The AI Your Security Team Can’t See Is the One You Should Worry About

Shadow AI is no longer a theoretical risk. Employees are adopting AI tools faster than security teams can track them, often without IT’s knowledge, and frequently on devices and surfaces that traditional security tools simply can’t see. If you asked your security team right now how many AI tools are active across your organization, on which surfaces, and what’s being shared, could they answer? For most organizations, the honest answer is no. And that gap, between what your employees are doing with AI and what your security team can actually see, is where enterprise risk lives today.  AI adoption in the enterprise didn’t slow down and wait for governance to catch […]

The post The AI Your Security Team Can’t See Is the One You Should Worry About appeared first on Check Point Blog.



from Check Point Blog https://ift.tt/uho92me
via
- No comments:
Labels:

Check Point Joins OpenAI’s Trusted Access for Cyber Program and Daybreak Initiative

The model behind a security workflow shapes how fast a threat is caught, how accurately an incident is investigated, and how much a defender can trust the result. We treat that choice with care. Today we’re taking a clear step forward: Check Point has joined OpenAI’s Daybreak initiative through its Trusted Access for Cyber (TAC) program. These are real steps in how we bring AI into our defensive operations, and in the security we deliver to our customers. What Trusted Access for Cyber Gives Us Trusted Access for Cyber is OpenAI’s program for vetted security organizations that need its most […]

The post Check Point Joins OpenAI’s Trusted Access for Cyber Program and Daybreak Initiative appeared first on Check Point Blog.



from Check Point Blog https://ift.tt/arh4xYs
via
- No comments:
Labels:

When Your AI Agent’s Memory Becomes a Security Liability

Key Findings:   Check Point Research identified a critical vulnerability chain in LangGraph, an open-source framework from the creators of LangChain that enables developers to build complex, stateful, and controllable AI agent workflows using LLMs; they have approximately 46.5 million monthly downloads, making it one of the most widely adopted AI agent platforms in the world An SQL injection in LangGraph’s function could allow attackers to gain full control via remote code execution of a server by exploiting weaknesses in how the system processes and handles data. A compromised LangGraph server exposes everything the agent touches, including LLM API keys, customer data, CRM credentials, conversation history, and internal network […]

The post When Your AI Agent’s Memory Becomes a Security Liability appeared first on Check Point Blog.



from Check Point Blog https://ift.tt/JVFnWKi
via
- No comments:
Labels:

AI Agents Are Becoming Enterprise Workers. Who Secures Them?

A sales operations team builds an AI agent to help manage renewal requests.  On the surface, the workflow looks ordinary. The agent reads inbound customer emails, checks the account record in the CRM, looks up contract terms, drafts a response, updates the opportunity stage, and creates a follow-up task. No one has set out to build a sentient machine in a basement. They are just trying to remove friction from a familiar business process.  Underneath that ordinary workflow, something important has changed.  The agent is not just generating text. It is reading business data, interpreting instructions, using credentials, calling tools, […]

The post AI Agents Are Becoming Enterprise Workers. Who Secures Them? appeared first on Check Point Blog.



from Check Point Blog https://ift.tt/ArBW5qS
via
- No comments:
Labels:

Global Cyber Attacks Ease in May 2026, But Ransomware Surges 48% As Threats Reorganize

Attack Volumes Pull Back, But the Bigger Picture Tells a Different Story In May 2026, global cyber-attack activity eased from April’s sharp rebound, though the underlying trends offer little genuine comfort. Organizations experienced an average of 2,055 weekly cyber-attacks, a 2% increase year over year and a short term 7% decrease month over month. While the monthly decline may read as stabilization, ransomware activity surged to its highest year-over-year growth rate of 2026, and GenAI-driven data exposure risks continued to deepen across enterprise environments. Check Point Research data consistently shows that short-term volume moderation does not equal reduced risk. Adversaries […]

The post Global Cyber Attacks Ease in May 2026, But Ransomware Surges 48% As Threats Reorganize appeared first on Check Point Blog.



from Check Point Blog https://ift.tt/xKyDz0O
via
- No comments:
Labels:

Security Advisory – Action Required – Active Exploitation of Check Point VPN Authentication Bypass (CVE-2026-50751)

Check Point Research has identified active exploitation of CVE-2026-50751, a critical authentication bypass vulnerability affecting Check Point Remote Access VPN and Mobile Access deployments configured to use the deprecated IKEv1 key exchange protocol. By exploiting a logic flaw in certificate validation, an attacker can establish a VPN session without possession of a valid password, effectively bypassing authentication requirements. Additional post-authentication activity is required to access internal resources or escalate privileges. To date, the observed exploitation has been limited to a few dozen targeted organizations globally. One case involved confirmed post-compromise activity associated with Qilin ransomware affiliate. Customers using IKEv1 key […]

The post Security Advisory – Action Required – Active Exploitation of Check Point VPN Authentication Bypass (CVE-2026-50751) appeared first on Check Point Blog.



from Check Point Blog https://ift.tt/orKzg4Y
via
- No comments:
Labels:

Fraud, Ransomware, and Fake Apps Are Already Targeting FIFA 2026

The FIFA World Cup 2026 kicks off on June 11. Across 16 cities in the US, Canada, and Mexico, billions of people will be watching, traveling, betting, and spending. Threat actors have been watching too, and for far longer. Check Point Research and Check Point Exposure Management spent the past year tracking the cyber threat landscape building around this tournament. What emerged is a coordinated pre-positioning effort across three sectors that sit at the center of the World Cup economy: finance, travel and hospitality, and gambling. The infrastructure is already built, with most of them already live. Financial Sector: Fraud […]

The post Fraud, Ransomware, and Fake Apps Are Already Targeting FIFA 2026 appeared first on Check Point Blog.



from Check Point Blog https://ift.tt/aD3BZfJ
via
- No comments:
Labels:
Subscribe to: Posts (Atom)

The AI Your Security Team Can’t See Is the One You Should Worry About

Shadow AI is no longer a theoretical risk. Employees are adopting AI tools faster than security teams can track them, often without IT’s kno...