Research, News, and Perspectives

Ransomware

BERT Ransomware Group Targets Asia and Europe on Multiple Platforms

BERT is a newly emerged ransomware group that pairs simple code with effective execution—carrying out attacks across Europe and Asia. In this entry, we examine the group’s tactics, how their variants have evolved, and the tools they use to get past defenses and speed up encryption across platforms.

Jul 07, 2025

Save to Folio

Jul 07, 2025

Save to Folio

Cyber Threats

AI Dilemma: Emerging Tech as Cyber Risk Escalates

As AI adoption accelerates, businesses face mounting cyber threats—and urgent choices about secure implementation

Latest News Jul 03, 2025

Save to Folio

Latest News Jul 03, 2025

Save to Folio

Compliance & Risks

Why Trend Micro Continues to be Named a CNAPP Leader

Trend Micro is recognized for our Cloud CNAPP capabilities and product strategy—affirming our vision to deliver a cloud security solution that predicts, protects, and responds to threats across hybrid and multi-cloud environments.

Reports Jun 27, 2025

Save to Folio

Reports Jun 27, 2025

Save to Folio

Phishing

How to Build an Effective Security Awareness Program

This is a step-by-step guide to build a strong security awareness and training program that empowers your employees and protects your business.

How To Jun 27, 2025

Save to Folio

How To Jun 27, 2025

Save to Folio

Artificial Intelligence (AI)

Why a Classic MCP Server Vulnerability Can Undermine Your Entire AI Agent

A single SQL injection bug in Anthropic’s SQLite MCP server—forked over 5,000 times—can seed stored prompts, exfiltrate data, and hand attackers the keys to entire agent workflows. This entry unpacks the attack chain and lays out concrete fixes to shut it down.

Jun 24, 2025

Save to Folio

Jun 24, 2025

Save to Folio

Exploits & Vulnerabilities

An Investigation of AWS Credential Exposure via Overprivileged Containers

Overprivileged or misconfigured containers in Amazon EKS can expose sensitive AWS credentials to threats like packet sniffing and API spoofing, highlighting the need for least privilege and proactive security to detect and reduce these risks.

Research Jun 19, 2025

Save to Folio

Research Jun 19, 2025

Save to Folio

Malware

Uncovering a Tor-Enabled Docker Exploit

A recent attack campaign took advantage of exposed Docker Remote APIs and used the Tor network to deploy a stealthy cryptocurrency miner. This blog breaks down the attack chain.

Research Jun 18, 2025

Save to Folio

Research Jun 18, 2025

Save to Folio

Exploits & Vulnerabilities

Critical Langflow Vulnerability (CVE-2025-3248) Actively Exploited to Deliver Flodrix Botnet

This blog uncovers an active campaign exploiting CVE-2025-3248 in Langflow versions before 1.3.0 that deploys the Flodrix botnet, enabling threat actors to achieve full system compromise, initiate DDoS attacks, and potentially exfiltrate sensitive data.

Research Jun 17, 2025

Save to Folio

Research Jun 17, 2025

Save to Folio

APT & Targeted Attacks

Clone, Compile, Compromise: Water Curse’s Open-Source Malware Trap on GitHub

The Trend Micro™ Managed Detection and Response team uncovered a threat campaign orchestrated by an active group, Water Curse. The threat actor exploits GitHub, one of the most trusted platforms for open-source software, as a delivery channel for weaponized repositories.

Investigations Jun 16, 2025

Save to Folio

Investigations Jun 16, 2025

Save to Folio

Ransomware

Anubis: A Closer Look at an Emerging Ransomware with Built-in Wiper

Anubis is an emerging ransomware-as-a-service (RaaS) group that adds a destructive edge to the typical double-extortion model with its file-wiping feature. We explore its origins and examine the tactics behind its dual-threat approach.

Jun 13, 2025

Save to Folio

Jun 13, 2025

Save to Folio