Check Point
Coverage of Check Point in the Nexus archive.
- Three critical Fortinet sandbox bugs splattered by unknown attackers
Three critical vulnerabilities in Fortinet's FortiSandbox are being actively exploited by unknown attackers. Fortinet has patched two of the flaws (CVE-2026-39813 and CVE-2026-39808) in April and a third (CVE-2026-25089) last week, all rated 9.1 on the CVSS scale. Threat intelligence firm Defused reported ongoing exploitation attempts, including unpatched vulnerabilities allowing remote code execution and authentication bypass.
- CISA gives feds 3 days to patch Check Point VPN bug exploited as zero-day
CISA has mandated U.S. government agencies to address a critical vulnerability in Check Point Remote Access VPN and Mobile Access deployments, which is being exploited as a zero-day by Qilin ransomware affiliates. The directive requires agencies to secure these systems within three days to mitigate the risk of exploitation.
- Check Point links VPN zero-day attacks to Qilin ransomware gang
Check Point has released security updates to address a critical flaw in Remote Access VPN and Mobile Access deployments exploited in zero-day attacks. The vulnerability was linked to the Qilin ransomware gang.
- Why Lightspeed and Wiz’s Assaf Rappaport bet $37 million on an AI-powered cyberattacker
A New York-based autonomous offensive security startup raised $37 million in funding from Lightspeed Venture Partners, Cyberstarts, and angels including Wiz CEO Assaf Rappaport. The startup uses AI to simulate continuous cyberattacks, identifying vulnerabilities before real hackers exploit them, following Anthropic’s Mythos model revealing thousands of zero-day flaws.
- U.S. Midterms Have a Cyber Problem, but It's Not at the Ballot Box
The 2026 U.S. midterms face a significant cyber problem unrelated to ballot box security, as highlighted in a Check Point blog post. The article discusses broader cybersecurity challenges impacting the election process, with Hacker News users engaging in related discussions.
- SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation
Threat actors linked to The Gentlemen ransomware-as-a-service (RaaS) operation are deploying SystemBC proxy malware, with a Check Point analysis revealing over 1,570 victims via a compromised C2 server. The discovery highlights a botnet tied to the ransomware campaign.