Vulnerabilities & Exploits

Beware of MCP Hardcoded Credentials: A Perfect Target for Threat Actors

August 13, 2025

Poor secret management in MCP servers can lead to serious consequences, including data breaches and supply chain attacks. This article examines the reality of these unsecure configurations and offers practical recommendations that minimize the chances of exposure.

PAGES:
1
2
3
4
5
6
7

Lessons in Resilience from the Race to Patch SharePoint Vulnerabilities
August 07, 2025
In this article, Trend Micro discusses how the fast-moving attacks using CVE-2025-53770 and CVE-2025-53771 have underscored the essential role of virtual patching and reliable intelligence in protecting organizations against evolving threats.
Read more
Unveiling AI Agent Vulnerabilities Part V: Securing LLM Services
May 28, 2025
To conclude our series on agentic AI, this article examines emerging vulnerabilities that threaten AI agents, focusing on providing proactive security recommendations on areas such as code execution, data exfiltration, and database access.
Read more
Unveiling AI Agent Vulnerabilities Part IV: Database Access Vulnerabilities
May 21, 2025
How can attackers exploit weaknesses in database-enabled AI agents? This research explores how SQL generation vulnerabilities, stored prompt injection, and vector store poisoning can be weaponized by attackers for fraudulent activities.
Read more
Cellular IoT Vulnerabilities: Another Door to Cellular Networks
October 31, 2024
Cellular IoT vulnerabilities show an increasing trend over the years, indicating that these devices are becoming more and more popular — and that they are being targeted more frequently.
Read more
UNWIRED: Understanding the Unforeseen Risks in Evolving Communication Channels
September 03, 2024
This article outlines the strategic risks linked to the growth of natively connected internet of things (IoT) devices that operate outside traditional cybersecurity controls.
Read more
Pushing the Outer Limits: Trend Micro 2024 Midyear Cybersecurity Threat Report
August 15, 2024
With the goal of creating fast, evasive, and sophisticated threats and campaigns, malicious actors are always on the prowl for new technologies to abuse, significant world events to exploit, and mismanaged and vulnerable assets to compromise.
Read more
Today’s Cloud and Container Misconfigurations Are Tomorrow’s Critical Vulnerabilities
August 06, 2024
It’s projected that by 2027, more than 90% of global organizations will be running containerized applications, while 63% of enterprises already adopted a cloud-native strategy in their businesses in 2023.
Read more
The Mirage of AI Programming: Hallucinations and Code Integrity
July 25, 2024
The adoption of large language models (LLMs) and Generative Pre-trained Transformers (GPTs), such as ChatGPT, by leading firms like Microsoft, Nuance, Mix and Google CCAI Insights, drives the industry towards a series of transformative changes. As the use of these new technologies becomes prevalent, it is important to understand their key behavior, advantages, and the risks they present.
Read more
Kong API Gateway Misconfigurations: An API Gateway Security Case Study
May 21, 2024
Tools that aggregate access into multiple different environments, such as API gateways, pose a security risk for all these environments upon breach. In this article, we continue our journey through the security issues of the API Gateway landscape. Our new research focuses on another popular API gateway — Kong.
Read more

PAGES:
1
2
3
4
5
6
7

Vulnerabilities & Exploits

Beware of MCP Hardcoded Credentials: A Perfect Target for Threat Actors

Lessons in Resilience from the Race to Patch SharePoint Vulnerabilities

Unveiling AI Agent Vulnerabilities Part V: Securing LLM Services

Unveiling AI Agent Vulnerabilities Part IV: Database Access Vulnerabilities

Cellular IoT Vulnerabilities: Another Door to Cellular Networks

UNWIRED: Understanding the Unforeseen Risks in Evolving Communication Channels

Pushing the Outer Limits: Trend Micro 2024 Midyear Cybersecurity Threat Report

Today’s Cloud and Container Misconfigurations Are Tomorrow’s Critical Vulnerabilities

The Mirage of AI Programming: Hallucinations and Code Integrity

Kong API Gateway Misconfigurations: An API Gateway Security Case Study

Resources

Support

About Trend

Country Headquarters