Research, News, and Perspectives

Exploits & Vulnerabilities

An Investigation of AWS Credential Exposure via Overprivileged Containers

Overprivileged or misconfigured containers in Amazon EKS can expose sensitive AWS credentials to threats like packet sniffing and API spoofing, highlighting the need for least privilege and proactive security to detect and reduce these risks.

Research Jun 19, 2025

Save to Folio

Research Jun 19, 2025

Save to Folio

Malware

Uncovering a Tor-Enabled Docker Exploit

A recent attack campaign took advantage of exposed Docker Remote APIs and used the Tor network to deploy a stealthy cryptocurrency miner. This blog breaks down the attack chain.

Research Jun 18, 2025

Save to Folio

Research Jun 18, 2025

Save to Folio

Exploits & Vulnerabilities

Critical Langflow Vulnerability (CVE-2025-3248) Actively Exploited to Deliver Flodrix Botnet

This blog uncovers an active campaign exploiting CVE-2025-3248 in Langflow versions before 1.3.0 that deploys the Flodrix botnet, enabling threat actors to achieve full system compromise, initiate DDoS attacks, and potentially exfiltrate sensitive data.

Research Jun 17, 2025

Save to Folio

Research Jun 17, 2025

Save to Folio

APT & Targeted Attacks

Clone, Compile, Compromise: Water Curse’s Open-Source Malware Trap on GitHub

The Trend Micro™ Managed Detection and Response team uncovered a threat campaign orchestrated by an active group, Water Curse. The threat actor exploits GitHub, one of the most trusted platforms for open-source software, as a delivery channel for weaponized repositories.

Investigations Jun 16, 2025

Save to Folio

Investigations Jun 16, 2025

Save to Folio

Ransomware

Anubis: A Closer Look at an Emerging Ransomware with Built-in Wiper

Anubis is an emerging ransomware-as-a-service (RaaS) group that adds a destructive edge to the typical double-extortion model with its file-wiping feature. We explore its origins and examine the tactics behind its dual-threat approach.

Jun 13, 2025

Save to Folio

Jun 13, 2025

Save to Folio

Exploits & Vulnerabilities

Critical SAP Vulnerability Exposes Enterprises

CVE-2025-31324 in SAP NetWeaver Visual Composer enables unauthenticated file uploads, exposing systems to RCE and data loss - learn what to do about it.

Expert Perspective Jun 12, 2025

Save to Folio

Expert Perspective Jun 12, 2025

Save to Folio

Compliance & Risks

Innovation in the Fast Lane: Lessons from Motorsport and Cybersecurity

Learn how Trend Micro and NEOM McLaren Formula E Team turn creativity into innovation by rethinking team structures, workflows, and data use.

Expert Perspective Jun 11, 2025

Save to Folio

Expert Perspective Jun 11, 2025

Save to Folio

Artificial Intelligence (AI)

Enabling Secure AI Inference: Trend Cybertron Leverages NVIDIA Universal LLM NIM Microservices

Learn how Trend's Cybertron has been harnessing the power of NVIDIA Universal LLM NIM Microservices.

Expert Perspective Jun 11, 2025

Save to Folio

Expert Perspective Jun 11, 2025

Save to Folio

Operation Secure: Trend Micro's Threat Intelligence Fuels INTERPOL's Infostealer Infrastructure Takedown 

In this blog, we discuss how Trend Micro played a pivotal role in Operation Secure, a multi-national law enforcement effort that dismantled the infrastructure behind widespread infostealer malware campaigns across Asia and the Pacific.

Latest News Jun 11, 2025

Save to Folio

Latest News Jun 11, 2025

Save to Folio

Artificial Intelligence (AI)

Keeping Pace and Embracing Emerging Technologies

Trend Micro and the NEOM McLaren Formula E Team stay ahead of the curve by embracing new technologies, fostering a no-blame culture, and making split-second decisions in high-stakes environments.

Expert Perspective Jun 09, 2025

Save to Folio

Expert Perspective Jun 09, 2025

Save to Folio