Check Point Software

When Google unveiled Gemini 3 on 18 November 2025, most headlines focused on its leaps in reasoning, multimodality, and performance. But executives should look past the model-to-model comparisons. Gemini 3’s real significance is structural. Part of a Broader Trend — Accelerated by Gemini 3 AI assistants have already begun moving inside enterprise workflows. Microsoft Copilot, for example, has embedded OpenAI models deeply into the Microsoft ecosystem for some time, enabling users to query documents from office.com, summarize inboxes, act on Teams content, and automate tasks across Office 365. Gemini 3 continues — and accelerates — this trend in Google’s environment.It The post AI Has Become the New Enterprise Perimeter — and Gemini 3 Pro Just Proved It appeared first on Check Point Blog.

Tell us your story — who you are, what drives you, and how your journey brought you to where you are today. I’m Angel Salazar, born in Guatemala, and my interest in technology began back in school when I studied electronics. I still remember the thrill of building my first circuit — and realizing that technology could be used both for good and for harm. That hands-on curiosity eventually grew into a deep passion for cyber security, where I’ve now spent more than 25 years. Along the way, I’ve taken on many roles — from engineer and security auditor to The post Employee Spotlight: Getting to Know Angel Salazar appeared first on Check Point Blog.

How attackers infiltrated the npm ecosystem, what Check Point researchers uncovered, and how organizations can protect their development pipelines. The Shai-Hulud 2.0 campaign, referred to by its operators as The Second Coming, is one of the most extensive and fast moving npm supply chain attacks observed in recent years. Between 21 and 23 November 2025, the attackers compromised hundreds of npm packages and more than 25,000 GitHub repositories in only a few hours. Unlike traditional malware that activates after installation, this campaign abuses the npm preinstall lifecycle script, allowing the malicious payload to run before installation completes and even when The post Shai-Hulud 2.0: Inside The Second Coming, the Most Aggressive NPM Supply Chain Attack of 2025 appeared first on Check Point Blog.

The year 2026 will not be defined by incremental upgrades. It will be shaped by an unprecedented collision of forces: next-generation computing, hyper-automation, and a global cyber security reckoning. Technological convergence and the rise of autonomous systems will redefine global resilience. Artificial intelligence is no longer a single discipline. It has become the connective tissue linking cloud, networks, and physical systems. Quantum research is challenging the fundamental mathematics of digital trust, while Web 4.0 is transforming the internet into an immersive, always-on layer of reality. This report highlights the key forces identified by Check Point’s researchers, strategists, and regional leaders The post The 2026 Tech Tsunami: AI, Quantum, and Web 4.0 Collide appeared first on Check Point Blog.

Security teams must protect apps and APIs without drowning in rule maintenance or false-positive triage. Many traditional WAFs pile on hidden expenses like manual tuning, lot of false-positives, and breach fallout that increase costs and drain resources. Check Point CloudGuard WAF is different. It not only delivers industry-leading prevention but also minimizes operational, business, and risk-related costs, making it the most cost-effective WAF on the market. With proven accuracy in the WAF Comparison Project 2024-25 (1,040,242 legitimate requests, 692 sites; 13 vendors), CloudGuard WAF achieved ~99.4% detection and ~0.8% false positives in project testing. These numbers aren’t just statistics. They The post How CloudGuard WAF Lowers Risk and Total Cost of Ownership (TCO) appeared first on Check Point Blog.

Check Point researchers uncover a large-scale Android adware campaign that silently drains resources and disrupts normal phone use through persistent background activity. During an internal threat-hunting investigation, Check Point Harmony Mobile Detection Team identified a network of Android applications on Google Play masquerading as harmless utility and emoji-editing tools. Behind their cheerful icons, these apps created a persistent background advertising engine – one that kept running even after users closed or rebooted their devices, quietly consuming battery and mobile data. At its peak, the campaign, now dubbed “GhostAd”, included at least 15 related apps, five of which were still available The post GhostAd: Hidden Google Play Adware Drains Devices and Disrupts Millions of Users appeared first on Check Point Blog.

The global appetite for GLP-1 medications like Ozempic, Wegovy and Mounjaro have created something far more dangerous than a cultural trend. It has created the perfect opening for cyber criminals who understand how desperation, scarcity and online misinformation intersect. As clinics struggle with shortages and manufacturers warn of supply limits extending well into 2025 and 2026, the demand for “easier,” faster or cheaper alternatives has exploded. Into this void, criminal groups have moved with extraordinary speed. A few weeks ago, Check Point Research published an investigation into the rise of AI-powered pharmaceutical scams in the United States. We revealed how The post Inside Europe’s AI-Fuelled GLP-1 Scam Epidemic: How Criminal Networks Are Hijacking the Identities of the NHS, AEMPS, ANSM, BfArM and AIFA to Sell Fake Weight-Loss Products appeared first on Check Point Blog.

Why foundational failures still cost companies, even when they’re insured Cyber insurance is no longer a luxury. It’s a boardroom staple, a checkbox on every enterprise risk register. But most organizations are betting on a safety net that may not hold. Not because the threats are too advanced, but because the basics are too often ignored. The False Comfort of Coverage Cyber insurance policies are designed to reduce financial exposure in the event of a breach. But they’re not a blank check. Many organizations face partial payouts, delays, or outright denials. Why? Because insurers often tie coverage to the presence The post Cyber Insurance Won’t Save You from Bad Hygiene appeared first on Check Point Blog.

Key findings Malicious activity is rising, with 1 in 11 newly registered Black Friday themed domains classified as harmful. Brand impersonation remains a primary tactic, with 1 in 25 new domains related to the reputable ecommerce marketplaces of Amazon, AliExpress, and Alibaba flagged as malicious. Attackers are deploying convincing fake storefronts that copy logos, layouts, and product imagery to capture credentials and payment data. Recent campaigns impersonating HOKA athletic footwear brand and AliExpress ecommerce site demonstrate active phishing operations tied to Black Friday promotions. Fraudulent Black Friday Domains Continue to Climb Seasonal shopping periods regularly trigger domain registration spikes, and The post The Black Friday Cyber Crime Economy: Surge in Fraudulent Domains and eCommerce Scams appeared first on Check Point Blog.

Managing network security is a critically important and challenging task, especially in cloud environments. Scaling firewalls across tens of subnets and VPCs can become challenging with creating, maintaining, and updating many custom rule sets.  Depending on the how many firewalls are deployed, traditional manual rule deployment can take 20 hours per week or more, requiring constant monitoring to protect against emerging threats and new attack vectors, placing a significant burden on scarce IT resources. To meet this challenge, Check Point and AWS have teamed to deliver Check Point Managed Rules for AWS Network Firewall to simplify scaling the deployment of The post Check Point Launches Managed Rules for AWS Network Firewall appeared first on Check Point Blog.