Tax Season 2026: How Cyber Criminals Are Preparing Their Attacks Months in Advance

Tax season remains one of the most attractive periods of the year for cyber criminals. As individuals and organizations exchange sensitive financial and identity data online, attackers take advantage of increased tax‑related activity to launch phishing campaigns, fraudulent websites, and malware attacks. Check Point Research shows that these campaigns are not opportunistic.  Threat actors begin preparing their infrastructure months in advance. A Surge in Malicious Tax‑Related Domains Between September 2025 and February 2026, hundreds of new domains containing tax‑related keywords or tax authority names were registered each month. This activity steadily increased toward the end of 2025 and intensified from […]

The post Tax Season 2026: How Cyber Criminals Are Preparing Their Attacks Months in Advance appeared first on Check Point Blog.

from Check Point Blog https://ift.tt/HY0dkJD
via

Claude Mythos Wake-Up Call: What AI Vulnerability Discovery Means for Cyber Defense

Last week, the industry learned that Anthropic was developing Claude Capybara, also called Mythos, a powerful new AI model with substantially improved capabilities in vulnerability discovery, exploit development, and multi-step attack reasoning. While the details emerged through a data leak rather than a formal launch, the market response was unmistakable: AI has crossed a critical cyber security threshold. The frontier models are accelerating attack lifecycles and will enable attackers to identify and exploit vulnerabilities at scale, speed and through novel methods that previously were the domain of advanced nation state entities. For security leaders, this development is both a warning […]

The post Claude Mythos Wake-Up Call: What AI Vulnerability Discovery Means for Cyber Defense appeared first on Check Point Blog.

from Check Point Blog https://ift.tt/cgwG2rK
via

When Trusted Software Updates Become the Attack Vector: Inside Operation TrueChaos and a New Zero Day Vulnerability in a Popular Collaboration Tool

A zero day flaw in a trusted supply chain software turned a legitimate government collaboration tool into a malware delivery platform.  Operation TrueChaos at a Glance  Zero day vulnerability discovered in the TrueConf client update mechanism (CVE20263502, CVSS 7.8)  In the wild exploitation observed against government entities in Southeast Asia  Malware delivery via legitimate software updates, requiring no phishing or additional initial compromise vectors   Havoc, a powerful post exploitation framework, used as the suspected final stage payload  Victimology, tooling, and infrastructure suggest ties to a Chinese-nexus threat actor (moderate confidence)  Check Point Research were discovered the use of this vulnerability in the wild and responsibly notified the vendor who released a […]

The post When Trusted Software Updates Become the Attack Vector: Inside Operation TrueChaos and a New Zero Day Vulnerability in a Popular Collaboration Tool appeared first on Check Point Blog.

from Check Point Blog https://ift.tt/Uw4MAiB
via

When AI Trust Breaks: The ChatGPT Data Leakage Flaw That Redefined AI Vendor Security Trust

AI assistants like ChatGPT have quickly become trusted environments for handling some of the most sensitive data people own. Users discuss medical symptoms, upload financial records, analyze contracts, and paste internal documents—often assuming that what they share remains safely contained within the platform.  That assumption was challenged when new research uncovered a previously unknown vulnerability that enabled silent data leakage from ChatGPT conversations without user knowledge or consent. While the issue has since been fully resolved by OpenAI, the discovery delivers a much broader lesson for enterprises and security leaders: AI tools should not be assumed secure by default.  Just as organizations learned not to blindly trust cloud […]

The post When AI Trust Breaks: The ChatGPT Data Leakage Flaw That Redefined AI Vendor Security Trust appeared first on Check Point Blog.

from Check Point Blog https://ift.tt/gvbYuIK
via

Spring Cleaning Has Arrived: Meet the New Check Point Portal Experience

We’ve been busy behind the scenes, and the results are here. The Check Point Portal just got its biggest visual refresh yet – brighter, cleaner, and more modern than ever before. Think of it as a thorough spring cleaning: everything you love, polished to a shine and the clutter cleared away. A Design Built for Clarity The new UI design system isn’t just a fresh coat of paint – it’s a smarter, more intentional experience from the ground up. Every pixel has been reconsidered with one goal in mind: getting you to what matters, faster. The new look starts where […]

The post Spring Cleaning Has Arrived: Meet the New Check Point Portal Experience appeared first on Check Point Blog.

from Check Point Blog https://ift.tt/lCwzmc3
via

North America’s Cyber Security Threat Reality in 2026

The North America cyber security statistics are out. Cyber risk in North America accelerated, concentrated, and repeated itself at scale in 2025. Data from the 2025 North America Threat Landscape Report shows a threat environment defined less by surprise and more by pressure. The same attack types, the same actors, and the same windows of opportunity appeared again and again, particularly in the United States, which accounted for roughly 93 percent of all recorded incidents in the Americas (note: this is all publicly recorded incidents, not attempted attacks).  Three dynamics stand out, each shaping how organizations experienced risk over the past year and what they should expect next.  The extortion economy is stable, competitive, and […]

The post North America’s Cyber Security Threat Reality in 2026 appeared first on Check Point Blog.

from Check Point Blog https://ift.tt/2NPvnSR
via

Check Point at RSAC – How We’re Helping Our Customers Secure their AI Transformation

Enterprise organizations are rapidly adopting AI tools to accelerate productivity, unlock fresh business insights, gain new competitive advantages, and drive revenue growth. But this transformation is bringing with it new and complex security challenges that introduce previously unseen risk. AI tools access sensitive enterprise data like customer records, proprietary models, internal communications, and even email content, leaving businesses without the right AI safeguards to manage new intrusion techniques and compliance risk. Employees at most businesses are using LLMs – whether their use is sanctioned or not – opening up the risk of sharing confidential data and information. Enterprises now face […]

The post Check Point at RSAC – How We’re Helping Our Customers Secure their AI Transformation appeared first on Check Point Blog.

from Check Point Blog https://ift.tt/KY3I1LG
via