When Trusted Software Updates Become the Attack Vector: Inside Operation TrueChaos and a New Zero Day Vulnerability in a Popular Collaboration Tool

A zero day flaw in a trusted supply chain software turned a legitimate government collaboration tool into a malware delivery platform.  Operation TrueChaos at a Glance  Zero day vulnerability discovered in the TrueConf client update mechanism (CVE20263502, CVSS 7.8)  In the wild exploitation observed against government entities in Southeast Asia  Malware delivery via legitimate software updates, requiring no phishing or additional initial compromise vectors   Havoc, a powerful post exploitation framework, used as the suspected final stage payload  Victimology, tooling, and infrastructure suggest ties to a Chinese-nexus threat actor (moderate confidence)  Check Point Research were discovered the use of this vulnerability in the wild and responsibly notified the vendor who released a […]

The post When Trusted Software Updates Become the Attack Vector: Inside Operation TrueChaos and a New Zero Day Vulnerability in a Popular Collaboration Tool appeared first on Check Point Blog.

from Check Point Blog https://ift.tt/Uw4MAiB
via

When AI Trust Breaks: The ChatGPT Data Leakage Flaw That Redefined AI Vendor Security Trust

AI assistants like ChatGPT have quickly become trusted environments for handling some of the most sensitive data people own. Users discuss medical symptoms, upload financial records, analyze contracts, and paste internal documents—often assuming that what they share remains safely contained within the platform.  That assumption was challenged when new research uncovered a previously unknown vulnerability that enabled silent data leakage from ChatGPT conversations without user knowledge or consent. While the issue has since been fully resolved by OpenAI, the discovery delivers a much broader lesson for enterprises and security leaders: AI tools should not be assumed secure by default.  Just as organizations learned not to blindly trust cloud […]

The post When AI Trust Breaks: The ChatGPT Data Leakage Flaw That Redefined AI Vendor Security Trust appeared first on Check Point Blog.

from Check Point Blog https://ift.tt/gvbYuIK
via

Spring Cleaning Has Arrived: Meet the New Check Point Portal Experience

We’ve been busy behind the scenes, and the results are here. The Check Point Portal just got its biggest visual refresh yet – brighter, cleaner, and more modern than ever before. Think of it as a thorough spring cleaning: everything you love, polished to a shine and the clutter cleared away. A Design Built for Clarity The new UI design system isn’t just a fresh coat of paint – it’s a smarter, more intentional experience from the ground up. Every pixel has been reconsidered with one goal in mind: getting you to what matters, faster. The new look starts where […]

The post Spring Cleaning Has Arrived: Meet the New Check Point Portal Experience appeared first on Check Point Blog.

from Check Point Blog https://ift.tt/lCwzmc3
via

North America’s Cyber Security Threat Reality in 2026

The North America cyber security statistics are out. Cyber risk in North America accelerated, concentrated, and repeated itself at scale in 2025. Data from the 2025 North America Threat Landscape Report shows a threat environment defined less by surprise and more by pressure. The same attack types, the same actors, and the same windows of opportunity appeared again and again, particularly in the United States, which accounted for roughly 93 percent of all recorded incidents in the Americas (note: this is all publicly recorded incidents, not attempted attacks).  Three dynamics stand out, each shaping how organizations experienced risk over the past year and what they should expect next.  The extortion economy is stable, competitive, and […]

The post North America’s Cyber Security Threat Reality in 2026 appeared first on Check Point Blog.

from Check Point Blog https://ift.tt/2NPvnSR
via

Check Point at RSAC – How We’re Helping Our Customers Secure their AI Transformation

Enterprise organizations are rapidly adopting AI tools to accelerate productivity, unlock fresh business insights, gain new competitive advantages, and drive revenue growth. But this transformation is bringing with it new and complex security challenges that introduce previously unseen risk. AI tools access sensitive enterprise data like customer records, proprietary models, internal communications, and even email content, leaving businesses without the right AI safeguards to manage new intrusion techniques and compliance risk. Employees at most businesses are using LLMs – whether their use is sanctioned or not – opening up the risk of sharing confidential data and information. Enterprises now face […]

The post Check Point at RSAC – How We’re Helping Our Customers Secure their AI Transformation appeared first on Check Point Blog.

from Check Point Blog https://ift.tt/KY3I1LG
via

The Agentic Era Arrives: How AI Is Transforming the Cyber Threat Landscape

The cyber security landscape is undergoing a significant shift. Between January and February 2026, we observed a major evolution in how threat actors adopt, weaponize, and operationalize AI. What was once experimental is now mature. What once required coordinated teams can now be executed by a single experienced developer with an AI‑powered IDE. And what enterprises embraced for productivity has simultaneously become a rapidly expanding attack surface.  This report highlights the most significant trends shaping today’s threat environment-and what defenders must prepare for next.   AI-Assisted Malware Development Has Entered a New Era  The most important finding of the period is clear: AI‑assisted malware development has reached […]

The post The Agentic Era Arrives: How AI Is Transforming the Cyber Threat Landscape appeared first on Check Point Blog.

from Check Point Blog https://ift.tt/yQJZXza
via

Telegram’s Crackdown in 2026 and Why Cyber Criminals Are Still Winning

If you’ve been following the Telegram crackdown news, then you’ll know that Telegram entered 2026 under significant pressure. After years of being a largely permissive environment, the platform dramatically increased enforcement following the arrest of CEO Pavel Durov in late 2024 and the rollout of stricter moderation throughout 2025. Millions of channels were taken down, Telegram bans became frequent, automation was introduced, and transparency around enforcement reached an all time high.  Yet despite these efforts, cyber criminal ecosystems on Telegram are not shrinking. These cyber criminal communities are adapting, and quickly.  Based on new intelligence from Check Point Exposure Management, here are three of the latest developments in the realm of Telegram […]

The post Telegram’s Crackdown in 2026 and Why Cyber Criminals Are Still Winning appeared first on Check Point Blog.

from Check Point Blog https://ift.tt/mR3AXfU
via