All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

Check Point patches critical VPN zero-day exploited by ransomware attackers for over a month

By

Jessica Lyons

5h ago· 2 min readenNews
Bagel score 75 of 100
75/100
Toasty
Bagelometer

Toasted just enough. A reliable bake, gently seasoned.

Score75TypenewsSentimentnegative

Summary

Check Point released an emergency fix for a critical authentication bypass vulnerability (CVE-2026-50751) affecting its Remote Access VPN and Mobile Access products. However, attackers—including a Qilin ransomware affiliate—had been exploiting the zero-day since May 7, giving them a month-long head start before the June 4 investigation and subsequent patch release on Monday.

Key quotes

· 3 pulled
Attacks against the bug, tracked as CVE-2026-50751, began on May 7, according to Check Point VP of research Lotem Finkelstein, and picked up in early June.
The security software vendor spotted suspicious activity and began investigating the zero-day on June 4, Finkelstein said in a Monday blog.
We have obs
Snippet from the RSS feed
Scumbags, including a Qilin ransomware affiliate, began hitting this hole May 7

You might also wanna read

Critical FreePBX Zero-Day Vulnerability CVE-2025-57819 Exposed and Exploited

A critical zero-day vulnerability (CVE-2025-57819) has been discovered in FreePBX, a popular open-source PBX system. The article details how

labs.watchtowr.com·9mo ago

Apple patches critical iOS zero-day vulnerability exploited in targeted attacks

Apple has patched a critical zero-day vulnerability (CVE-2026-20700) affecting every iOS version since 1.0, discovered by Google's Threat An

theregister.com·3mo ago

Cisco discloses actively exploited zero-day affecting up to 2 million IOS and IOS XE devices

Cisco disclosed an actively exploited zero-day vulnerability (CVE-2025-20352) affecting all supported versions of Cisco IOS and IOS XE, pote

arstechnica.com·8mo ago

Anonymous researcher releases two new Windows zero-day exploits after Patch Tuesday

An anonymous security researcher (Nightmare-Eclipse/Chaotic Eclipse) has released two new Windows zero-day exploits — YellowKey (a BitLocker

theregister.com·12d ago

Anonymous researcher releases two new Windows zero-day exploits after Patch Tuesday

An anonymous security researcher (Nightmare-Eclipse/Chaotic Eclipse) has released two new Windows zero-day exploits — YellowKey (a BitLocker

theregister.com·12d ago

Critical RCE vulnerability CVE-2026-3854 discovered in GitHub's internal git infrastructure

Wiz Research discovered a critical vulnerability (CVE-2026-3854) in GitHub's internal git infrastructure affecting both GitHub.com and GitHu

Wiz.io·1mo ago

Critical GitHub Copilot Vulnerability Allowed Source Code and Secret Exfiltration

A critical vulnerability (CVSS 9.6) was discovered in GitHub Copilot Chat in June 2025 that allowed attackers to silently exfiltrate secrets

legitsecurity.com·8mo ago