Research

As open-source AI models become foundational to digital infrastructure, hidden backdoors and tampered supply chains pose a growing, under-recognized threat that traditional security tools can fail to detect.

This report takes a comprehensive look at how deepfakes are used to support criminal business processes, what are the toolkits criminals are exploiting to power their deepfake creation, and what the deepfake underground looks like.

Cyberattacks are growing increasingly sophisticated and frequent, which is why security strategies focused solely on detection and response are no longer sufficient. This reality brings renewed attention to the importance of identifying and mitigating cyber risks before incidents occur.

Over the years, Trend Micro researchers have published articles and research papers that detail different criminal underground communities around the world. Read about their motives, ecosystems, business models, and techniques to anticipate and proactively counter threats before they strike.

Our latest research provides a framework for understanding agentic AI systems, outlines their core characteristics, and examines the security implications surrounding their use.

Trend Vision One™ tackles 7 of OWASP’s Top 10 LLM vulnerabilities, offering comprehensive protection against prompt injection, data leakage, AI supply chain risks, and other critical flaws.

Our research examines how AI coding assistants can hallucinate plausible but non-existent package names—therefore enabling slopsquatting attacks—while also providing practical defense strategies that organizations can implement to secure their development pipelines

To conclude our series on agentic AI, this article examines emerging vulnerabilities that threaten AI agents, focusing on providing proactive security recommendations on areas such as code execution, data exfiltration, and database access.

How can attackers exploit weaknesses in database-enabled AI agents? This research explores how SQL generation vulnerabilities, stored prompt injection, and vector store poisoning can be weaponized by attackers for fraudulent activities.