Check Point Software

In an increasingly AI-powered enterprise landscape, the recent discovery of a zero-click vulnerability in Microsoft 365 Copilot, dubbed EchoLink, should come as a stark warning for cyber security leaders. This isn’t just another flaw – it’s a new class of threat. One that doesn’t require a single click, a download, or any user interaction to trigger. EchoLink is invisible, fast-moving, and capable of silently leaking sensitive enterprise data. For organizations heavily invested in Microsoft’s productivity suite, EchoLink is a serious red flag. Many rely on Microsoft’s native security tools or try to patch gaps with multiple point solutions. But this The post EchoLink and the Rise of Zero-Click AI Exploits appeared first on Check Point Blog.

Introduction Last week, researchers at Carnegie Mellon University (CMU) revealed a finding that caught the attention of both the AI and cybersecurity worlds. Their work tackled a lingering challenge: whether today’s leading large language models (LLMs) can independently carry out complex, multi-host cyber-attacks from start to finish. In their raw form, when asked to execute multi-step cyber-attacks from start to finish, these models routinely fail. They wander off-task, choose the wrong tools, or supply flawed parameters that derail the operation. Their breakthrough came with the introduction of Incalmo, a structured abstraction layer that narrows planning to a precise set of The post The Brain Behind Next-Generation Cyber Attacks appeared first on Check Point Blog.

When Instagram quietly rolled out its new “Friend Map” feature, it was billed as a fun way to see where friends are and discover shared hangouts. But the launch also sparked immediate concern, and for good reason. Location sharing isn’t just about convenience; it’s about trust, safety, and control over your personal data. While Meta insists the feature is opt-in, the reality is that enabling it can open the door to far more than just casual meetups. It blurs the line between digital privacy risks and physical security threats, exposing users to targeted attacks, stalking, and unwanted profiling. The way The post Instagram Can Be Fun – Don’t Let It Become a Weapon: Behind Meta’s New Map Feature appeared first on Check Point Blog.

In the dynamic world of cyber security, staying ahead of malicious actors is paramount. We are thrilled to introduce the GitHub Abuse Engine, a cutting-edge engine of ThreatCloud AI designed to detect and mitigate malicious abuse on GitHub. This engine leverages advanced algorithms and AI to identify accounts and repositories that are hosted on GitHub and used for credential theft attacks and drive-by downloads. Integrated with our ThreatCloud AI, it offers comprehensive protection across Quantum gateways, Harmony Email, Endpoint, and Harmony Mobile. GitHub Abuse GitHub, with its extensive collection of open-source projects, has become an attractive target for cyber criminals. Malicious The post GitHub Abuse Engine: Stay One Step Ahead appeared first on Check Point Blog.

Check Point Research uncovered six fresh vulnerabilities in Microsoft Windows, including one critical flaw with potential for wide-reaching impact. These weaknesses could trigger system crashes, enable arbitrary code execution, or expose sensitive data across networks. Following a responsible disclosure process, Check Point privately reported these issues to Microsoft, with the final patch delivered on August 12 Patch Tuesday. Check Point customers are already protected—our security solutions actively detect and block attempts to exploit these vulnerabilities. On Tuesday, August 12th, Microsoft released the final patches for six newly discovered Windows vulnerabilities identified by Check Point Research, including one rated as critical. The post Microsoft Vulnerabilities Exposed by Check Point Research appeared first on Check Point Blog.

From critical infrastructure to classrooms, no sector is being spared. In July 2025, cyber attacks surged across nearly every industry and region, marking a sharp escalation in both scale and sophistication. This blog unpacks the latest global trends in cyber attacks, including: The overall volume of attacks worldwide. Industry-specific targeting. Regional threat hotspots. The latest ransomware data, including which countries are hardest hit. The insights come from our ThreatCloud AI platform, which analyzes millions of indicators of compromise (IoCs) daily. Powered by over 50 AI-driven engines and fed by intelligence from more than 150,000 networks and millions of endpoints, ThreatCloud The post New Data Reveals July’s Worst Ransomware Groups and Attack Surges appeared first on Check Point Blog.

Major banks are adopting public blockchains at an accelerating pace. Financial institutions are moving beyond pilot programs on private networks to live deployments on permissionless blockchains. Today, major financial institutions are issuing stablecoins and tokenizing real world assets (stocks, bonds, ect.) directly on public blockchains . Stablecoin transaction volumes now exceed the combined throughput of Visa and Mastercard, marking blockchain’s emergence as the new backbone of digital payments infrastructure. Bringing enterprise security to Cardano mainnet This massive growth comes with its set of security challenges. Institutions can’t interact safely with public blockchains, which have become increasingly adversarial environments. There’s a The post Check Point Deploys Real-Time Threat Detection on Cardano Mainnet appeared first on Check Point Blog.

One of the most pressing cyber threats businesses face today is the rampant rise in compromised credentials. Data from Check Point External Risk Management (previously known as Cyberint), reveals a staggering 160% increase in compromised credentials so far in 2025 compared to 2024. This isn’t just a statistic; it’s a direct threat to your organization’s security. Late last year, we reported 14,000 cases in just 1 month where our customers’ employee credentials, even those adhering to company password policies, were exposed in data breaches – a clear indicator of real and present risk. Where in the World are Credentials Most The post The Alarming Surge in Compromised Credentials in 2025 appeared first on Check Point Blog.

In today’s digital landscape, public sector organizations—particularly those in the State, Local, and Education (SLED) sectors—are contending with an unprecedented surge in cyber threats. Over the past several years, attacks against SLED institutions have been increasing not just steadily but exponentially. What was once an occasional disruption has evolved into a constant barrage of ransomware extortion, data breaches, and sophisticated fraud schemes targeting everything from K–12 school districts to state health departments and municipal governments. This escalation isn’t happening in a vacuum. Since 2022, the world has witnessed profound geopolitical shifts—wars, regional conflicts, and a reconfiguration of international alliances—that have The post Winning the Game You Didn’t Choose: The Case for External Cyber Defense in Government and Education appeared first on Check Point Blog.

The modern workforce operates beyond traditional boundaries. Contractors use their own laptops, and hybrid employees embrace BYOD, to access critical systems with devices IT never touches. This flexibility powers business agility, but it also creates a massive security blind spot. How do you secure what you don’t control? Enter the Check Point Enterprise Browser. It’s a Chromium-based browser that extends Zero Trust security to any unmanaged device, securing access without sacrificing user experience. The Unmanaged Device Dilemma For security teams, unmanaged devices present a difficult equation. Consider these common scenarios: A third-party developer needs temporary access to an internal database The post Securing the Unmanaged: Check Point Enterprise Browser Delivers Zero Trust to Any Device appeared first on Check Point Blog.