Trend Micro Research, News and Perspectives
What Does it Take to Manage Cloud Risk?
Learn why hybrid and multi-cloud environments are vital for IT and business success from our 2025 Trend Micro Defenders Survey.
Posted on 22 December 2025 | 12:00 am
What Cyber Defenders Really Think About AI Risk
Learn how Trend Micro's 2025 Trend Micro Defenders Survey Report highlights current AI-related cybersecurity priorities and where security professi...
Posted on 18 December 2025 | 12:00 am
Enhancing Security Awareness with Cyber Risk Exposure Management
Learn how to strategically tackle human risk for smarter prioritization and lasting behavioral change.
Posted on 15 December 2025 | 12:00 am
Cyber Risk Management: Defenders Tell It Like It Is
Based on more than 3,000 responses from cybersecurity professionals in nearly 90 countries, our Trend Micro Defenders Survey Report 2025 shines a b...
Posted on 15 December 2025 | 12:00 am
SHADOW-VOID-042 Targets Multiple Industries with Void Rabisu-like Tactics
In November, a targeted spear-phishing campaign was observed using Trend Micro-themed lures against various industries, but this was quickly detect...
Posted on 11 December 2025 | 12:00 am
Trend Vision One™ Stacks Up Against Scattered Spider and Mustang Panda in 2025 MITRE ATT&CK® Evaluations
Enterprise 2025 introduces the first full cloud adversary emulation and expanded multi-platform testing, focusing on two advanced threat areas: Sca...
Posted on 10 December 2025 | 12:00 am
Trend Vision One™ Integration with AWS Security Hub CSPM: Unifying Cloud Security
The integration between Trend Vision One and Security Hub CSPM is exactly that, two powerful platforms enhancing each other to keep your AWS infras...
Posted on 10 December 2025 | 12:00 am
AI-Automated Threat Hunting Brings GhostPenguin Out of the Shadows
In this blog entry, Trend™ Research provides a comprehensive breakdown of GhostPenguin, a previously undocumented Linux backdoor with low detection...
Posted on 8 December 2025 | 12:00 am
Critical React Server Components Vulnerability CVE-2025-55182: What Security Teams Need to Know
CVE-2025-55182 is a critical (CVSS 10.0) pre-authentication remote code execution vulnerability affecting React Server Components used in React.js,...
Posted on 5 December 2025 | 12:00 am
Project View: A New Era of Prioritized and Actionable Cloud Security
In today's cloud-first world, security teams face an overwhelming flood of alerts, fragmented visibility, and reactive workflows. The complexity of...
Posted on 4 December 2025 | 12:00 am
PureRAT Campaign Targets Job Seekers, Abuses Foxit PDF Reader for DLL Side-loading
Job seekers looking out for opportunities might instead find their personal devices compromised, as a PureRAT campaign propagated through email lev...
Posted on 3 December 2025 | 12:00 am
Unraveling Water Saci's New Multi-Format, AI-Enhanced Attacks Propagated via WhatsApp
Through AI-driven code conversion and a layered infection chain involving different file formats and scripting languages, the threat actors behind ...
Posted on 2 December 2025 | 12:00 am
What’s your CNAPP maturity?
More and more enterprises are opting for cloud-native application protection platforms (CNAPPs) instead of complex and hard-to-manage cloud securit...
Posted on 1 December 2025 | 12:00 am
Elevate Your Cloud Security Strategy
Learn to elevate your cloud security strategy & overcome complexity with Vision One™.
Posted on 1 December 2025 | 12:00 am
Shai-hulud 2.0 Campaign Targets Cloud and Developer Ecosystems
Shai-hulud 2.0 campaign features a sophisticated variant capable of stealing credentials and secrets from major cloud platforms and developer servi...
Posted on 27 November 2025 | 12:00 am
Trend & AWS Partner on Cloud IPS: One-Click Protection
In the race to secure cloud infrastructure, intrusion prevention systems (IPS) remain one of the most critical yet complex at the cloud network lay...
Posted on 20 November 2025 | 12:00 am
Breaking Down S3 Ransomware: Variants, Attack Paths and Trend Vision One™ Defenses
In this blog entry, Trend™ Research explores how ransomware actors are shifting their focus to cloud-based assets, including the tactics used to co...
Posted on 18 November 2025 | 12:00 am
Redefining Enterprise Defense in the Era of AI-Led Cyberattacks
More cybercriminals are turning to using autonomous AI tools to upgrade their attacks, as exemplified by the recent utilization of Anthropic’s Clau...
Posted on 14 November 2025 | 12:00 am
Increase in Lumma Stealer Activity Coincides with Use of Adaptive Browser Fingerprinting Tactics
In this blog entry, Trend™ Research analyses the layered command-and-control approaches that Lumma Stealer uses to maintain its ongoing operations ...
Posted on 13 November 2025 | 12:00 am
From Data Loss Prevention (DLP) to Modern Data Security
It’s time to rethink your approach
Posted on 12 November 2025 | 12:00 am
IBM Infrastructure: Continuous Risk & Compliance
Learn all about AI-powered visibility, telemetry, and proactive security across mainframe, cloud, containers, and enterprise workloads.
Posted on 12 November 2025 | 12:00 am
How are you managing cloud risk?
Learn why managing cloud risk demands unified visibility, continuous risk assessment, and efficient security operations. Discover how a full-featur...
Posted on 31 October 2025 | 12:00 am
AI Security: NVIDIA BlueField Now with Vision One™
Launching at NVIDIA GTC 2025 - Transforming AI Security with Trend Vision One™ on NVIDIA BlueField
Posted on 28 October 2025 | 12:00 am
Active Water Saci Campaign Spreading Via WhatsApp Features Multi-Vector Persistence and Sophisticated C&C
Continuous investigation on the Water Saci campaign reveals innovative email-based C&C system, multi-vector persistence, and real-time command ...
Posted on 27 October 2025 | 12:00 am
Agenda Ransomware Deploys Linux Variant on Windows Systems Through Remote Management Tools and BYOVD Techniques
Trend™ Research identified a sophisticated Agenda ransomware attack that deployed a Linux variant on Windows systems. This cross-platform execution...
Posted on 23 October 2025 | 12:00 am
The Rise of Collaborative Tactics Among China-aligned Cyber Espionage Campaigns
Trend™ Research examines the complex collaborative relationship between China-aligned APT groups via the new “Premier Pass-as-a-Service” model, exe...
Posted on 22 October 2025 | 12:00 am
Trend Micro Recognized as a Leader in The Forrester Wave™ 2025 for NAV
Unified visibility, proactive intelligence, and proven leadership in network analysis and visibility.
Posted on 22 October 2025 | 12:00 am
How Trend Micro Empowers the SOC with Agentic SIEM
By delivering both XDR leadership and Agentic SIEM innovation under one platform, Trend is redefining what security operations can be.
Posted on 21 October 2025 | 12:00 am
Fast, Broad, and Elusive: How Vidar Stealer 2.0 Upgrades Infostealer Capabilities
Trend Research examines the latest version of the Vidar stealer, which features a full rewrite in C, a multithreaded architecture, and several enha...
Posted on 21 October 2025 | 12:00 am
Shifts in the Underground: The Impact of Water Kurita’s (Lumma Stealer) Doxxing
A targeted underground doxxing campaign exposed alleged core members of Lumma Stealer (Water Kurita), resulting in a sharp decline in its activity ...
Posted on 16 October 2025 | 12:00 am
Operation Zero Disco: Attackers Exploit Cisco SNMP Vulnerability to Deploy Rootkits
Trend™ Research has uncovered an attack campaign exploiting the Cisco SNMP vulnerability CVE-2025-20352, allowing remote code execution and rootkit...
Posted on 15 October 2025 | 12:00 am
Trend Micro launches new integration with Zscaler to deliver real-time, Risk-Based Zero Trust Access
Discover how Trend Vision One™ integrates with Zscaler to unify detection and access enforcement, accelerate threat containment, reduce dwell time,...
Posted on 14 October 2025 | 12:00 am
RondoDox: From Targeting Pwn2Own Vulnerabilities to Shotgunning Exploits
Trend™ Research and ZDI Threat Hunters have identified a large-scale RondoDox botnet campaign exploiting over 50 vulnerabilities across more than 3...
Posted on 9 October 2025 | 12:00 am
Weaponized AI Assistants & Credential Thieves
Learn the state of AI and the NPM ecosystem with the recent s1ngularity' weaponized AI for credential theft.
Posted on 9 October 2025 | 12:00 am
A Cascade of Insecure Architectures: Axis Plugin Design Flaw Expose Select Autodesk Revit Users to Supply Chain Risk
We discovered Azure Storage Account credentials exposed in Axis Communications’ Autodesk Revit plugin, allowing unauthorized modification of cloud-...
Posted on 8 October 2025 | 12:00 am
How Your AI Chatbot Can Become a Backdoor
In this post of THE AI BREACH, learn how your Chatbot can become a backdoor.
Posted on 8 October 2025 | 12:00 am
Self-Propagating Malware Spreading Via WhatsApp, Targets Brazilian Users
Trend™ Research has identified an active campaign spreading via WhatsApp through a ZIP file attachment. When executed, the malware establishes per...
Posted on 3 October 2025 | 12:00 am
CNAPP is the Solution to Multi-cloud Flexibility
Cloud-native application protection platform (CNAPP) not only helps organizations protect, but offers the flexibility of multi-cloud.
Posted on 26 September 2025 | 12:00 am
Cloud Security in the CNAPP Era: Eight Important Takeaways
Eight takeaways on why Trend Vision One™ embodies the best of today’s CNAPP vision. Includes insights from 2025 Gartner® Market Guide for CNAPP
Posted on 26 September 2025 | 12:00 am
New LockBit 5.0 Targets Windows, Linux, ESXi
Trend™ Research analyzed source binaries from the latest activity from notorious LockBit ransomware with their 5.0 version that exhibits advanced o...
Posted on 25 September 2025 | 12:00 am
Domino Effect: How One Vendor's AI App Breach Toppled Giants
A single AI chatbot breach at Salesloft-Drift exposed data from 700+ companies, including security leaders. The attack shows how AI integrations ex...
Posted on 24 September 2025 | 12:00 am
This Is How Your LLM Gets Compromised
Poisoned data. Malicious LoRAs. Trojan model files. AI attacks are stealthier than ever—often invisible until it’s too late. Here’s how to catch th...
Posted on 24 September 2025 | 12:00 am
AI-Powered App Exposes User Data, Creates Risk of Supply Chain Attacks
Trend™ Research’s analysis of Wondershare RepairIt reveals how the AI-driven app exposed sensitive user data due to unsecure cloud storage practice...
Posted on 23 September 2025 | 12:00 am
How AI-Native Development Platforms Enable Fake Captcha Pages
Cybercriminals are abusing AI-native platforms like Vercel, Netlify, and Lovable to host fake captcha pages that deceive users, bypass detection, a...
Posted on 19 September 2025 | 12:00 am
What We Know About the NPM Supply Chain Attack
Trend™ Research outlines the critical details behind the ongoing NPM supply chain attack and offers essential steps to stay protected against poten...
Posted on 18 September 2025 | 12:00 am
EvilAI Operators Use AI-Generated Code and Fake Apps for Far-Reaching Attacks
Combining AI-generated code and social engineering, EvilAI operators are executing a rapidly expanding campaign, disguising their malware as legiti...
Posted on 11 September 2025 | 12:00 am
What’s Your Cybersecurity Maturity?
This blog post looks at four key milestones along the cybersecurity maturity journey and poses some questions you can ask to determine the stage of...
Posted on 10 September 2025 | 12:00 am
Unmasking The Gentlemen Ransomware: Tactics, Techniques, and Procedures Revealed
An analysis of the Gentlemen ransomware group, which employs advanced, adaptive tactics, techniques, and procedure to target critical industries wo...
Posted on 9 September 2025 | 12:00 am
An MDR Analysis of the AMOS Stealer Campaign Targeting macOS via ‘Cracked’ Apps
Trend™ Research analyzed a campaign distributing Atomic macOS Stealer (AMOS), a malware family targeting macOS users. Attackers disguise the malwar...
Posted on 4 September 2025 | 12:00 am
Three Critical Facts About Cyber Risk Management
For CISOs responsible for cyber risk management, these three insights will help build a strong and reliable foundation for your proactive security ...
Posted on 4 September 2025 | 12:00 am