PeopleSoft PeopleTools Pre-Authentication RCE: A PSIGW SSRF Chain That Executes Inside the JVM 2026-06-19 at 06:49 By A pre-authentication remote code execution (RCE) chain in Oracle PeopleSoft PeopleTools abuses the Integration Broker’s PSIGW gateway to execute code inside the application server’s Java virtual machine (JVM), evading behavioral and network sensors. This article is an excerpt […]
Threat Actors Abuse claude.ai Shared Chat for ClickFix Malvertising Campaign 2026-06-18 at 05:51 By Cybercriminals hijacked Google Ads searches for popular AI developer tools to funnel over 2,000 victims toward malicious download pages before quietly moving their operation onto claude.ai’s own platform, turning the trusted domain into a delivery mechanism for credential-stealing malware. This article
Threat Actors Abuse claude.ai Shared Chat for ClickFix Malvertising Campaign Read More »
GenAI Is Both Hunter and Hunted at Pwn2Own Berlin 2026 2026-06-11 at 05:32 By This year’s Pwn2Own competition in Berlin revealed just how much of the AI stack remains exposed — and the gap between what these tools promise and what they can withstand point to the fragile security foundations underneath. This article is an
GenAI Is Both Hunter and Hunted at Pwn2Own Berlin 2026 Read More »
Pwn2Own Berlin 2026: On the Ground With TrendAI™ ZDI’s Biggest AI Showdown Yet 2026-06-01 at 20:16 By 47 zero-days fell at Pwn2Own Berlin 2026 for US$1,298,250 in payouts. TrendAI™ was on the ground all three days — here’s what we saw. This article is an excerpt from Trend Micro Research, News and Perspectives View Original
Pwn2Own Berlin 2026: On the Ground With TrendAI™ ZDI’s Biggest AI Showdown Yet Read More »
Smart Contracts for C&C: How ClearFake Hid in Plain Sight on BSC Testnet 2026-05-26 at 17:32 By TrendAI™ Research analyzed an intrusion where threat actors used the EtherHiding technique to route ClearFake payload delivery through smart contracts on the BNB Smart Chain testnet. The attack chain ended with two simultaneously deployed stealers, SectopRAT and ACRStealer
Smart Contracts for C&C: How ClearFake Hid in Plain Sight on BSC Testnet Read More »
Inside SHADOW-WATER-063’s Banana RAT: From Build Server to Banking Fraud 2026-05-19 at 16:58 By In this blog entry, researchers from the TrendAI™ MDR team discuss how they mapped the full end-to-end operation of SHADOW-WATER-063’s Banana RAT banking malware by analyzing server-side artifacts and victim-side data. This article is an excerpt from Trend Micro Research, News
Inside SHADOW-WATER-063’s Banana RAT: From Build Server to Banking Fraud Read More »
Identity Protection in the AI Era 2026-04-15 at 23:09 By Enterprises aiming to predict and mitigate human, machine, and AI‑agent risks at scale demand AI‑powered identity‑first security without compromise. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source
Identity Protection in the AI Era Read More »
TrendAI Insight: New U.S. National Cyber Strategy 2026-04-03 at 11:01 By TrendAI reviews the White House National Cyber Strategy, outlining six pillars to strengthen U.S. cybersecurity—from deterrence and regulation to federal modernization, critical infrastructure protection, AI leadership, and workforce development. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source
TrendAI Insight: New U.S. National Cyber Strategy Read More »
TrendAI™ Research at RSAC 2026: Advancing Defense Across AI‑Driven and Cyber‑Physical Threats 2026-03-31 at 16:05 By TrendAI™ Research explored agentic AI cybercrime and EV infrastructure security through two research sessions at RSAC 2026. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source
Pawn Storm Campaign Deploys PRISMEX, Targets Government and Critical Infrastructure Entities 2026-03-26 at 06:26 By This blog discusses the steganography, cloud abuse, and email-based backdoors used against the Ukrainian defense supply chain in the latest Pawn Storm campaign that TrendAI™ Research observed and analyzed. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source
Web Shells, Tunnels, and Ransomware: Dissecting a Warlock Attack 2026-03-16 at 15:10 By Warlock continues to enhance its attack chain with new tactics to improve persistence, lateral movement, and defense evasion using an expanded toolset: TightVNC Yuze, and a persistent BYOVD technique leveraging the NSec driver. This article is an excerpt from Trend Micro Research,
Web Shells, Tunnels, and Ransomware: Dissecting a Warlock Attack Read More »
TrendAI™ at [un]prompted 2026: From KYC Exploits to Agentic Defense 2026-03-09 at 08:32 By At [un]prompted 2026, TrendAI™ demonstrated how documents can be used to exploit AI-driven KYC pipelines and introduced FENRIR, an automated system for discovering AI vulnerabilities at scale. This article is an excerpt from Trend Micro Research, News and Perspectives View Original
TrendAI™ at [un]prompted 2026: From KYC Exploits to Agentic Defense Read More »
Europol, Microsoft, TrendAI™ and Collaborators Halt Tycoon 2FA Operations 2026-03-04 at 21:05 By Tycoon 2FA was dismantled this week by law enforcement and industry partners including TrendAI™. The phishing-as-a-service platform offered MFA bypass services using adversary-in-the-middle (AitM) proxying. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source
Europol, Microsoft, TrendAI™ and Collaborators Halt Tycoon 2FA Operations Read More »
Introducing ÆSIR: Finding Zero-Day Vulnerabilities at the Speed of AI 2026-01-15 at 19:58 By TrendAI™’s ÆSIR platform combines AI automation with expert oversight to discover zero-day vulnerabilities in AI infrastructure – 21 CVEs across NVIDIA, Tencent, and MLflow since mid-2025. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source
Introducing ÆSIR: Finding Zero-Day Vulnerabilities at the Speed of AI Read More »
SHADOW-VOID-042 Targets Multiple Industries with Void Rabisu-like Tactics 2025-12-12 at 01:12 By In November, a targeted spear-phishing campaign was observed using Trend Micro-themed lures against various industries, but this was quickly detected and thwarted by the Trend Vision One™ platform. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source
SHADOW-VOID-042 Targets Multiple Industries with Void Rabisu-like Tactics Read More »
CVE-2025-55182: React2Shell Analysis, Proof-of-Concept Chaos, and In-the-Wild Exploitation 2025-12-10 at 08:53 By CVE-2025-55182 is a CVSS 10.0 pre-authentication RCE affecting React Server Components. Amid the flood of fake Proof-of-concept exploits, scanners, exploits, and widespread misconceptions, this technical analysis intends to cut through the noise. This article is an excerpt from Trend Micro Research, News and
AI-Automated Threat Hunting Brings GhostPenguin Out of the Shadows 2025-12-08 at 13:58 By In this blog entry, Trend™ Research provides a comprehensive breakdown of GhostPenguin, a previously undocumented Linux backdoor with low detection rates that was discovered through AI-powered threat hunting and in-depth malware analysis. This article is an excerpt from Trend Micro Research, News
AI-Automated Threat Hunting Brings GhostPenguin Out of the Shadows Read More »
ValleyRAT Campaign Targets Job Seekers, Abuses Foxit PDF Reader for DLL Side-loading 2025-12-03 at 23:11 By Job seekers looking out for opportunities might instead find their personal devices compromised, as a ValleyRAT campaign propagated through email leverages Foxit PDF Reader for concealment and DLL side-loading for initial entry. This article is an excerpt from Trend
ValleyRAT Campaign Targets Job Seekers, Abuses Foxit PDF Reader for DLL Side-loading Read More »
Shai-hulud 2.0 Campaign Targets Cloud and Developer Ecosystems 2025-11-27 at 14:02 By Shai-hulud 2.0 campaign features a sophisticated variant capable of stealing credentials and secrets from major cloud platforms and developer services, while automating the backdooring of NPM packages maintained by victims. Its advanced tactics enable rapid, stealthy propagation across the software supply chain, putting
Shai-hulud 2.0 Campaign Targets Cloud and Developer Ecosystems Read More »
Trend & AWS Partner on Cloud IPS: One-Click Protection 2025-11-20 at 08:46 By In the race to secure cloud infrastructure, intrusion prevention systems (IPS) remain one of the most critical yet complex at the cloud network layer of defense. For many organizations, deploying IPS in the cloud is a balancing act between agility and control.
Trend & AWS Partner on Cloud IPS: One-Click Protection Read More »