2025: The Untold Stories of Check Point Research

Check Point Research's 2025 'Untold Stories' report provides a global threat roundup documenting active APT activity, zero-day exploitation (notably ToolShell on SharePoint), phishing and AiTM campaigns, LNK and DLL side‑loading abuse, wipers and ransomware operations, and diverse regional campaigns (Americas, Europe, APAC, Middle East/Africa). The report highlights specific actors and campaigns (e.g., Kimsuky, RedCurl, Camaro Dragon, COLDRIVER, Nimbus Manticore, WIRTE), multiple malware families (PlugX, ValleyRAT, SameCoin, WhiteLock), exploited CVEs, and operational TTPs, concluding with recommendations to improve visibility across identity, cloud, and endpoints.