AI Agents Are Becoming Enterprise Workers. Who Secures Them?

A sales operations team builds an AI agent to help manage renewal requests.  On the surface, the workflow looks ordinary. The agent reads inbound customer emails, checks the account record in the CRM, looks up contract terms, drafts a response, updates the opportunity stage, and creates a follow-up task. No one has set out to build a sentient machine in a basement. They are just trying to remove friction from a familiar business process.  Underneath that ordinary workflow, something important has changed.  The agent is not just generating text. It is reading business data, interpreting instructions, using credentials, calling tools, […]

The post AI Agents Are Becoming Enterprise Workers. Who Secures Them? appeared first on Check Point Blog.



from Check Point Blog https://ift.tt/ArBW5qS
via
- No comments:
Labels:

Global Cyber Attacks Ease in May 2026, But Ransomware Surges 48% As Threats Reorganize

Attack Volumes Pull Back, But the Bigger Picture Tells a Different Story In May 2026, global cyber-attack activity eased from April’s sharp rebound, though the underlying trends offer little genuine comfort. Organizations experienced an average of 2,055 weekly cyber-attacks, a 2% increase year over year and a short term 7% decrease month over month. While the monthly decline may read as stabilization, ransomware activity surged to its highest year-over-year growth rate of 2026, and GenAI-driven data exposure risks continued to deepen across enterprise environments. Check Point Research data consistently shows that short-term volume moderation does not equal reduced risk. Adversaries […]

The post Global Cyber Attacks Ease in May 2026, But Ransomware Surges 48% As Threats Reorganize appeared first on Check Point Blog.



from Check Point Blog https://ift.tt/xKyDz0O
via
- No comments:
Labels:

Security Advisory – Action Required – Active Exploitation of Check Point VPN Authentication Bypass (CVE-2026-50751)

Check Point Research has identified active exploitation of CVE-2026-50751, a critical authentication bypass vulnerability affecting Check Point Remote Access VPN and Mobile Access deployments configured to use the deprecated IKEv1 key exchange protocol. By exploiting a logic flaw in certificate validation, an attacker can establish a VPN session without possession of a valid password, effectively bypassing authentication requirements. Additional post-authentication activity is required to access internal resources or escalate privileges. To date, the observed exploitation has been limited to a few dozen targeted organizations globally. One case involved confirmed post-compromise activity associated with Qilin ransomware affiliate. Customers using IKEv1 key […]

The post Security Advisory – Action Required – Active Exploitation of Check Point VPN Authentication Bypass (CVE-2026-50751) appeared first on Check Point Blog.



from Check Point Blog https://ift.tt/orKzg4Y
via
- No comments:
Labels:

Fraud, Ransomware, and Fake Apps Are Already Targeting FIFA 2026

The FIFA World Cup 2026 kicks off on June 11. Across 16 cities in the US, Canada, and Mexico, billions of people will be watching, traveling, betting, and spending. Threat actors have been watching too, and for far longer. Check Point Research and Check Point Exposure Management spent the past year tracking the cyber threat landscape building around this tournament. What emerged is a coordinated pre-positioning effort across three sectors that sit at the center of the World Cup economy: finance, travel and hospitality, and gambling. The infrastructure is already built, with most of them already live. Financial Sector: Fraud […]

The post Fraud, Ransomware, and Fake Apps Are Already Targeting FIFA 2026 appeared first on Check Point Blog.



from Check Point Blog https://ift.tt/aD3BZfJ
via
- No comments:
Labels:

The AI Defense Plane: Securing the New Enterprise Execution Layer

AI Defense Plane

Enterprise security has always had a comforting assumption baked into it: systems do what they were built to do. Sometimes badly. Sometimes insecurely. Sometimes in ways that make auditors develop a nervous twitch. But still, the basic shape was understandable. Applications processed requests. Databases stored data. APIs connected systems. Users clicked things they probably should not have clicked. Then AI arrived and made the whole thing a little weird. AI did not introduce one neat new risk category. Security teams are very good at turning new risk categories into taxonomies, dashboards, and meetings with names like “working group.” The real […]

The post The AI Defense Plane: Securing the New Enterprise Execution Layer appeared first on Check Point Blog.



from Check Point Blog https://ift.tt/UmhOXzP
via
- No comments:
Labels:

The Meta AI Account Recovery Incident Wasn’t Just a Chatbot Problem

When people hear about hackers “asking an AI chatbot” to help them take over Instagram accounts, the instinctive reaction is to file it under prompt injection, jailbreaks, or “the model got tricked.”  That may be the wrong lesson.  According to reporting from 404 Media, hackers claimed they used Meta’s AI support chatbot to gain access to high-profile Instagram accounts by asking it to change the email address associated with the target account. The reported incidents coincided with several high-profile account takeovers, including accounts linked to the Obama White House, Sephora, and the Chief Master Sergeant of the Space Force.    […]

The post The Meta AI Account Recovery Incident Wasn’t Just a Chatbot Problem appeared first on Check Point Blog.



from Check Point Blog https://ift.tt/qjPBepr
via
- No comments:
Labels:

The Server Seizure That Affects Also Iran’s Cyber Operations

On May 22, 2026, Dutch financial-crime investigators walked into data centers in Dronten and Schiphol-Rijk and seized approximately 800 servers. The target was WorkTitans B.V., a hosting provider that, on the surface, looked like any other internet infrastructure company. What investigators uncovered, however, was something far more significant: a ghost operation built on sanctioned infrastructure, quietly serving as the backbone for some of Iran’s most active cyber espionage campaigns. The story starts a year earlier. In May 2025, the European Union sanctioned Stark Industries, an internet service provider linked to Russian information-warfare operations. Rather than shutting down, the people behind […]

The post The Server Seizure That Affects Also Iran’s Cyber Operations appeared first on Check Point Blog.



from Check Point Blog https://ift.tt/dae7SBg
via
- No comments:
Labels:
Subscribe to: Posts (Atom)

AI Agents Are Becoming Enterprise Workers. Who Secures Them?

A sales operations team builds an AI agent to help manage renewal requests.  On the surface, the workflow looks ordinary. The agent reads in...