Breaking
WorldICC judges challenge US sanctions in Manhattan federal courtInvestigationsCourt monitor alleges Maricopa County Sheriff’s Office undermined racial profiling reformsWorldVenezuela declares state of emergency as twin quakes kill at least 32WorldICC judges challenge US sanctions in Manhattan federal courtInvestigationsCourt monitor alleges Maricopa County Sheriff’s Office undermined racial profiling reformsWorldVenezuela declares state of emergency as twin quakes kill at least 32
LN
Linxi News
Global coverage and analysis
Tech

US federal agencies ordered to patch Check Point VPN flaw amid active Qilin ransomware attacks

The US Cybersecurity and Infrastructure Security Agency has directed all civilian federal departments to resolve a critical vulnerability in Check Point Software’s remote access and firewall products, following confirmed exploitation by the Qilin ransomware gang.

Author
Owen Mercer
Markets and Finance Editor
Published
Draft
Source: TechCrunch · original
Artificial IntelligenceMediaResearch
Related coverage
Explore Artificial Intelligence coverageExplore Media coverageExplore Research coverageMore from the Tech desk
CISA gives US federal agencies three days to fix a VPN bug under attack by a ransomware gang
CISA invokes emergency powers to mandate remediation by 11 June 2026 as ransomware group exploits digital gatekeepers

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a mandatory directive requiring all civilian federal agencies to remediate a vulnerability in Check Point Software’s remote access tools, firewalls, and virtual private networks by 11 June 2026. The order was enacted under operational guidance memo BOD 22-01, which empowers the agency to mandate security actions when an active cyber threat targets government networks.

Check Point Software confirmed that the unpatched flaw is being actively exploited by the Qilin ransomware group to compromise digital gatekeepers used by enterprises worldwide. The vendor reported that the exploitation activity began on 7 May 2026, with a notable increase in attacks reported in the week leading up to the CISA directive. According to the company, the flaw has been used to breach a few dozen targeted organisations globally.

The directive specifically impacts major US government bodies, including the Department of Homeland Security, the Department of State, and the Treasury. CISA stated that agencies must fix any instances where they are using the affected Check Point products by the end of the day on 11 June. The urgency stems from the direct risk the vulnerability poses to the federal government’s enterprise network infrastructure.

CISA’s invocation of BOD 22-01 underscores the severity of the threat, allowing the agency to bypass standard procurement or update cycles in favour of immediate remediation. The mandate applies to all civilian federal agencies utilising the compromised Check Point security tools, ensuring a coordinated defence against the ransomware group’s activities.

While the directive focuses on federal agencies, the broader context involves the global scale of the exploitation. Check Point’s confirmation highlights the widespread reliance on its remote access solutions and the critical nature of patching these digital gatekeepers to prevent unauthorised network access and subsequent ransomware deployment.

Continue reading

More from Tech

Read next: Florida lawmaker denies using AI to draft legislation after Claude signature found in draft
Read next: Xbox expands gamertag limits to 15 characters in latest Insider test
Read next: UK Police AI Rollout Proceeds Despite Audit Revealing Unreliable Predictive Models