CHECK POINT PATCHES VPN ZERO-DAY TIED TO QILIN GANG

Check Point identified the zero-day vulnerability in its VPN infrastructure and confirmed it was being actively exploited in the wild. The company attributed the attacks to Qilin, a ransomware-as-a-service operation known for targeting enterprise networks. The vulnerability allowed attackers to gain unauthorized access to remote VPN sessions, potentially enabling lateral movement within compromised networks. Check Point released patches immediately upon discovery to address the flaw across affected product lines. Qilin has emerged as a significant threat actor in recent months, conducting high-profile ransomware operations against organizations globally. The group typically exfiltrates data before encrypting systems, leveraging the stolen information for extortion purposes. Check Point urged customers to apply patches immediately. The company did not disclose additional technical details about the vulnerability to prevent further exploitation before widespread patching could occur. Organizations using Check Point VPN solutions are advised to verify their systems have been updated.