Research, News, and Perspectives

Phishing

Enhancing security awareness with cyber risk exposure management

Learn how to strategically tackle human risk for smarter prioritisation and lasting behavioural change.

Security Strategies Dec 15, 2025

Save to Folio

Security Strategies Dec 15, 2025

Save to Folio

Compliance & Risks

Cyber Risk Management: Defenders Tell It Like It Is

Based on more than 3,000 responses from cybersecurity professionals in nearly 90 countries, our Trend Micro Defenders Survey Report 2025 shines a bright light on the current state of cyber risk management. From the impact of cloud and AI on IT environments to top technical and human challenges, this year’s findings have a lot to say about the pressures security teams are under and what organisations are doing to tighten their grip on cyber risk.

Annual Predictions Dec 15, 2025

Save to Folio

Annual Predictions Dec 15, 2025

Save to Folio

Phishing

SHADOW-VOID-042 Targets Multiple Industries with Void Rabisu-like Tactics

In November, a targeted spear-phishing campaign was observed using Trend Micro-themed lures against various industries, but this was quickly detected and thwarted by the Trend Vision One™ platform.

Latest News Dec 11, 2025

Save to Folio

Latest News Dec 11, 2025

Save to Folio

Compliance & Risks

Trend Vision One™ Integration with AWS Security Hub CSPM: Unifying Cloud Security

The integration between Trend Vision One and Security Hub CSPM is exactly that, two powerful platforms enhancing each other to keep your AWS infrastructure protected.

How To Dec 10, 2025

Save to Folio

How To Dec 10, 2025

Save to Folio

Cloud

Trend Vision One™ Stacks Up Against Scattered Spider and Mustang Panda in 2025 MITRE ATT&CK® Evaluations

Enterprise 2025 introduces the first full cloud adversary emulation and expanded multi-platform testing, focusing on two advanced threat areas: Scattered Spider’s cloud-centric attacks and Mustang Panda’s long-term espionage operations.

Latest News Dec 10, 2025

Save to Folio

Latest News Dec 10, 2025

Save to Folio

Exploits & Vulnerabilities

CVE-2025-55182: React2Shell Analysis, Proof-of-Concept Chaos, and In-the-Wild Exploitation

CVE-2025-55182 is a CVSS 10.0 pre-authentication RCE affecting React Server Components. Amid the flood of fake proof-of-concept exploits, scanners, exploits, and widespread misconceptions, this technical analysis intends to cut through the noise.

Latest News Dec 10, 2025

Save to Folio

Latest News Dec 10, 2025

Save to Folio

We Don’t Just Respond to Change, We Shape It Together

By Christina Decker, Director Strategic Channels Europe, Trend Micro

Expert Perspective Dec 09, 2025

Save to Folio

Expert Perspective Dec 09, 2025

Save to Folio

Cyber Threats

AI-Automated Threat Hunting Brings GhostPenguin Out of the Shadows

In this blog entry, Trend™ Research provides a comprehensive breakdown of GhostPenguin, a previously undocumented Linux backdoor with low detection rates that was discovered through AI-powered threat hunting and in-depth malware analysis.

Latest News Dec 08, 2025

Save to Folio

Latest News Dec 08, 2025

Save to Folio

Exploits & Vulnerabilities

Critical React Server Components Vulnerability CVE-2025-55182: What Security Teams Need to Know

CVE-2025-55182 is a critical (CVSS 10.0) pre-authentication remote code execution vulnerability affecting React Server Components used in React.js, Next.js, and related frameworks (see the context section for a more exhaustive list of affected frameworks).

Research Dec 05, 2025

Save to Folio

Research Dec 05, 2025

Save to Folio

Compliance & Risks

Project View: A New Era of Prioritised and Actionable Cloud Security

In today's cloud-first world, security teams face an overwhelming flood of alerts, fragmented visibility, and reactive workflows. The complexity of modern cloud environments—spanning multi-cloud deployments, ephemeral assets, and decentralised ownership—demands a new approach to risk management.

How To Dec 04, 2025

Save to Folio

How To Dec 04, 2025

Save to Folio