Security News

Organizations are rapidly connecting AI agents to their databases, document pipelines, and internal tools, creating privileged components that read untrusted input as part of their job. TrendAI™ Research examines how attackers turn these agents against you through return-to-tool (RTT) exploits, and what this means for the future of agentic AI security.

TrendAI™ and CleanDNS have partnered to go beyond blocking malicious domains. Learn how we are actively dismantling the infrastructure that cybercriminals depend on and removing attacker domains from the internet before attacks reach their targets.

Analysis from TrendAI™ Research found that thousands of DICOM medical imaging servers worldwide are exposed online without basic security measures, leaving sensitive patient data and healthcare operations vulnerable to cyberattacks.

Exposed Model Context Protocol (MCP) servers have become powerful vectors for cloud attacks, enabling threat actors to not only access sensitive data but also take control of the cloud services themselves.

Tightening security controls and other underground factors are forcing infostealer operations to adapt. TrendAI™ Research explores their evolution into coordinated attack infrastructure and the implications for identity defense.

Edge devices have become a primary entry point for state-sponsored espionage, giving attackers a cheaper, faster path to network access, credential theft, and traffic interception. Our report examines the threat landscape, economics, and actor activity driving this shift, along with what CISOs and security leaders can do to respond.

AI‑enabled APTs are accelerating attacks, shrinking response windows, and raising the stakes. This report reveals what’s changed and how to defend against it.

A jailbreak through sockpuppeting can be easily done as it requires no special tools nor optimization. It only takes a faulty prefill feature, and the gates are open. We tested 11 LLM-powered assistants against sockpuppeting and found varying levels of robustness across today’s leading LLMs.

Persistent DNS references to deleted Azure resources create opportunities for attackers to take over trusted endpoints, highlighting a critical risk in cloud infrastructure. TrendAI™ Research discusses six real-world scenarios where attackers could exploit lingering DNS names, allowing them to inherit trust and compromise dependent systems.