Research, News, and Perspectives

Cyber Threats

AI-Automated Threat Hunting Brings GhostPenguin Out of the Shadows

In this blog entry, Trend™ Research provides a comprehensive breakdown of GhostPenguin, a previously undocumented Linux backdoor with low detection rates that was discovered through AI-powered threat hunting and in-depth malware analysis.

Latest News 2025/12/08

Save to Folio

Latest News 2025/12/08

Save to Folio

Critical React Server Components Vulnerability CVE-2025-55182: What Security Teams Need to Know

CVE-2025-55182 is a critical (CVSS 10.0) pre-authentication remote code execution vulnerability affecting React Server Components used in React.js, Next.js, and related frameworks (see the context section for a more exhaustive list of affected frameworks).

Research 2025/12/05

Save to Folio

Research 2025/12/05

Save to Folio

Compliance & Risks

Project View: A New Era of Prioritized and Actionable Cloud Security

In today's cloud-first world, security teams face an overwhelming flood of alerts, fragmented visibility, and reactive workflows. The complexity of modern cloud environments—spanning multi-cloud deployments, ephemeral assets, and decentralized ownership—demands a new approach to risk management.

How To 2025/12/04

Save to Folio

How To 2025/12/04

Save to Folio

Malware

ValleyRAT Campaign Targets Job Seekers, Abuses Foxit PDF Reader for DLL Side-loading

Job seekers looking out for opportunities might instead find their personal devices compromised, as a ValleyRAT campaign propagated through email leverages Foxit PDF Reader for concealment and DLL side-loading for initial entry.

Latest News 2025/12/03

Save to Folio

Latest News 2025/12/03

Save to Folio

Phishing

Unraveling Water Saci's New Multi-Format, AI-Enhanced Attacks Propagated via WhatsApp

Through AI-driven code conversion and a layered infection chain involving different file formats and scripting languages, the threat actors behind Water Saci are quickly upgrading their malware delivery and propagation methods across WhatsApp in Brazil.

Research 2025/12/02

Save to Folio

Research 2025/12/02

Save to Folio

Cyber Threats

What’s your CNAPP maturity?

More and more enterprises are opting for cloud-native application protection platforms (CNAPPs) instead of complex and hard-to-manage cloud security point solutions. Find out where your organization is on its CNAPP maturity journey.

Consumer Focus 2025/12/01

Save to Folio

Consumer Focus 2025/12/01

Save to Folio

Compliance & Risks

Elevate Your Cloud Security Strategy

Learn to elevate your cloud security strategy & overcome complexity with Vision One™.

Security Strategies 2025/12/01

Save to Folio

Security Strategies 2025/12/01

Save to Folio

Cyber Threats

Shai-hulud 2.0 Campaign Targets Cloud and Developer Ecosystems

Shai-hulud 2.0 campaign features a sophisticated variant capable of stealing credentials and secrets from major cloud platforms and developer services, while automating the backdooring of NPM packages maintained by victims. Its advanced tactics enable rapid, stealthy propagation across the software supply chain, putting countless downstream users at risk.

Latest News 2025/11/27

Save to Folio

Latest News 2025/11/27

Save to Folio

Exploits & Vulnerabilities

Trend & AWS Partner on Cloud IPS: One-Click Protection

In the race to secure cloud infrastructure, intrusion prevention systems (IPS) remain one of the most critical yet complex at the cloud network layer of defense. For many organizations, deploying IPS in the cloud is a balancing act between agility and control.

Latest News 2025/11/20

Save to Folio

Latest News 2025/11/20

Save to Folio

Ransomware

Breaking Down S3 Ransomware: Variants, Attack Paths and Trend Vision One™ Defenses

In this blog entry, Trend™ Research explores how ransomware actors are shifting their focus to cloud-based assets, including the tactics used to compromise business-critical data in AWS environments.

Research 2025/11/18

Save to Folio

Research 2025/11/18

Save to Folio