Check Point links VPN zero-day attacks to Qilin ransomware gang

Check Point VPN authentication bypass vulnerability (CVE-2026-50751) in IKEv1 deployments is actively exploited by Qilin ransomware operators since May 7. A few dozen organizations are affected globally with confirmed ransomware incidents tied to this flaw. Organizations running deprecated IKEv1 key exchange on Remote Access or Mobile Access are at immediate risk of credential bypass and network compromise.

CRITICALAdvisoryJun 08, 2026

Action required

Identify and patch all Check Point Remote Access VPN and Mobile Access instances using IKEv1 immediately. If patching cannot be completed within 24 hours, isolate affected VPN gateways from production networks or disable IKEv1 entirely and force migration to IKEv2.

Affected products

Check PointRemote Access VPNMobile Access

CVE IDs

CVE-2026-50751 CVE-2026-50752

Linked articles

Check Point links VPN zero-day attacks to Qilin ransomware gang

Source links

https://www.bleepingcomputer.com/news/security/check-point-links-vpn-zero-day-attacks-to-qilin-ransomware-gang/