A previously unknown security flaw in Check Point's VPN software has been exploited by ransomware attackers, leaving UK businesses and organisations vulnerable to cyber threats.
The issue, which has been described as a 0-day vulnerability, was first identified on May 7 and remained unaddressed for over a month, allowing attackers to gain access to networks and demand ransom.
Check Point, the Israeli cybersecurity company responsible for the affected software, has since released a fix for the vulnerability, which is now available to users.
However, the delay in addressing the issue may have left organisations exposed to potential disruption, with some affected by ransomware attacks attributed to the Qilin ransomware affiliate.
The UK's National Cyber Security Centre (NCSC) has been made aware of the situation and is advising organisations to apply the necessary patches and updates to their VPN software.
An NCSC spokesperson said: 'We are aware of the issue and are working closely with Check Point to ensure that affected organisations are able to access the necessary fixes and updates.'