Tag: trend micro
61 articles

Hackers Exploit Blockchain to Target Japan Hotels via Phishing
TrendAI Research uncovered a sneaky phishing campaign in late May 2026 that targeted hotel staff in Japan, cleverly disguising emails as guest complaints or review requests to trick employees into divulging sensitive info. The attackers stayed one step ahead, constantly updating their tactics to maximize their success.

Cyber Trust Erodes as AI, Tools Enable New Attacks
Trust is crumbling in the digital world as hackers exploit AI and tools to launch devastating attacks, turning trusted platforms into malware delivery mechanisms. The latest threat: hijacked Google Ads and AI developer tools used to funnel over 2,000 victims to malicious download pages.

Microsoft Patch Tuesday Update Sets Record with 206 Vulnerabilities Fixed
Microsoft just dropped a record-breaking Patch Tuesday update, fixing a staggering 206 vulnerabilities in a single swoop - a move that's both impressive and concerning. This massive update is part of a larger trend, with nearly half of this year's patches containing triple-digit numbers of fixes.

Trend Micro Discloses Apex One Zero-Day Exploited in Attacks
A critical zero-day vulnerability, CVE-2026-34926, has been discovered in Trend Micro's Apex One on-premises server, allowing pre-authenticated local attackers to inject malicious code - and it's being actively exploited in attacks. Federal agencies have been ordered to patch affected systems ASAP, with a deadline of June 4, 2026.

CISA Flags Actively Exploited Langflow, Trend Micro Vulnerabilities
The Cybersecurity and Infrastructure Security Agency (CISA) has sounded the alarm on two major vulnerabilities, CVE-2025-34291 and CVE-2026-34926, currently being exploited by hackers, and is requiring federal agencies to patch them by June 4, 2026. These weaknesses, found in Langflow and Trend Micro Apex One, could allow attackers to take control of systems and execute malicious code.

Ransomware Actors Exploit Vulnerable Drivers to Evade EDR Tools
Ransomware operators are outsmarting defenders by exploiting vulnerable drivers to evade detection by endpoint security tools, with recent attacks disabling over 300 security products. This clever tactic allows hackers to silence security defenses and wreak havoc on networks.

Lumma Stealer Exclusive: Vidar 2.0 Fuels Dangerous Rise
The Lumma Stealer leak has supercharged Vidar 2.0, recycling stolen credentials and exposed code into a stealthier, cheaper toolkit for criminals. Trend Micro warns defenders to brace for rising Vidar 2.0 activity through Q4 2025.

Lumma Stealer Vacuum Exclusive Dangerous Vidar 2.0 Upgrade
From the public doxxing of Lumma Stealer to the resurfacing of Vidar 2.0, the cybercrime scene is behaving more like a ruthless software market — and that escalation puts millions of credentials and finances at risk. Security teams take note: analysts expect a rise in sophisticated stealer activity through Q4 2025.

Lumma Stealer: Shocking Risky Reputation Exposure
A rival cybercrime group has publicly doxxed the operators behind Lumma Stealer, ripping away their secrecy and wreaking reputational havoc while creating both intelligence opportunities—and dangerous misinformation—for defenders, victims, and investigators.

Cisco SNMP vulnerability: Critical Must-Have Fix
Trend Micro revealed attackers exploiting a Cisco SNMP flaw to install stealthy Linux rootkits on routers, turning everyday network gear into persistent, invisible footholds — a wake-up call to patch, segment, and monitor your infrastructure before it’s quietly weaponized.

LockBit 50: Exclusive Deadliest Threat to Enterprises
LockBit 5.0 is back and scarier than ever — its native payloads can now hit Windows, Linux and VMware ESXi in one campaign, putting entire enterprises and virtualized workloads at risk. If you haven’t already, harden hypervisors, adopt cross-platform defenses, and treat ransomware as an enterprise survival priority.

LockBit ransomware Stunning Deadly New Variant
LockBit’s latest variant is faster, stealthier and can run on multiple operating systems, meaning ransomware risk now extends well beyond traditional Windows targets. Act now—strengthen segmentation, offline backups, MFA and timely patching to blunt its impact.

Wondershare RepairIt Critical Risk: Exclusive Warning
A popular repair tool, Wondershare RepairIt, had two critical flaws that could let attackers bypass authentication to steal private files and even tamper with AI model assets—update now to protect your data and systems.

fake CAPTCHA pages: Exclusive Dangerous AI Phishing Threat
Think twice before clicking that checkbox — attackers are using AI to spin up lifelike fake CAPTCHAs that harvest credentials and turn a trusted security step into an easy phishing trap.

exposed Docker APIs: Must-Have Fixes Against Risky Miners
Leaving Docker Remote APIs exposed is like leaving your front door open — attackers are now using TOR-backed cryptojacking campaigns to quietly hijack compute, lock out rivals, and hide their tracks. Secure your management endpoints with authentication and network controls, enforce least-privilege, and monitor for unusual container activity to stop wallets from draining your cloud bill.

macOS stealer Exclusive: Dangerous, Must-Stop Threat
Think a cracked app is a harmless shortcut? Trend Micro warns that a macOS stealer called AMOS is being bundled with pirated apps and delivered via terminal commands that grant attackers sweeping access—don’t run unverified installers or command-line scripts, and stick to legitimate software to protect your accounts and networks.

Warlock ransomware: Exclusive Critical Threat to SharePoint
If your organization still runs on-premises SharePoint, Trend Micro’s findings are a wake-up call: attackers are using a ToolShell exploit to turn unpatched SharePoint instances into staging grounds for multi-stage Warlock ransomware campaigns that can steal data and cripple recovery. Patch promptly, lock down admin access, and treat collaboration platforms as critical assets before a trusted service becomes an easy path to extortion.

Charon ransomware: Stunningly Devastating Threat
A new ransomware called Charon is using APT-style stealth—DLL side‑loading and process injection—to strike Middle East public-sector and aviation systems, forcing a rethink of how we protect critical services. Assume attackers are getting smarter: prioritize EDR, MFA, network segmentation and practiced response plans to keep cities and flights safe.

Trend Micro vulnerability: Risky, Stunning Security Failure
Trend Micro’s Apex One management console has a critical, actively exploited vulnerability with no patch available, leaving organizations exposed and customer trust at risk. It’s a wake-up call for greater transparency, faster fixes, and heightened vigilance from both vendors and users.

Air Serbia Faces Major Cyberattack Amid Rising Airline Turbulence
Air Serbia’s under siege as a massive cyberattack disrupts operations, exposing the hidden digital battles airlines face in today’s high-stakes cyber skies.

Urgent Google Chrome Update Fixes Active CVE-2025-6558 Exploit
Google just rolled out a critical Chrome update to fix a high-severity flaw that’s already being exploited—if you use Chrome, don’t wait to secure your browser now!

16B Password Breach Claim Questioned Amid Security Concerns
Is the staggering claim of 16 billion leaked passwords really the biggest breach ever, or just a case of numbers getting out of hand in the world of cybersecurity? Let’s dive into why experts are raising eyebrows and what this means for your online safety.

Hackers Exploit Leaked Shellter License to Spread Lumma and SectopRAT
Hackers have exploited leaked Shellter licenses to weaponize this trusted red teaming tool, enabling the stealthy spread of Lumma and SectopRAT malware that evades detection by masquerading as legitimate penetration testing activity. This incident highlights a growing challenge in cybersecurity: safeguarding offensive security tools from misuse without hindering their essential role in strengthening defenses.

Global Surge of New Bert Ransomware Variants
Discover the rising threat of new Bert ransomware variants, affecting systems worldwide with evolving tactics and increased sophistication. Stay informed.