Check Point Software

In Q1 2026, Microsoft continued to be the most impersonated brand in phishing attacks, accounting for 22% of all brand impersonation attempts, according to data from Check Point Research (CPR). The results reinforce a long‑standing trend: attackers consistently exploit highly trusted brands to steal credentials and gain initial access to personal and enterprise environments. Apple climbed to second place with 11%, reflecting attackers’ increasing focus on consumer ecosystems tied to payments, identity, and personal devices. Google followed closely in third place at 9%, while Amazon ranked fourth with 7%. LinkedIn rose to fifth place with 6%, highlighting sustained attacker interest The post The Phishing Paradox: The World’s Most Trusted Brands Are Cyber Criminals’ Entry Point of Choice appeared first on Check Point Blog.

On World Quantum Day, much of the conversation celebrates breakthroughs in medicine, materials, and computing. But for cyber security leaders, quantum computing represents a fundamental disruption to the cryptographic foundations that secure our digital world. Q-Day is closer than you think What was once considered a distant, theoretical risk is rapidly becoming reality. Advances in quantum computing, including improved algorithms and reduced qubit requirements, are accelerating timelines. What the industry once viewed as a 2040s challenge is now approaching within years. In late 2025, Gartner elevated Post-Quantum Cryptography (PQC) migration to a board-level priority, urging action ahead of a 2030 The post World Quantum Day 2026: The Harvest Has Already Begun, Are You Prepared? appeared first on Check Point Blog.

The global manufacturing sector entered 2025 facing one of the most aggressive cyber threat environments in its history. Digital transformation, smart factories, and interconnected supply chains have expanded operational efficiency to places 50 years ago we wouldn’t have thought possible. But, this comes with unprecedented cyber risk. According to the Manufacturing Threat Landscape 2025 report, cyber incidents targeting manufacturing increased sharply year over year, placing the industry at the center of global ransomware activity. Manufacturing Becomes the Primary Ransomware Target In 2025, global ransomware incidents reached 7,419 documented cases, representing a 32 percent increase year over year. Manufacturing was the The post Why Manufacturing Cyber Security is Becoming More Complex as Cyber Attacks Accelerate appeared first on Check Point Blog.

Global Attack Volumes Begin to Moderate  In March 2026, global cyber attack activity showed early signs of moderation while remaining at historically elevated levels. The average number of weekly cyber-attacks per organization reached 1,995, representing a 4% decrease month over month and a 5% decline compared to March 2025.   Despite this easing, the overall threat environment remains intense. Nearly 2,000 weekly attacks per organization continue to reflect sustained adversary pressure, driven by automation, broad attack surface expansion, and persistent exposure risks tied to cloud adoption and GenAI usage. Check Point Research data indicates that while short term fluctuations are emerging, cyber threats have not returned to pre-surge baselines and remain a constant operational reality for organizations worldwide.  Critical Sectors Continue to Face The post March 2026 Cyber Threat Landscape Shows No Relief as Ransomware Rebounds and GenAI Risks Intensify appeared first on Check Point Blog.

The World Economic Forum’s Global Cybersecurity Outlook 2025 concurred that cyber risk is increasingly driven by operational complexity rather than lack of technology. As security environments expand, many organizations struggle with hands‑on skill gaps, slow issue resolution, and training that does not reflect how their environments de-facto operate. The result: higher operational risk – even in well‑equipped organizations.  To address these challenges, Check Point Services offers PS Private Training (Custom ILT): a tailored, instructor‑led program designed to strengthen operational mastery in real environments. The service replaces one‑size‑fits‑all instruction with customized training, hands‑on labs, and field‑proven best practices delivered by active Professional Services consultants, enabling The post PS Private Training: Turning Cyber Complexity into Operational Control appeared first on Check Point Blog.

Tax season remains one of the most attractive periods of the year for cyber criminals. As individuals and organizations exchange sensitive financial and identity data online, attackers take advantage of increased tax‑related activity to launch phishing campaigns, fraudulent websites, and malware attacks. Check Point Research shows that these campaigns are not opportunistic.  Threat actors begin preparing their infrastructure months in advance. A Surge in Malicious Tax‑Related Domains Between September 2025 and February 2026, hundreds of new domains containing tax‑related keywords or tax authority names were registered each month. This activity steadily increased toward the end of 2025 and intensified from The post Tax Season 2026: How Cyber Criminals Are Preparing Their Attacks Months in Advance appeared first on Check Point Blog.

Last week, the industry learned that Anthropic was developing Claude Capybara, also called Mythos, a powerful new AI model with substantially improved capabilities in vulnerability discovery, exploit development, and multi-step attack reasoning. While the details emerged through a data leak rather than a formal launch, the market response was unmistakable: AI has crossed a critical cyber security threshold. The frontier models are accelerating attack lifecycles and will enable attackers to identify and exploit vulnerabilities at scale, speed and through novel methods that previously were the domain of advanced nation state entities. For security leaders, this development is both a warning The post Claude Mythos Wake-Up Call: What AI Vulnerability Discovery Means for Cyber Defense appeared first on Check Point Blog.

Key Findings Check Point Research (CPR) has been tracking an ongoing password-spraying campaign targeting Microsoft 365 environments across the Middle East, conducted by an Iran-linked threat actor. The campaign was carried out in three distinct waves of attacks, which took place on March 3, March 13, and March 23 The campaign is primarily focused on Israel and the UAE, impacting more than 300 organizations in Israel and over 25 in the UAE. Activity associated with the same actor was also observed against a limited number of targets in Europe, the United States, the United Kingdom, and Saudi Arabia The activity The post Iran-nexus Password Spray Campaign Targeting Cloud Environments, with a Focus on the Middle East appeared first on Check Point Blog.

To move fast without losing control, enterprises need a Hybrid Mesh Network Security architecture. But for CISOs and CIOs, the challenge is clear: How do you demonstrate measurable business value from adopting hybrid mesh security? Analyst firm IDC interviewed security leaders from global business organizations to uncover the business impact of moving to a flexible, hybrid mesh security infrastructure.   Enterprise networks have become sprawling ecosystems that overwhelm security teams, driving reaction over prevention, while adding tools only compounds complexity. To support initiatives like AI transformation, stay competitive, and ensure leadership in their respective markets, enterprises need a Hybrid Mesh Network Security architecture that offers a single control plane for managing firewalls across complex, hybrid and remote digital environments.   Download the IDC Business The post Uncovering ROI of a Hybrid Mesh Architecture – 2026 IDC Business Value Study appeared first on Check Point Blog.

A zero day flaw in a trusted supply chain software turned a legitimate government collaboration tool into a malware delivery platform.  Operation TrueChaos at a Glance  Zero day vulnerability discovered in the TrueConf client update mechanism (CVE20263502, CVSS 7.8)  In the wild exploitation observed against government entities in Southeast Asia  Malware delivery via legitimate software updates, requiring no phishing or additional initial compromise vectors   Havoc, a powerful post exploitation framework, used as the suspected final stage payload  Victimology, tooling, and infrastructure suggest ties to a Chinese-nexus threat actor (moderate confidence)  Check Point Research were discovered the use of this vulnerability in the wild and responsibly notified the vendor who released a The post When Trusted Software Updates Become the Attack Vector: Inside Operation TrueChaos and a New Zero Day Vulnerability in a Popular Collaboration Tool appeared first on Check Point Blog.