Research, News, and Perspectives

Cyber Threats

Earth Ammit Disrupts Drone Supply Chains Through Coordinated Multi-Wave Attacks in Taiwan

Trend™ Research discusses the evolving tradecraft of threat actor Earth Ammit, proven by the advanced toolset used in its TIDRONE and VENOM campaigns that targeted the drone supply chain.

Research May 13, 2025

Save to Folio

Research May 13, 2025

Save to Folio

Ransomware

Agenda Ransomware Group Adds SmokeLoader and NETXLOADER to Their Arsenal

During our monitoring of Agenda ransomware activities, we uncovered campaigns that made use of the SmokeLoader malware and a new loader we've named NETXLOADER.

Research May 07, 2025

Save to Folio

Research May 07, 2025

Save to Folio

Artificial Intelligence (AI)

Exploring PLeak: An Algorithmic Method for System Prompt Leakage

What is PLeak, and what are the risks associated with it? We explored this algorithmic technique and how it can be used to jailbreak LLMs, which could be leveraged by threat actors to manipulate systems and steal sensitive data.

Research May 01, 2025

Save to Folio

Research May 01, 2025

Save to Folio

APT & Targeted Attacks

Earth Kasha Updates TTPs in Latest Campaign Targeting Taiwan and Japan

This blog discusses the latest modifications observed in Earth Kasha’s TTPs from their latest campaign detected in March 2025 targeting Taiwan and Japan.

Research Apr 30, 2025

Save to Folio

Research Apr 30, 2025

Save to Folio

Exploits & Vulnerabilities

NVIDIA Riva Vulnerabilities Leave AI-Powered Speech and Translation Services at Risk

Trend Research uncovered misconfigurations in NVIDIA Riva deployments, with two vulnerabilities, CVE-2025-23242 and CVE-2025-23243, contributing to their exposure. These security flaws could lead to unauthorized access, resource abuse, and potential misuse or theft of AI-powered inference services, including speech recognition and text-to-speech processing.

Research Apr 28, 2025

Save to Folio

Research Apr 28, 2025

Save to Folio

APT & Targeted Attacks

Earth Kurma APT Campaign Targets Southeast Asian Government, Telecom Sectors

An APT group dubbed Earth Kurma is actively targeting government and telecommunications organizations in Southeast Asia using advanced malware, rootkits, and trusted cloud services to conduct cyberespionage.

Research Apr 25, 2025

Save to Folio

Research Apr 25, 2025

Save to Folio

Cyber Threats

Russian Infrastructure Plays Crucial Role in North Korean Cybercrime Operations

In this blog entry, we discuss how North Korea's significant role in cybercrime – including campaigns attributed to Void Dokkaebi – is facilitated by extensive use of anonymization networks and the use of Russian IP ranges.

Research Apr 23, 2025

Save to Folio

Research Apr 23, 2025

Save to Folio

Malware

FOG Ransomware Spread by Cybercriminals Claiming Ties to DOGE

This blog details our investigation of malware samples that conceal within them a FOG ransomware payload.

Research Apr 21, 2025

Save to Folio

Research Apr 21, 2025

Save to Folio

Ransomware

CrazyHunter Campaign Targets Taiwanese Critical Sectors

This blog entry details research on emerging ransomware group CrazyHunter, which has launched a sophisticated campaign aimed at Taiwan's essential services.

Research Apr 16, 2025

Save to Folio

Research Apr 16, 2025

Save to Folio

Cloud

Strengthen Security with Cyber Risk Advisory

In today’s fast-paced digital world, cyber threats are constantly evolving. Attackers are leveraging advanced techniques and artificial intelligence (AI) to exploit vulnerabilities, leaving organizations vulnerable to breaches and disruptions. To combat these challenges, organizations must stay vigilant and implement more proactive cybersecurity measures. This is where our Cyber Risk Advisory service, powered by the Trend Vision One™ Cyber Risk Exposure Management (CREM) solution, step in to provide a strategic edge.

Latest News Apr 15, 2025

Save to Folio

Latest News Apr 15, 2025

Save to Folio