What Is the Instructure Canvas Breach? Impact, Risks, and What Institutions Should Do
Summary In May 2026, SHADOW-AETHER-015 exposed data from 8,809 Canvas customers across 50 countries in what appears to be a...
Summary In May 2026, SHADOW-AETHER-015 exposed data from 8,809 Canvas customers across 50 countries in what appears to be a...
Government Agencies Deliver on Pillars 1 Through 3 In our previous blog, we applauded the White House Office of the...
InstallFix and Claude Code: How Fake Install Pages Lead to Real Compromise | Trend Micro (US) Content has been added...
Conclusion The QLNX implant was built for long-term stealth and credential theft. What makes it particularly dangerous is not any...
Kuse Web App Abused to Host Phishing Document | Trend Micro (US) Content has been added to your Folio Go...
In some compromised repositories, we observed both techniques being present simultaneously (i.e., the malicious .vscode/tasks.json alongside the appended obfuscated JavaScript)....
Identity has become the primary attack surface in modern enterprises. As organizations expand across cloud platforms, SaaS ecosystems, and distributed...
The first quarter of 2026 has reinforced a hard truth: U.S. government agencies and educational institutions are operating in the...
Key takeaways: Attackers rapidly leveraged the Claude Code packaging error incident to distribute credential-stealing malware using fake GitHub repositories. This demonstrates how quickly threat actors can...
While the immediate threat is the social engineering campaign delivering Vidar, the leaked source code itself presents a distinct and...
TrendAI would like to commend the White House Office of the National Cyber Director (ONCD), led by Sean Cairncross, and...
The ownership problem no one talks about One of the biggest risks in vibe coding isn’t that nobody owns the...
TrendAI™ Research at RSAC 2026: Advancing Defense Across AI‑Driven and Cyber‑Physical Threats | Trend Micro (US) Content has been added...
The Telnyx compromise indicates a continued change in the techniques used in TeamPCP’s supply‑chain activity, with adjustments to tooling, delivery...
Attribution analysis Based on technical artifacts, infrastructure overlaps, and victimology, TrendAI™ Research attributes this campaign to Pawn Storm with high confidence. This...