Tax season remains one of the most attractive periods of the year for cyber criminals. As individuals and organizations exchange sensitive financial and identity data online, attackers take advantage of increased tax‑related activity to launch phishing campaigns, fraudulent websites, and malware attacks. Check Point Research shows that these campaigns are not opportunistic. &...

Last week, the industry learned that Anthropic was developing Claude Capybara, also called Mythos, a powerful new AI model with substantially improved capabilities in vulnerability discovery, exploit development, and multi-step attack reasoning. While the details emerged through a data leak rather than a formal launch, the market response was unmistakable: AI has crossed a cr...

Key Findings Check Point Research (CPR) has been tracking an ongoing password-spraying campaign targeting Microsoft 365 environments across the Middle East, conducted by an Iran-linked threat actor. The campaign was carried out in three distinct waves of attacks, which took place on March 3, March 13, and March 23 The campaign is primarily focused on Israel and the UAE, impac...

To move fast without losing control, enterprises need a Hybrid Mesh Network Security architecture. But for CISOs and CIOs, the challenge is clear: How do you demonstrate measurable business value from adopting hybrid mesh security? Analyst firm IDC interviewed security leaders from global business organizations to uncover the business&n...

A zero day flaw in a trusted supply chain software turned a legitimate government collaboration tool into a malware delivery platform.  Operation TrueChaos at a Glance  Zero day vulnerability discovered in the TrueConf client update mechanism (CVE20263502, CVSS 7.8)  In the wild exploitation observed against government entities in Southeast Asia ...