2303 matches found
Malicious OpenClaw Skills Used to Distribute Atomic macOS Stealer
Malicious OpenClaw skills trick AI agents and users into installing a new AMOS variant that steals extensive data at scale...
Malicious OpenClaw Skills Used to Distribute Atomic MacOS Stealer
Malicious OpenClaw skills trick AI agents and users into installing a new AMOS variant that steals extensive data at scale...
Spam Campaign Abuses Atlassian Jira, Targets Government and Corporate Entities
We uncover how a campaign used Atlassian Jira Cloud to launch automated and targeted spam campaigns, exploiting trusted SaaS workflows to bypass security controls...
Viral AI, Invisible Risks: What OpenClaw Reveals About Agentic Assistants
OpenClaw aka Clawdbot or Moltbot represents a new frontier in agentic AI: powerful, highly autonomous, and surprisingly easy to use. In this research, we examine how its capabilities compare to its predecessors’ and highlight the security risks inherent to the agentic AI paradigm...
U.S. Public Sector Under Siege
Discover why Government and Education must prioritize Cyber Risk Management...
Embracing Choice in Cybersecurity: TrendAI Vision One™ and SentinelOne Integration
Discover how the TrendAI Vision One and SentinelOne integration exemplifies our commitment to endpoint flexibility...
PeckBirdy: A Versatile Script Framework for LOLBins Exploitation Used by China-aligned Threat Groups
PeckBirdy is a sophisticated JScript-based C&C framework used by China-aligned APT groups to exploit LOLBins across multiple environments, delivering advanced backdoors to target gambling industries and Asian government entities...
Pwn2Own: Researchers Earn $1 Million for 76 Zero-Days
Discover how TrendAI Zero Day Initiative ZDI identified critical vulnerabilities across connected vehicles, EV chargers, and automotive systems...
Watering Hole Attack Targets EmEditor Users with Information-Stealing Malware
TrendAI™ Research provides a technical analysis of a compromised EmEditor installer used to deliver multistage malware that performs a range of malicious actions...
From Extension to Infection: An In-Depth Analysis of the Evelyn Stealer Campaign Targeting Software Developers
This blog entry provides an in-depth analysis of the multistage delivery of the Evelyn information stealer, which was used in a campaign targeting software developers...
Your 100 Billion Parameter Behemoth is a Liability
The "bigger is better" era of AI is hitting a wall. We are in an LLM bubble, characterized by ruinous inference costs and diminishing returns. The future belongs to Agentic AI powered by specialized Small Language Models SLMs. Think of it as a shift from hiring a single expensive genius to runnin...
Introducing ÆSIR: Finding Zero-Day Vulnerabilities at the Speed of AI
TrendAI™’s ÆSIR platform combines AI automation with expert oversight to discover zero-day vulnerabilities in AI infrastructure – 21 CVEs across NVIDIA, Tencent, and MLflow since mid-2025...
Key Insights on SHADOW-AETHER-015 and Earth Preta from the 2025 MITRE ATT&CK Evaluation with Trend Vision One™
This blog discusses notable modern TTPs observed from SHADOW-AETHER-015 and Earth Preta, from Trend Research™ monitoring and Trend Vision One™ intelligence. These findings support the performance of TrendAI™ in the 2025 MITRE ATT&CK Evaluations...
Key Insights on SHADOW-AETHER-015 and Earth Preta from the 2025 MITRE ATT&CK Evaluation with TrendAI Vision One™
This blog discusses notable modern TTPs observed from SHADOW-AETHER-015 and Earth Preta, from TrendAI Research™ monitoring and TrendAI Vision One™ intelligence. These findings support the performance of TrendAI™ in the 2025 MITRE ATT&CK Evaluations...
Analyzing a Multi-Stage AsyncRAT Campaign via Managed Detection and Response
Threat actors exploited Cloudflare's free-tier infrastructure and legitimate Python environments to deploy the AsyncRAT remote access trojan, demonstrating advanced evasion techniques that abuse trusted cloud services for malicious operations...
Trend Micro's Pivotal Role in INTERPOL's Operation Sentinel: Dismantling Digital Extortion Networks Across Africa
Continuing a Legacy of Successful Collaboration...
Get Executives on board with managing Cyber Risk
Learn how the 2025 Trend Micro Defenders Survey Report helps paint a clear picture of how security teams are looking to work with executive leaders to manage cyber risk...
What Does it Take to Manage Cloud Risk?
Learn why hybrid and multi-cloud environments are vital for IT and business success from our 2025 Trend Micro Defenders Survey...
What Cyber Defenders Really Think About AI Risk
Learn how Trend Micro's 2025 Trend Micro Defenders Survey Report highlights current AI-related cybersecurity priorities and where security professionals use AI to their advantage...
Cyber Risk Management: Defenders Tell It Like It Is
Based on more than 3,000 responses from cybersecurity professionals in nearly 90 countries, our Trend Micro Defenders Survey Report 2025 shines a bright light on the current state of cyber risk management. From the impact of cloud and AI on IT environments to top technical and human challenges,...
Enhancing security awareness with cyber risk exposure management
Learn how to strategically tackle human risk for smarter prioritization and lasting behavioral change...
Enhancing Security Awareness with Cyber Risk Exposure Management
Learn how to strategically tackle human risk for smarter prioritization and lasting behavioral change...
SHADOW-VOID-042 Targets Multiple Industries with Void Rabisu-like Tactics
In November, a targeted spear-phishing campaign was observed using Trend Micro-themed lures against various industries, but this was quickly detected and thwarted by the Trend Vision One™ platform...
Trend Vision One™ Integration with AWS Security Hub CSPM: Unifying Cloud Security
The integration between Trend Vision One and Security Hub CSPM is exactly that, two powerful platforms enhancing each other to keep your AWS infrastructure protected...
Trend Vision One™ Stacks Up Against Scattered Spider and Mustang Panda in 2025 MITRE ATT&CK® Evaluations
Enterprise 2025 introduces the first full cloud adversary emulation and expanded multi-platform testing, focusing on two advanced threat areas: Scattered Spider’s cloud-centric attacks and Mustang Panda’s long-term espionage operations...
CVE-2025-55182: React2Shell Analysis, Proof-of-Concept Chaos, and In-the-Wild Exploitation
CVE-2025-55182 is a CVSS 10.0 pre-authentication RCE affecting React Server Components. Amid the flood of fake proof-of-concept exploits, scanners, exploits, and widespread misconceptions, this technical analysis intends to cut through the noise...
AI-Automated Threat Hunting Brings GhostPenguin Out of the Shadows
In this blog entry, Trend™ Research provides a comprehensive breakdown of GhostPenguin, a previously undocumented Linux backdoor with low detection rates that was discovered through AI-powered threat hunting and in-depth malware analysis...
Critical React Server Components Vulnerability CVE-2025-55182: What Security Teams Need to Know
CVE-2025-55182 is a critical CVSS 10.0 pre-authentication remote code execution vulnerability affecting React Server Components used in React.js, Next.js, and related frameworks see the context section for a more exhaustive list of affected frameworks...
Project View: A New Era of Prioritized and Actionable Cloud Security
In today's cloud-first world, security teams face an overwhelming flood of alerts, fragmented visibility, and reactive workflows. The complexity of modern cloud environments—spanning multi-cloud deployments, ephemeral assets, and decentralized ownership—demands a new approach to risk management...
ValleyRAT Campaign Targets Job Seekers, Abuses Foxit PDF Reader for DLL Side-loading
Job seekers looking out for opportunities might instead find their personal devices compromised, as a ValleyRAT campaign propagated through email leverages Foxit PDF Reader for concealment and DLL side-loading for initial entry...
PureRAT Campaign Targets Job Seekers, Abuses Foxit PDF Reader for DLL Side-loading
Job seekers looking out for opportunities might instead find their personal devices compromised, as a PureRAT campaign propagated through email leverages Foxit PDF Reader for concealment and DLL side-loading for initial entry...
Unraveling Water Saci's New Multi-Format, AI-Enhanced Attacks Propagated via WhatsApp
Through AI-driven code conversion and a layered infection chain involving different file formats and scripting languages, the threat actors behind Water Saci are quickly upgrading their malware delivery and propagation methods across WhatsApp in Brazil...
Elevate Your Cloud Security Strategy
Learn to elevate your cloud security strategy & overcome complexity with Vision One™...
What’s your CNAPP maturity?
More and more enterprises are opting for cloud-native application protection platforms CNAPPs instead of complex and hard-to-manage cloud security point solutions. Find out where your organization is on its CNAPP maturity journey...
Shai-hulud 2.0 Campaign Targets Cloud and Developer Ecosystems
Shai-hulud 2.0 campaign features a sophisticated variant capable of stealing credentials and secrets from major cloud platforms and developer services, while automating the backdooring of NPM packages maintained by victims. Its advanced tactics enable rapid, stealthy propagation across the softwa...
Trend & AWS Partner on Cloud IPS: One-Click Protection
In the race to secure cloud infrastructure, intrusion prevention systems IPS remain one of the most critical yet complex at the cloud network layer of defense. For many organizations, deploying IPS in the cloud is a balancing act between agility and control...
Breaking Down S3 Ransomware: Variants, Attack Paths and Trend Vision One™ Defenses
In this blog entry, Trend™ Research explores how ransomware actors are shifting their focus to cloud-based assets, including the tactics used to compromise business-critical data in AWS environments...
Redefining Enterprise Defense in the Era of AI-Led Cyberattacks
More cybercriminals are turning to using autonomous AI tools to upgrade their attacks, as exemplified by the recent utilization of Anthropic’s Claude Code, prompting an urgent need for enterprises to adopt agentic AI-driven security platforms and proactive defenses to counter AI-related threats...
Increase in Lumma Stealer Activity Coincides with Use of Adaptive Browser Fingerprinting Tactics
In this blog entry, Trend™ Research analyses the layered command-and-control approaches that Lumma Stealer uses to maintain its ongoing operations while enhancing collection of victim-environment data...
IBM Infrastructure: Continuous Risk & Compliance
Learn all about AI-powered visibility, telemetry, and proactive security across mainframe, cloud, containers, and enterprise workloads...
From Data Loss Prevention (DLP) to Modern Data Security
It’s time to rethink your approach...
How are you managing cloud risk?
Learn why managing cloud risk demands unified visibility, continuous risk assessment, and efficient security operations. Discover how a full-featured CNAPP like Trend Vision One™ Cloud Security enables organizations to move from reactive to proactive cloud protection...
AI Security: NVIDIA BlueField Now with Vision One™
Launching at NVIDIA GTC 2025 - Transforming AI Security with Trend Vision One™ on NVIDIA BlueField...
Active Water Saci Campaign Spreading Via WhatsApp Features Multi-Vector Persistence and Sophisticated C&C
Continuous investigation on the Water Saci campaign reveals innovative email-based C&C system, multi-vector persistence, and real-time command capabilities that allow attackers to orchestrate coordinated botnet operations, gather detailed campaign intelligence, and dynamically control malware...
Agenda Ransomware Deploys Linux Variant on Windows Systems Through Remote Management Tools and BYOVD Techniques
Trend™ Research identified a sophisticated Agenda ransomware attack that deployed a Linux variant on Windows systems. This cross-platform execution can make detection challenging for enterprises...
The Rise of Collaborative Tactics Among China-aligned Cyber Espionage Campaigns
Trend™ Research examines the complex collaborative relationship between China-aligned APT groups via the new “Premier Pass-as-a-Service” model, exemplified by the recent activities of Earth Estries and Earth Naga...
Trend Micro Recognized as a Leader in The Forrester Wave™ 2025 for NAV
Unified visibility, proactive intelligence, and proven leadership in network analysis and visibility...
Fast, Broad, and Elusive: How Vidar Stealer 2.0 Upgrades Infostealer Capabilities
Trend Research examines the latest version of the Vidar stealer, which features a full rewrite in C, a multithreaded architecture, and several enhancements that warrant attention. Its timely evolution suggests that Vidar is positioning itself to occupy the space left after Lumma Stealer’s decline...
How Trend Micro Empowers the SOC with Agentic SIEM
By delivering both XDR leadership and Agentic SIEM innovation under one platform, Trend is redefining what security operations can be...
Shifts in the Underground: The Impact of Water Kurita’s (Lumma Stealer) Doxxing
A targeted underground doxxing campaign exposed alleged core members of Lumma Stealer Water Kurita, resulting in a sharp decline in its activity and a migration of customers to rival infostealer platforms...