A friend of mine, namely Antide “xarkes” Petit, came up with a pretty good rule of thumb that I think should be elevated into a law, Antide’s Law: > If it’s unclear what a cyber-security company is doing, what they’re doing is pretty clear. For example, take a look at […]

**Check Point Research** has identified several campaigns targeting multiple countries in the **Southeast Asian region**. These related activities have been collectively categorized under the codename “ **Amaranth-Dragon**”. The campaigns demonstrate a clear focus on **government entities** across the region, suggesting a motivated threat actor with a strong interest in **geopolitical […]

# How Mercari strengthened mobile security for millions of users with Oversecured # CUSTOMER SUCCESS STORY ## How Mercari strengthened mobile security for millions of users with Oversecured ### Case Study Summary **Company:** Mercari – Japan’s largest marketplace app **Industry:** E-commerce, FinTech, Mobile Marketplace **Challenge:** Securing mobile applications handling cryptocurrency, […]

# Auditing Outline. Firsthand lessons from comparing manual testing and AI security platforms 03 Feb 2026 – Posted by Luca Carettoni In July 2025, we performed a brief audit of Outline – an OSS wiki similar in many ways to Notion. This activity was meant to evaluate the overall posture […]

Over the holidays, I found some time to work on a small idea I had for a while. As a sometimes-Google Workspace admin with a security background, I’ve always been aware of the risk of having public Google Groups. They’re an easy vector for the Ticket Trick attack, where email […]

# Beyond ACLs: Mapping Windows Privilege Escalation Paths with BloodHound Windows privileges are special rights that grant processes the ability to perform sensitive operations. Some privileges allow bypassing standard Access Control List (ACL) checks, which can lead to significant security implications. While privileges like SeDebugPrivilege, SeImpersonatePrivilege or SeBackupPrivilege are frequently […]

# Someone Knows Bash Far Too Well, And We Love It (Ivanti EPMM Pre-Auth RCEs CVE-2026-1281 & CVE-2026-1340) When Ivanti removed the embargoes from CVE-2026-1281 and CVE-2026-1340 – pre-auth Remote Command Execution vulnerabilities in Ivanti’s Endpoint Manager Mobile (EPMM) solution – we sighed with relief. Clearly, the universe had decided […]

Check Point Research continuously investigates real-world attacks, vulnerabilities, attackers’ infrastructure, and emerging techniques across global networks and environments. The Cyber Security Report 2026 consolidates our research efforts throughout 2025 to deliver a clear, data-driven view of the current threat landscape and its trajectory in 2026. As Check Point’s flagship annual […]

# General Graboids: Worms and Remote Code Execution in Command & Conquer _[this work was conducted collaboratively by Bryan Alexander and Jordan Whitehead]_ This post details several vulnerabilities discovered in the popular online game Command & Conquer: Generals. We recently presented some of this work at an information security conference […]

# On the clock: Escaping VMware Workstation at Pwn2Own Berlin 2025 Looking to improve your skills? Discover our **trainings** sessions! Learn more. ## Introduction At Pwn2Own Berlin 2025, we successfully exploited VMware Workstation using a single Heap-Overflow vulnerability in the PVSCSI controller implementation. While we were initially confident in the […]