Check Point Software

Modern cyber attacks move faster than ever before. While your security team is analyzing one threat, attackers are already spreading across your network, exploiting the gaps between siloed security tools and manual response processes. To stop threats, your security measures must outpace threat actors. The Reality of Fragmented Security Most organizations operate with a patchwork of security solutions: network protection here, endpoint security there, email filtering somewhere else. Each tool excels in its domain, but when a threat is detected at one point, protection doesn’t automatically extend to others. This fragmentation creates windows of opportunity that skilled attackers exploit. Manual The post Turn a Single Detection into Enterprise-Wide Prevention with Infinity Playblocks appeared first on Check Point Blog.

For too long, the narrative around AI in cyber security has focused on its defensive capabilities. While AI is revolutionizing how organizations protect themselves – bringing unprecedented speed, accuracy, and automation – it’s crucial to acknowledge the other side of the coin. Cyber criminals are quickly embracing AI, using large language models (LLMs) and advanced agentic AI to craft more potent and elusive attacks. Consider the rise of malicious LLMs like WormGPT and the more recent Xanthorox AI. These aren’t just theoretical threats; they’re platforms designed for nefarious purposes. WormGPT, based on the GPT-J model, was marketed as a “blackhat” The post The AI Arms Race: When Attackers Leverage Cutting-Edge Tech appeared first on Check Point Blog.

The endpoint security landscape is evolving faster than many security teams can keep up. While organizations are being overwhelmed with alert fatigue from multiple disconnected tools, a new Frost & Sullivan report underscores that the future of cyber security belongs to consolidated workforce security platforms that reduce complexity. Frost & Sullivan’s 2025 Endpoint Security Radar Report positions Check Point Harmony Endpoint as a strong performer in the competitive marketplace. But more than just recognizing the efficacy of our technology, the report validates our entire philosophy around consolidated workforce security. The market is echoing this view with endpoint security spending expected The post Frost & Sullivan Report Validates Value of Consolidated Security appeared first on Check Point Blog.

Check Point Research identifies the first documented case of malware embedding prompt injection to evade AI detection. Check Point Research discovered the first known case of malware designed to trick AI-based security tools The malware embedded natural-language text into the code that was designed to influence AI models into misclassifying it as benign While the evasion attempt did not succeed, it signals the emergence of a new category of threats: AI Evasion The discovery highlights how attackers are adapting to the growing use of generative AI in malware analysis and detection workflows Malware authors have long evolved their tactics to The post AI Evasion: The Next Frontier of Malware Techniques appeared first on Check Point Blog.

Amid growing warnings from agencies like the FBI and DHS about Iranian cyber activity, Check Point Research is sharing fresh, real-world examples from the past few days to shed light on how these threats are playing out in practice. We’ve identified the reemergence of an active, global spear-phishing campaign attributed to the Iranian threat actor Educated Manticore, also tracked as APT42, Charming Kitten, and Mint Sandstorm. Associated with the IRGC Intelligence Organization, this group is known to target public figures around the world. Currently, the campaign is executing sophisticated credential theft operations against high-profile individuals in Israel, while the real The post Educated Manticore Reemerges: Iranian Spear-Phishing Campaign Targeting High-Profile Figures appeared first on Check Point Blog.

In recent years, PDFs emerged as a primary vector for attack chains, with threat actors exploiting their ubiquity and complexity to deliver malware through sophisticated social engineering tactics. Recognizing this escalating threat, Check Point introduces PDFguard, an advanced AI engine designed to prevent malicious PDFs that employ deceptive tactics. Impressively, PDFguard has identified 25% more malicious files than its predecessor, most of which have never been seen before! The Growing Threat of Malicious PDFs Organizations generally use email and PDFs in standard business communications and are widely regarded as safe and reliable. This false sense of safety has resulted in The post PDFguard: AI Engine Against Growing Threats in PDFs appeared first on Check Point Blog.

The threat at a glance Darktrace researchers have identified PumaBot, a Go-based Linux botnet that focuses on embedded surveillance cameras and other IoT devices.Unlike spray-and-pray botnets that scan the whole internet, PumaBot pulls a curated IP list from its C2 and then brute-forces SSH logins on port 22 until it gets a shell. Once in, it drops its payload under /lib, registers a rogue systemd service, injects a back-door key into ~/.ssh/authorized_keys, and can fetch further modules via the same C2 channel. Why device-level controls matter Because PumaBot’s entire kill-chain exploited vulnerabilities and misconfiguration on the device itself, network-edge firewalls The post Defeating PumaBot: How Check Point Quantum IoT Protect Nano Agent Shields Surveillance Devices appeared first on Check Point Blog.

In the rapidly evolving world of industrial IoT (IIoT), the integration of AI-driven decision-making into operational technology (OT) systems has created the impression of tighter control, smarter response times and predictive efficiency. This feeling of having control might actually be a risky illusion. Autonomous systems are now responsible for critical infrastructure: smart grids, manufacturing lines and water treatment facilities, all relying on interconnected sensors and AI for autonomous decision-making. But as the layers of automation deepen, so too does the complexity, making it increasingly difficult to understand or audit decisions made by machines. As more layers of automation are added, The post The illusion of control: Can we ever fully secure autonomous industrial systems? appeared first on Check Point Blog.

Nearly 20% of all data breaches in recent years involved a third-party vendor, and they weren’t minor. According to IBM’s Cost of a Data Breach Report, breaches tied to third-party access took an average of 26 days longer to identify and cost more than those that didn’t – $4.46 million per incident compared to the global average of $4.35 million.¹ In manufacturing, where operations rely on a web of suppliers, contractors, and remote service providers, this risk becomes even more pressing. When just one external connection is compromised, the impact can cascade – halting production, leaking sensitive data, or exposing The post Third-Party Access: The Cyber Risk Manufacturers Can’t Afford to Ignore appeared first on Check Point Blog.

AI-powered coding assistants like GitHub’s Copilot, Cursor AI and ChatGPT have swiftly transitioned from intriguing gadgets to indispensable sidekicks for modern developers. A recent survey by Stack Overflow revealed that over 76% of developers now rely on these assistants, with more than 80% reporting significant productivity improvements by using AI code generators & augmented code editors. These “virtual teammates” simplify complex tasks, streamline development workflows, and significantly accelerate project timelines. But with every innovation comes new risks. AI coding assistants occasionally generate what’s known as “hallucinations”, confident recommendations for software packages that simply don’t exist.  A recent study by researchers The post The Hidden AI Threat to Your Software Supply Chain appeared first on Check Point Blog.