Identity Protection in the AI Era
Identity has become the primary attack surface in modern enterprises. As organizations expand across cloud platforms, SaaS ecosystems, and distributed...
Trend Micro Research : Articles, News, Reports
U.S. Public Sector Under Siege: Threat Intelligence for Q1 2026
The first quarter of 2026 has reinforced a hard truth: U.S. government agencies and educational institutions are operating in the...
Claude Code Packaging Error Remains a Lure in an Active Campaign: What Defenders Should Do
Key takeaways: Attackers rapidly leveraged the Claude Code packaging error incident to distribute credential-stealing malware using fake GitHub repositories. This demonstrates how quickly threat actors can...
Weaponizing Trust Signals: Claude Code Lures and GitHub Release Payloads
While the immediate threat is the social engineering campaign delivering Vidar, the leaked source code itself presents a distinct and...
TrendAI Insight: New U.S. National Cyber Strategy
TrendAI would like to commend the White House Office of the National Cyber Director (ONCD), led by Sean Cairncross, and...
The Real Risk of Vibecoding
The ownership problem no one talks about One of the biggest risks in vibe coding isn’t that nobody owns the...
TrendAI™ Research at RSAC 2026: Advancing Defense Across AI‑Driven and Cyber‑Physical Threats
TrendAI™ Research at RSAC 2026: Advancing Defense Across AI‑Driven and Cyber‑Physical Threats | Trend Micro (US) Content has been added...
TeamPCP’s Telnyx Attack Marks a Shift in Tactics Beyond LiteLLM
The Telnyx compromise indicates a continued change in the techniques used in TeamPCP’s supply‑chain activity, with adjustments to tooling, delivery...
Pawn Storm Campaign Deploys PRISMEX, Targets Government and Critical Infrastructure Entities
Attribution analysis Based on technical artifacts, infrastructure overlaps, and victimology, TrendAI™ Research attributes this campaign to Pawn Storm with high confidence. This...
Copyright Lures Mask a Multi‑Stage PureLog Stealer Attack on Key Industries
The infection begins when the victim manually executes a file disguised as a legal notice: Dokumentation über Verstöße gegen Rechte...
Why East-West Visibility Matters for Grid Security
Electric power infrastructure is becoming more connected than ever before. Organizations responsible for operating the Bulk Electric System (BES) are...
TrendAI™ Supports Global Law Enforcement Efforts
Serious fraud and cybercrime know no boundaries — jurisdictional or otherwise. Criminal gangs operate with impunity across borders, often leaving...
Web Shells, Tunnels, and Ransomware: Dissecting a Warlock Attack
Following initial access, the threat actors conducted extensive lateral movement using a combination of legitimate administration tools and credential abuse....
Through the Lens of MDR: Analysis of KongTuke’s ClickFix Abuse of Compromised WordPress Sites
While the execution of the bytecode was not successful in our tests, we saw that it contains strings and a...
CISOs in a Pinch: A Security Analysis of OpenClaw
The viral rise of OpenClaw (formerly Clawdbot) marks the end of the "chatbot" era and the beginning of the "sovereign...
