Check Point Software

In December 2025, organizations experienced an average of 2,027 cyber attacks per organization per week. This represents a 1% month-over-month increase and a 9% year-over-year increase. While overall growth remained moderate, Latin America recorded the sharpest regional increase, with organizations experiencing an average of 3,065 attacks per week, a 26% increase year over year. The data points to sharper regional and sector-level spikes in activity, driven primarily by ransomware operations and expanding exposure linked to enterprise adoption of generative AI (GenAI). Latin America experienced the sharpest rise in cyber attacks globally, with organizations in the region facing an average of The post Latin America Sees Sharpest Rise in Cyber Attacks in December 2025 as Ransomware Activity Accelerates appeared first on Check Point Blog.

Key Points: VoidLink is a cloud-native Linux malware framework built to maintain long-term, stealthy access to cloud infrastructure rather than targeting individual endpoints. It reflects a shift in attacker focus away from Windows systems toward the Linux environments that power cloud services and critical operations. Its modular, plug-in-driven design allows threat actors to customize capabilities over time, expanding attacks quietly as objectives evolve. Adaptive stealth enables it to operate differently depending on defenses, prioritizing evasion in monitored environments and speed where visibility is limited. Check Point Research has identified a new and highly advanced malware framework, VoidLink, designed specifically to The post VoidLink: The Cloud-Native Malware Framework Weaponizing Linux Infrastructure appeared first on Check Point Blog.

Today’s security teams work in complex, multi-tool environments. Alerts flow from SIEMs, tickets are created in ITSM platforms, actions occur in cloud and network controls, and workflows span countless third-party services. To keep pace, automation must be open, flexible, and seamlessly connected across every system that matters. We’re excited to introduce two powerful new capabilities in Infinity Playblocks that take us one step closer to a truly open automation ecosystem: API Request Step and Webhook Trigger. Together, they unlock a new open garden approach to security automation – where Infinity Playblocks seamlessly integrates with any system, inbound or outbound, without The post Opening the Automation Garden: API Request & Webhook Trigger in Infinity Playblocks appeared first on Check Point Blog.

Executive Summary The OPCOPRO “Truman Show” operation is a fully synthetic, AI‑powered investment scam that uses legitimate Android and iOS apps from the official mobile app stores, and AI‑generated communities to steal money and identity data from victims. Instead of relying on malicious code, the attackers use social engineering. The attackers pull victims using phishing SMS/ads/Telegram into tightly-controlled WhatsApp and Telegram groups, where AI‑generated “experts” and synthetic peers simulate an institutional‑grade trading community for weeks before any money or personal details are requested. The mobile apps themselves contain no trading logic and act only as WebView shells connected to attacker‑controlled The post The Truman Show Scam: Trapped in an AI-Generated Reality appeared first on Check Point Blog.

Simplifying Cloud Network Security When securing cloud landscapes, it’s critically important to eliminate any downtime or performance degradation that firewall or gateway implementation may cause. To address these challenges, Check Point is proud to announce our support for Google Cloud Network Security Integration. This innovation creates a nondisruptive approach to cloud firewall deployment, increasing network security without negatively impacting performance. Scaling Hybrid Cloud Network Security Network security and performance are critical to any organization, but this is especially true for industries under heavy regulations like financial services, healthcare, and government. So over time these organizations gain comfort, expertise, and confidence The post Check Point Supports Google Cloud Network Security Integration appeared first on Check Point Blog.

As businesses and service providers deploy AI tools and systems, having strong cyber security across the entire AI pipeline is a foundational requirement, from design to deployment. Even at this stage of AI adoption, attacks on AI infrastructure and prompt-based manipulation are gaining traction. Per a recent Gartner report, 32% of organizations have already experienced an AI attack involving prompt manipulation, while 29% faced attacks on their GenAI infrastructure in the past year. Nearly 70% of cyber security leaders said emerging GenAI risks demand significant changes to existing cyber security approaches. And a recent Lakera survey found that only 19% of organizations The post Check Point Secures AI Factories with NVIDIA appeared first on Check Point Blog.

Define Security Success Organizations face an escalating threat landscape and a widening cyber security skills gap. Compliance-driven training alone cannot prepare teams for real-world challenges like incident response, SOC operations, and threat hunting. Without robust, practical training, defenses weaken, and vulnerabilities multiply. Recent data from Cybrary – a leading cyber security training platform – shows how modern approaches are transforming readiness. Cybrary specializes in practical, role-based learning for security professionals. Through its partnership with Check Point’s Infinity Global Services, organizations gain access to structured programs that combine industry-recognized certifications, hands-on labs, and customized learning paths. The Impact of Cyber Security The post Cyber Resilience Starts with Training: Why Skills Define Security Success appeared first on Check Point Blog.

As a global leader in cyber security, Check Point proudly highlights its 2025 recognition from leading analyst firms and research labs. Check Point believes these honors highlight the company’s commitment to protecting AI-driven environments and securing distributed networks that underpin digital trust. This year made it clear that as AI adoption accelerates, security teams are under growing pressure to protect an expanding landscape of data, applications, and infrastructure. Check Point helps organizations stay ahead with a prevention-first approach that unifies security management, strengthens Zero Trust frameworks, and enables the safe use of AI across the enterprise. With cyber attacks rising The post Check Point Celebrates 2025 with Top Analyst and Research Lab Recognitions appeared first on Check Point Blog.

This report describes a phishing campaign in which attackers impersonate legitimate Google generated messages by abusing Google Cloud Application Integration to distribute malicious emails that appear to originate from trusted Google infrastructure. The emails mimic routine enterprise notifications such as voicemail alerts and file access or permission requests, making them appear normal and trustworthy to recipients. In this incident, attackers sent 9,394 phishing emails targeting approximately 3,200 customers over the past 14 days. All messages were sent from the legitimate Google address noreply-application-integration@google.com, which significantly increased their credibility and likelihood of reaching end users’ inboxes. Method of attack Based on The post Phishing Campaign Leverages Trusted Google Cloud Automation Capabilities to Evade Detection appeared first on Check Point Blog.

Key Insights Insider recruitment is a growing cyber threat across banks, telecoms, and tech firms. Darknet ads offer payouts from $3,000 to $15,000 for access or data. Crypto exchanges, banks, and cloud providers are prime targets. Prevention requires employee education, strict access controls, and darknet monitoring. The Rise of Insider Recruitment in Cyber Crime Cyber criminals are no longer relying solely on brute force, social engineering, or exploiting vulnerabilities. Increasingly, they are recruiting insiders within organizations to gain access to corporate networks, user devices, and cloud environments. Across darknet forums, employees are being approached, or even volunteering, to sell access The post Cyber Criminals Are Recruiting Insiders in Banks, Telecoms, and Tech appeared first on Check Point Blog.