Research, News, and Perspectives

Artificial Intelligence (AI)

Your AI Gateway Was a Backdoor: Inside the LiteLLM Supply Chain Compromise

TeamPCP orchestrated the first publicly documented multi-ecosystem supply chain campaign specifically targeting AI infrastructure. The concentration of high-value credentials in a small number of widely adopted packages makes the AI ecosystems a high-value target for this class of attack.

Latest News Mar 26, 2026

Save to Folio

Latest News Mar 26, 2026

Save to Folio

APT & Targeted Attacks

Pawn Storm Campaign Deploys PRISMEX, Targets Government and Critical Infrastructure Entities

This blog discusses the steganography, cloud abuse, and email-based backdoors used against the Ukrainian defense supply chain in the latest Pawn Storm campaign that TrendAI™ Research observed and analyzed.

Latest News Mar 26, 2026

Save to Folio

Latest News Mar 26, 2026

Save to Folio

Malware

Copyright Lures Mask a Multi‑Stage PureLog Stealer Attack on Key Industries

We look into a stealthy multi‑stage attack campaign that delivers PureLog Stealer entirely in memory using encrypted, fileless techniques.

Research Mar 19, 2026

Save to Folio

Research Mar 19, 2026

Save to Folio

Compliance & Risks

Why East-West Visibility Matters for Grid Security

Learn how east-west traffic visibility helps detect and stop lateral movement attacks inside electric grid infrastructure and critical OT networks.

Consumer Focus Mar 18, 2026

Save to Folio

Consumer Focus Mar 18, 2026

Save to Folio

Cyber Threats

From Misconfigured Spring Boot Actuator to SharePoint Exfiltration: How Stolen Credentials Bypass MFA

Not every cloud breach starts with malware or a zero-day. In this incident, attackers discovered an exposed Spring Boot Actuator endpoint, harvested credentials from leaked configuration data, then used the OAuth2 Resource Owner Password Credentials (ROPC) flow to authenticate without MFA.

Investigations Mar 18, 2026

Save to Folio

Investigations Mar 18, 2026

Save to Folio

Cyber Crime

TrendAI™ Supports Global Law Enforcement Efforts

Learn how TrendAI™ and our researchers contributed threat intelligence and analysis to support INTERPOL against cybercrime.

Latest News Mar 16, 2026

Save to Folio

Latest News Mar 16, 2026

Save to Folio

Ransomware

Web Shells, Tunnels, and Ransomware: Dissecting a Warlock Attack

Warlock continues to enhance its attack chain with new tactics to improve persistence, lateral movement, and defense evasion using an expanded toolset: TightVNC Yuze, and a persistent BYOVD technique leveraging the NSec driver.

Latest News Mar 16, 2026

Save to Folio

Latest News Mar 16, 2026

Save to Folio

Artificial Intelligence (AI)

Securing Autonomous AI Agents with TrendAI & NVIDIA OpenShell

Learn how TrendAI and NVIDIA OpenShell help secure autonomous AI agents and build trusted enterprise AI systems with stronger visibility and control.

Latest News Mar 16, 2026

Save to Folio

Latest News Mar 16, 2026

Save to Folio

Malware

Through the Lens of MDR: Analysis of KongTuke’s ClickFix Abuse of Compromised WordPress Sites

Our analysis of an active KongTuke campaign deploying modeloRAT — malware capable of reconnaissance, command execution, and persistent access — through compromised WordPress sites and fake CAPTCHA lures shows that the group still operates this delivery chain in parallel with the newer CrashFix technique.

Research Mar 10, 2026

Save to Folio

Research Mar 10, 2026

Save to Folio

Artificial Intelligence (AI)

CISOs in a Pinch: A Security Analysis of OpenClaw

Learn about OpenClaw (a sovereign agent) and how this can be viable for enterprises.

Expert Perspective Mar 10, 2026

Save to Folio

Expert Perspective Mar 10, 2026

Save to Folio