us” form, tricking victims into initiating email correspondence. They exchange…

Read more →

Check Point researchers have uncovered a large-scale active phishing campaign abusing Google Classroom, a platform trusted by millions of students and educators worldwide. Over the course of just one week, attackers launched five coordinated waves, distributing more than 115,000 phishing…

Read more →

We are excited to announce that CloudGuard WAF-as-a-Service (WAFaaS) is now available on Amazon Web Services (AWS) Marketplace and verified as a “Deployed on AWS” solution. This release simplifies application and API protection for AWS customers. CloudGuard WAF was recognized…

Read more →

Enterprise security and networking teams need details fast, and we work hard to make sure your SASE admin experience is as streamlined as possible. But sometimes it’s better to integrate data into the tools you already use. Introducing the Harmony…

Read more →

In an increasingly AI-powered enterprise landscape, the recent discovery of a zero-click vulnerability in Microsoft 365 Copilot, dubbed EchoLink, should come as a stark warning for cyber security leaders. This isn’t just another flaw – it’s a new class of…

Read more →

Introduction Last week, researchers at Carnegie Mellon University (CMU) revealed a finding that caught the attention of both the AI and cybersecurity worlds. Their work tackled a lingering challenge: whether today’s leading large language models (LLMs) can independently carry out…

Read more →

When Instagram quietly rolled out its new “Friend Map” feature, it was billed as a fun way to see where friends are and discover shared hangouts. But the launch also sparked immediate concern, and for good reason. Location sharing isn’t…

Read more →

In the dynamic world of cyber security, staying ahead of malicious actors is paramount. We are thrilled to introduce the GitHub Abuse Engine, a cutting-edge engine of ThreatCloud AI designed to detect and mitigate malicious abuse on GitHub. This engine leverages…

Read more →

Check Point Research uncovered six fresh vulnerabilities in Microsoft Windows, including one critical flaw with potential for wide-reaching impact. These weaknesses could trigger system crashes, enable arbitrary code execution, or expose sensitive data across networks. Following a responsible disclosure process,…

Read more →