Check Point Software

Shadow AI is no longer a theoretical risk. Employees are adopting AI tools faster than security teams can track them, often without IT’s knowledge, and frequently on devices and surfaces that traditional security tools simply can’t see. If you asked your security team right now how many AI tools are active across your organization, on which surfaces, and what’s being shared, could they answer? For most organizations, the honest answer is no. And that gap, between what your employees are doing with AI and what your security team can actually see, is where enterprise risk lives today.  AI adoption in the enterprise didn’t slow down and wait for governance to catch The post The AI Your Security Team Can’t See Is the One You Should Worry About appeared first on Check Point Blog.

Last week, public sector leaders, cyber security practitioners, and technology experts gathered at the International Spy Museum in Washington, D.C. for Check Point Engage Public Sector: Securing the Mission of Public Sector Organizations in a Hyperconnected AI World. And what was on everyone’s mind? You guessed it – how federal and other public sector organizations secure mission-critical operations in an era where AI is transforming both cyber security defense and cyber warfare. What the audience learned across our several superb panel discussions was that AI has definitively become a challenging and fast-evolving battleground in the push and pull between attackers The post Check Point Engage Public Sector 2026: AI Is the New Battlefield appeared first on Check Point Blog.

The model behind a security workflow shapes how fast a threat is caught, how accurately an incident is investigated, and how much a defender can trust the result. We treat that choice with care. Today we’re taking a clear step forward: Check Point has joined OpenAI’s Daybreak initiative through its Trusted Access for Cyber (TAC) program. These are real steps in how we bring AI into our defensive operations, and in the security we deliver to our customers. What Trusted Access for Cyber Gives Us Trusted Access for Cyber is OpenAI’s program for vetted security organizations that need its most The post Check Point Joins OpenAI’s Trusted Access for Cyber Program and Daybreak Initiative appeared first on Check Point Blog.

Key Findings:   Check Point Research identified a critical vulnerability chain in LangGraph, an open-source framework from the creators of LangChain that enables developers to build complex, stateful, and controllable AI agent workflows using LLMs; they have approximately 46.5 million monthly downloads, making it one of the most widely adopted AI agent platforms in the world An SQL injection in LangGraph’s function could allow attackers to gain full control via remote code execution of a server by exploiting weaknesses in how the system processes and handles data. A compromised LangGraph server exposes everything the agent touches, including LLM API keys, customer data, CRM credentials, conversation history, and internal network The post When Your AI Agent’s Memory Becomes a Security Liability appeared first on Check Point Blog.

A sales operations team builds an AI agent to help manage renewal requests.  On the surface, the workflow looks ordinary. The agent reads inbound customer emails, checks the account record in the CRM, looks up contract terms, drafts a response, updates the opportunity stage, and creates a follow-up task. No one has set out to build a sentient machine in a basement. They are just trying to remove friction from a familiar business process.  Underneath that ordinary workflow, something important has changed.  The agent is not just generating text. It is reading business data, interpreting instructions, using credentials, calling tools, The post AI Agents Are Becoming Enterprise Workers. Who Secures Them? appeared first on Check Point Blog.

Attack Volumes Pull Back, But the Bigger Picture Tells a Different Story In May 2026, global cyber-attack activity eased from April’s sharp rebound, though the underlying trends offer little genuine comfort. Organizations experienced an average of 2,055 weekly cyber-attacks, a 2% increase year over year and a short term 7% decrease month over month. While the monthly decline may read as stabilization, ransomware activity surged to its highest year-over-year growth rate of 2026, and GenAI-driven data exposure risks continued to deepen across enterprise environments. Check Point Research data consistently shows that short-term volume moderation does not equal reduced risk. Adversaries The post Global Cyber Attacks Ease in May 2026, But Ransomware Surges 48% As Threats Reorganize appeared first on Check Point Blog.

Check Point Research has identified active exploitation of CVE-2026-50751, a critical authentication bypass vulnerability affecting Check Point Remote Access VPN and Mobile Access deployments configured to use the deprecated IKEv1 key exchange protocol. By exploiting a logic flaw in certificate validation, an attacker can establish a VPN session without possession of a valid password, effectively bypassing authentication requirements. Additional post-authentication activity is required to access internal resources or escalate privileges. To date, the observed exploitation has been limited to a few dozen targeted organizations globally. One case involved confirmed post-compromise activity associated with Qilin ransomware affiliate. Customers using IKEv1 key The post Security Advisory – Action Required – Active Exploitation of Check Point VPN Authentication Bypass (CVE-2026-50751) appeared first on Check Point Blog.

The FIFA World Cup 2026 kicks off on June 11. Across 16 cities in the US, Canada, and Mexico, billions of people will be watching, traveling, betting, and spending. Threat actors have been watching too, and for far longer. Check Point Research and Check Point Exposure Management spent the past year tracking the cyber threat landscape building around this tournament. What emerged is a coordinated pre-positioning effort across three sectors that sit at the center of the World Cup economy: finance, travel and hospitality, and gambling. The infrastructure is already built, with most of them already live. Financial Sector: Fraud The post Fraud, Ransomware, and Fake Apps Are Already Targeting FIFA 2026 appeared first on Check Point Blog.

Enterprise security has always had a comforting assumption baked into it: systems do what they were built to do. Sometimes badly. Sometimes insecurely. Sometimes in ways that make auditors develop a nervous twitch. But still, the basic shape was understandable. Applications processed requests. Databases stored data. APIs connected systems. Users clicked things they probably should not have clicked. Then AI arrived and made the whole thing a little weird. AI did not introduce one neat new risk category. Security teams are very good at turning new risk categories into taxonomies, dashboards, and meetings with names like “working group.” The real The post The AI Defense Plane: Securing the New Enterprise Execution Layer appeared first on Check Point Blog.

When people hear about hackers “asking an AI chatbot” to help them take over Instagram accounts, the instinctive reaction is to file it under prompt injection, jailbreaks, or “the model got tricked.”  That may be the wrong lesson.  According to reporting from 404 Media, hackers claimed they used Meta’s AI support chatbot to gain access to high-profile Instagram accounts by asking it to change the email address associated with the target account. The reported incidents coincided with several high-profile account takeovers, including accounts linked to the Obama White House, Sephora, and the Chief Master Sergeant of the Space Force.    The post The Meta AI Account Recovery Incident Wasn’t Just a Chatbot Problem appeared first on Check Point Blog.