Check Point disclosed that a zero-day authentication bypass in its VPN software was actively exploited by the Qilin ransomware group for weeks before a patch landed. Attackers used the flaw to connect without passwords, giving them direct network entry for encryption campaigns. The bug sat unpatched for roughly a month, letting Qilin operators move faster than defenders could respond.

The Noise

Headlines frame the incident as another routine zero-day scare. In reality...