Agenda Ransomware Group Adds SmokeLoader and NETXLOADER to Their Arsenal
Key Takeaways This blog entry details research on the Agenda ransomware group’s use of SmokeLoader and a new loader, which...
Trend Micro Research : Research
Exploring PLeak: An Algorithmic Method for System Prompt Leakage
Key Takeaways We took a deep dive into the concept of Prompt Leakage (PLeak) by developing strings for jailbreaking system...
Earth Kasha Updates TTPs in Latest Campaign Targeting Taiwan and Japan
Conclusion and security recommendations Earth Kasha continues to be an active advanced persistent threat and is now targeting government agencies...
NVIDIA Riva Vulnerabilities Leave AI-Powered Speech and Translation Services at Risk
NVIDIA Riva Vulnerabilities Leave AI-Powered Speech and Translation Services at Risk | Trend Micro (US) Content has been added to...
Earth Kurma APT Campaign Targets Southeast Asian Government, Telecom Sectors
Upon consolidation of all documents into a secure archive protected by a password, typically named after the host name, the...
Role of Russian Infrastructure in Cybercrime Operations Linked to North Korea
Research Trends have detected various IP address ranges in Russia employed for cyber criminality in collaboration with North Korea. These...
FOG Ransomware Propagated by Hackers Alleging Connections to DOGE
Confirmation has been made that the ransomware payload incorporated in the identified samples is indeed FOG ransomware and is identified...
IntensePredator Campaign Targets Vital Sectors in Taiwan
Main highlights IntensePredator has emerged as a notable ransomware menace, focusing specifically on Taiwanese entities, primarily within healthcare, academia, and...
ZDI-23-1527 and ZDI-23-1528: The Potential Implication of Excessively Lenient SAS Tokens on PC Manager Supply Chains
Below are the comments from Microsoft for researchers interested in similar research endeavors: Breaching Microsoft Azure Bounty Rules of Engagement...
BPFDoor’s Covert Manipulator Deployed Against Targets in Asia and the Middle East
Main Points BPFDoor functions as a government-backed backdoor intended for conducting cyberespionage operations. In our exploration of BPFDoor assaults, we unearthed...
NVIDIA Patch Inadequately Addressing CVE-2024-0132 Puts AI Infrastructure and Data at Signficant Risk
NVIDIA Patch Inadequately Addressing CVE-2024-0132 Puts AI Infrastructure and Data at Signficant Risk | Trend Micro (US) Content has been...
Diving Deeper into the Covert Arsenal of Earth Alux: An Intimate Examination of its Cutting-edge Strategies
VirTest enables users to precisely identify codes in their tools responsible for triggering file-based detections from security software and then...
CVE-2025-26633: How Water Gamayun Utilizes MUIPath in MSC EvilTwin Weaponization
The utilization of these methods by Water Gamayun goes beyond this loader, extending to other components where they are extensively...
Albabat Unhappiness Collective Possibly Broadens Targets to Various Operating Systems, Utilizes GitHub to Simplify Operations
Upon deciphering it, we can enhance our comprehension of the ransomware's setup. The revision of Albabat overlooks the subsequent directories: Searches,...
The Tactics of SocGholish’s Invasion Help in Spreading RansomHub Ransomware
Recommendations for Safety In order to deal with SocGholish infections as significant incidents, security and response teams should promptly take...
