News
Entertainment
Science & Technology
Life
Culture & Art
Hobbies
News
Entertainment
Science & Technology
Culture & Art
Hobbies
Operation Serengeti 2.0: Trend Micro Helps Law Enforcement Fight Cybercrime in Africa | Trend Micro (US)
Operation Serengeti 2.0: With Trend Micro’s support, INTERPOL led a major crackdown across Africa, arresting cybercriminals, dismantling infrastructures, recovering illicit funds, and protecting tens of thousands of victims.
Proactive Security for CVE-2025-53770 and CVE-2025-53771 SharePoint Attacks | Trend Micro (US)
CVE-2025-53770 and CVE-2025-53771 are vulnerabilities in on-premise Microsoft SharePoint Servers that evolved from previously patched flaws, allowing unauthenticated remote code execution through advanced deserialization and ViewState abuse.
Warlock: From SharePoint Vulnerability Exploit to Enterprise Ransomware | Trend Micro (US)
Warlock ransomware exploits unpatched Microsoft SharePoint vulnerabilities to gain access, escalate privileges, steal credentials, move laterally, and deploy ransomware with data exfiltration across enterprise environments.
Back to Business: Lumma Stealer Returns with Stealthier Methods | Trend Micro (US)
Lumma Stealer has re-emerged shortly after its takedown. This time, the cybergroup behind this malware appears to be intent on employing more covert tactics while steadily expanding its reach. This article shares the latest methods used to propagate this threat.
Preventing Zero-Click AI Threats: Insights from EchoLeak | Trend Micro (US)
A zero-click exploit called EchoLeak reveals how AI assistants like Microsoft 365 Copilot can be manipulated to leak sensitive data without user interaction. This entry breaks down how the attack works, why it matters, and what defenses are available to proactively mitigate this emerging AI-native threat.
BERT Ransomware Group Targets Asia and Europe on Multiple Platforms | Trend Micro (US)
BERT is a newly emerged ransomware group that pairs simple code with effective execution—carrying out attacks across Europe and Asia. In this entry, we examine the group’s tactics, how their variants have evolved, and the tools they use to get past defenses and speed up encryption across platforms.
Why a Classic MCP Server Vulnerability Can Undermine Your Entire AI Agent | Trend Micro (US)
A single SQL injection bug in Anthropic’s SQLite MCP server—forked over 5,000 times—can seed stored prompts, exfiltrate data, and hand attackers the keys to entire agent workflows. This entry unpacks the attack chain and lays out concrete fixes to shut it down.
An Investigation of AWS Credential Exposure via Overprivileged Containers | Trend Micro (US)
Overprivileged or misconfigured containers in Amazon EKS can expose sensitive AWS credentials to threats like packet sniffing and API spoofing, highlighting the need for least privilege and proactive security to detect and reduce these risks.
Critical Langflow Vulnerability (CVE-2025-3248) Actively Exploited to Deliver Flodrix Botnet | Trend Micro (US)
This blog uncovers an active campaign exploiting CVE-2025-3248 in Langflow versions before 1.3.0 that deploys the Flodrix botnet, enabling threat actors to achieve full system compromise, initiate DDoS attacks, and potentially exfiltrate sensitive data.
Clone, Compile, Compromise: Water Curse’s Open-Source Malware Trap on GitHub | Trend Micro (US)
The Trend Micro™ Managed Detection and Response team uncovered a threat campaign orchestrated by an active group, Water Curse. The threat actor exploits GitHub, one of the most trusted platforms for open-source software, as a delivery channel for weaponized repositories.
Anubis: A Closer Look at an Emerging Ransomware with Built-in Wiper | Trend Micro (US)
Anubis is an emerging ransomware-as-a-service (RaaS) group that adds a destructive edge to the typical double-extortion model with its file-wiping feature. We explore its origins and examine the tactics behind its dual-threat approach.
Earth Lamia Develops Custom Arsenal to Target Multiple Industries | Trend Micro (US)
Trend™ Research has been tracking an active APT threat actor named Earth Lamia, targeting multiple industries in Brazil, India and Southeast Asia countries at least since 2023. The threat actor primarily exploits vulnerabilities in web applications to gain access to targeted organizations.