Post
CRITICAL ⚡ MUST-KNOW

Check Point VPN Zero-Day Exploited by Qilin Ransomware Affiliates

· zero-day · ransomware · vpn · vulnerability · cve

A zero-day authentication bypass vulnerability in Check Point Remote Access VPN and Mobile Access allows attackers to establish VPN connections without a valid password. Qilin ransomware affiliates are actively exploiting the flaw in ongoing attacks. CISA has issued an emergency directive ordering U.S. federal agencies to patch or mitigate affected deployments within three days. Organizations using Check Point VPN for remote access should apply available patches immediately and audit VPN logs for unauthorized authentication events.