Category: Check Point Blog

In recent years, PDFs emerged as a primary vector for attack chains, with threat actors exploiting their ubiquity and complexity to deliver malware through sophisticated social engineering tactics. Recognizing this escalating threat, Check Point introduces PDFguard, an advanced AI engine…

Read more →

In the rapidly evolving world of industrial IoT (IIoT), the integration of AI-driven decision-making into operational technology (OT) systems has created the impression of tighter control, smarter response times and predictive efficiency. This feeling of having control might actually be…

Read more →

The threat at a glance Darktrace researchers have identified PumaBot, a Go-based Linux botnet that focuses on embedded surveillance cameras and other IoT devices.Unlike spray-and-pray botnets that scan the whole internet, PumaBot pulls a curated IP list from its C2…

Read more →

Nearly 20% of all data breaches in recent years involved a third-party vendor, and they weren’t minor. According to IBM’s Cost of a Data Breach Report, breaches tied to third-party access took an average of 26 days longer to identify…

Read more →

AI-powered coding assistants like GitHub’s Copilot, Cursor AI and ChatGPT have swiftly transitioned from intriguing gadgets to indispensable sidekicks for modern developers. A recent survey by Stack Overflow revealed that over 76% of developers now rely on these assistants, with…

Read more →

Malicious Minecraft Mods Discovered: Check Point Research (CPR) uncovered a multistage malware campaign in which the malware itself was embedded within fake Minecraft mods, shared on GitHub to specifically target active players. Three-Stage Infection Chain: The attack involves a Java…

Read more →

In cyber security, external attack surface management (ASM) is like tending a garden, helping you keep track of plants (your assets) as they grow. It enables you to monitor your assets and quickly identify risks to them—like pests attacking the…

Read more →

In May 2025, a sophisticated phishing campaign emerged, impersonating several U.S. state Departments of Motor Vehicles (DMVs). This campaign leveraged widespread SMS phishing (smishing) and deceptive web infrastructure to harvest personal and financial data from unsuspecting citizens. Victims received alarming…

Read more →

Staying ahead of threats in the ever-evolving landscape of cyber security requires not only robust protection but also efficient and effective operational processes. At Check Point, we are committed to enhancing your security infrastructure with cutting-edge AI solutions. Today, we…

Read more →

In February 2025, our detection engines identified a SpyLoan application on a victim’s device. The detected sample belonging to the “RapiPlata” application, which was available on Google Play (GP) and downloaded by over 100K victims. We estimate that around 150K…

Read more →

Check Point continues to grow our offerings and capabilities for the Amazon Web Services (AWS) cloud. Over the last year, we’ve expanded our capabilities with AWS Gateway Load Balancers and AWS Cloud WAN, and we’ve launched CloudGuard WAF-as-a-Service on AWS…

Read more →

Attackers took advantage of a Discord feature that lets expired or deleted invite links be reused, allowing them to hijack trusted community links and redirect users to harmful servers. The attack tricks users with a fake verification bot and phishing…

Read more →

Over 39,000 new vacation-related domains registered in May 2025, with 1 in 21 flagged as malicious or suspicious—cyber criminals target travel enthusiasts and property owners through phishing scams mimicking popular platforms like Airbnb and Booking.com. As summer travel season kicks…

Read more →

Managed service providers (MSPs) are facing a pivotal moment. As businesses of all sizes continue to adopt cloud platforms, hybrid work models, and mobile-first strategies, MSPs are being tasked with delivering stronger, faster, and more comprehensive cyber security services, many…

Read more →

Inside Stealth Falcon’s Espionage Campaign Using a Microsoft Zero-Day Check Point Research (CPR) identified a previously unknown Windows vulnerability (CVE-2025-33053) being actively exploited in the wild. Following CPR’s responsible disclosure, Microsoft released a patch on its June 10th Patch Tuesday…

Read more →

The global travel industry is flying high once again, but alongside its recovery comes a surge in digital turbulence. As travel demand surges and operations digitize at an unprecedented rate, cyber criminals are seizing new opportunities to exploit vulnerabilities in…

Read more →

 Cyber criminals are becoming more brazen, and this month, research highlights the rise of SafePay, a relatively new but increasingly active ransomware group that has quickly established itself as a key player in the cyber crime ecosystem. Meanwhile, FakeUpdates remains…

Read more →

Breaches are not a matter of if but when, which is why relying solely on passwords is a dangerous oversight. As the Product Security Manager for Harmony SASE, I’ve seen the destruction firsthand, and I’m here to tell you that…

Read more →

Cloud environments are evolving faster than many security teams can adapt. As hybrid, multi-cloud, edge, and SaaS adoption accelerates, organizations face fragmented systems, inconsistent controls, and widening attack surfaces. Threat detection is often delayed, tools are overwhelmed, and many defenses…

Read more →

How the market is evolving and why now, more than ever, you need an AI powered WAF What defines a next-generation web application and API protection (WAAP) platform? How can security teams keep pace with today’s fast-moving, API-driven threat landscape…

Read more →