Research, News, and Perspectives

Sztuczna inteligencja (AI)

GenAI Is Both Hunter and Hunted at Pwn2Own Berlin 2026

This year’s Pwn2Own competition in Berlin revealed just how much of the AI stack remains exposed -- and the gap between what these tools promise and what they can withstand point to the fragile security foundations underneath.

Latest News Jun 10, 2026

Save to Folio

Latest News Jun 10, 2026

Save to Folio

APT i ataki ukierunkowane

Old WinRAR Flaw Fuels Attacks on Ukraine: How Unmanaged Software Keeps the Door Open

Two separate Russia-aligned campaigns are still exploiting the WinRAR flaw CVE-2025-8088 against Ukrainian organizations nearly a year after it was patched, showing how unmanaged software keeps an exploited entry point open long after the fix ships.

Research Jun 08, 2026

Save to Folio

Research Jun 08, 2026

Save to Folio

Exploity i luki w zabezpieczeniach

Pwn2Own Berlin 2026: On the Ground With TrendAI™ ZDI's Biggest AI Showdown Yet

47 zero-days fell at Pwn2Own Berlin 2026 for US$1,298,250 in payouts. TrendAI™ was on the ground all three days — here's what we saw.

Latest News Jun 01, 2026

Save to Folio

Latest News Jun 01, 2026

Save to Folio

Zgodność z przepisami i ryzyko

Making Cyber Risk Measurable: Why Risk Assessment and Compliance Must Go Hand in Hand

Today, most organizations already have a broad range of modern security solutions in place, yet many still struggle with a lack of meaningful visibility. The challenge is no longer collecting more security data.

Expert Perspective May 27, 2026

Save to Folio

Expert Perspective May 27, 2026

Save to Folio

Cyberprzestępczość

Smart Contracts for C&C: How ClearFake Hid in Plain Sight on BSC Testnet

TrendAI™ Research analyzed an intrusion where threat actors used the EtherHiding technique to route ClearFake payload delivery through smart contracts on the BNB Smart Chain testnet. The attack chain ended with two simultaneously deployed stealers, SectopRAT and ACRStealer alongside an on-chain execution tracker that confirmed each victim compromise in real time.

Latest News May 26, 2026

Save to Folio

Latest News May 26, 2026

Save to Folio

Złośliwe oprogramowanie

Analyzing Void Dokkaebi’s Cython-Compiled InvisibleFerret Malware

Void Dokkaebi, a North Korea-aligned intrusion set, has updated its information-stealing malware, InvisibleFerret, shifting its delivery format to evade script-based detections.

Research May 22, 2026

Save to Folio

Research May 22, 2026

Save to Folio

Cyberprzestępczość

One Man, One AI, One Fake Persona: Inside the 5-Year Influence and Fraud ‘Patriot Bait’ Campaign

A solo Russian-speaking threat actor ran a 5-year Telegram channel and, starting September 2025, used AI to automate its content, credential theft, and a cryptocurrency fraud scheme targeting American audiences.

Research May 21, 2026

Save to Folio

Research May 21, 2026

Save to Folio

Cyberzagrożenia

Inside SHADOW-WATER-063’s Banana RAT: From Build Server to Banking Fraud

In this blog entry, researchers from the TrendAI™ MDR team discuss how they mapped the full end-to-end operation of SHADOW-WATER-063’s Banana RAT banking malware by analyzing server-side artifacts and victim-side data.

Latest News May 19, 2026

Save to Folio

Latest News May 19, 2026

Save to Folio

Sztuczna inteligencja (AI)

Agentic Governance: Why It Matters Now

AI agents now act inside the trust boundary with real credentials, and agentic governance is what keeps them from quietly breaking things at machine speed.

May 18, 2026

Save to Folio

May 18, 2026

Save to Folio

Cyberzagrożenia

Analyzing TeamPCP’s Supply Chain Attacks: Checkmarx KICS and elementary-data in CI/CD Credential Theft

Our research examines the April 22 Checkmarx KICS and April 24 elementary-data incidents as part of a broader TeamPCP supply chain campaign. Across both cases, the actor abused trusted CI/CD and release workflows to steal credentials at scale.

Research May 13, 2026

Save to Folio

Research May 13, 2026

Save to Folio