Tag: Check Point Blog

Key Findings: Newly released framework called Hexstrike-AI provides threat actors with an orchestration “brain” that can direct more than 150 specialized AI agents to autonomously scan, exploit, and persist inside targets. Within hours of its release, dark web chatter shows…

Read more →

A SaaS Security nightmare for IT managers everywhere recently came true. Attackers leveraged legitimate OAuth tokens from Salesloft’s Drift chatbot integration with Salesforce to silently exfiltrate customer data from the popular CRM platform, according to Google Threat Intelligence Group. The…

Read more →

Julia, can you tell us a bit about yourself? I’m a system architect in the Quantum Network Security Products department. My main responsibilities focus on building system solutions and related architectural work, but I’m also very passionate about promoting a…

Read more →

As millions of students return to classrooms and campuses, schools are facing another challenge: a sharp rise in cyber attacks. According to Check Point Research, from January through July 2025, the education sector continued its streak as the most targeted…

Read more →

Delivering AI-powered network security across on-premises, cloud and SASE to prevent the most advanced threats Check Point is named a Leader in the 2025 Gartner® Magic Quadrant™ for Hybrid Mesh Firewall.  Gartner recognized Check Point for ability to execute and completeness…

Read more →

ZipLine is one of the most advanced social engineering phishing campaigns seen by Check Point Research. Attackers reverse the usual phishing flow by starting contact through a company’s public “Contact Us” form, tricking victims into initiating email correspondence. They exchange…

Read more →

Check Point researchers have uncovered a large-scale active phishing campaign abusing Google Classroom, a platform trusted by millions of students and educators worldwide. Over the course of just one week, attackers launched five coordinated waves, distributing more than 115,000 phishing…

Read more →

We are excited to announce that CloudGuard WAF-as-a-Service (WAFaaS) is now available on Amazon Web Services (AWS) Marketplace and verified as a “Deployed on AWS” solution. This release simplifies application and API protection for AWS customers. CloudGuard WAF was recognized…

Read more →

Enterprise security and networking teams need details fast, and we work hard to make sure your SASE admin experience is as streamlined as possible. But sometimes it’s better to integrate data into the tools you already use. Introducing the Harmony…

Read more →

In an increasingly AI-powered enterprise landscape, the recent discovery of a zero-click vulnerability in Microsoft 365 Copilot, dubbed EchoLink, should come as a stark warning for cyber security leaders. This isn’t just another flaw – it’s a new class of…

Read more →

Introduction Last week, researchers at Carnegie Mellon University (CMU) revealed a finding that caught the attention of both the AI and cybersecurity worlds. Their work tackled a lingering challenge: whether today’s leading large language models (LLMs) can independently carry out…

Read more →

When Instagram quietly rolled out its new “Friend Map” feature, it was billed as a fun way to see where friends are and discover shared hangouts. But the launch also sparked immediate concern, and for good reason. Location sharing isn’t…

Read more →

In the dynamic world of cyber security, staying ahead of malicious actors is paramount. We are thrilled to introduce the GitHub Abuse Engine, a cutting-edge engine of ThreatCloud AI designed to detect and mitigate malicious abuse on GitHub. This engine leverages…

Read more →

Check Point Research uncovered six fresh vulnerabilities in Microsoft Windows, including one critical flaw with potential for wide-reaching impact. These weaknesses could trigger system crashes, enable arbitrary code execution, or expose sensitive data across networks. Following a responsible disclosure process,…

Read more →

From critical infrastructure to classrooms, no sector is spared the risk of cyber threats. In July 2025, cyber attacks surged across nearly every industry and region, marking a sharp escalation in both scale and sophistication. This blog unpacks the latest…

Read more →

One of the most pressing cyber threats businesses face today is the rampant rise in compromised credentials. Data from Check Point External Risk Management (previously known as Cyberint), reveals a staggering 160% increase in compromised credentials so far in 2025…

Read more →

Major banks are adopting public blockchains at an accelerating pace. Financial institutions are moving beyond pilot programs on private networks to live deployments on permissionless blockchains. Today, major financial institutions are issuing stablecoins and tokenizing real world assets (stocks, bonds,…

Read more →

In today’s digital landscape, public sector organizations—particularly those in the State, Local, and Education (SLED) sectors—are contending with an unprecedented surge in cyber threats. Over the past several years, attacks against SLED institutions have been increasing not just steadily but…

Read more →

The modern workforce operates beyond traditional boundaries. Contractors use their own laptops, and hybrid employees embrace BYOD, to access critical systems with devices IT never touches. This flexibility powers business agility, but it also creates a massive security blind spot.…

Read more →

CVE-2025-54136 –  MCPoison Key Insights Critical RCE Flaw in Popular AI-powered IDE Check Point Research uncovered a persistent remote code execution vulnerability in Cursor, a fast-growing AI-powered coding platform trusted by developers worldwide. MCP Vulnerability Cursor allows attackers to gain…

Read more →