[](javascript:jumpScroll\($\(this\).scrollTop\(\)\); "VerticalPageScroll")
arrow\_back
search
close
Content has been added to your Folio
Go to Folio (0) close
Research, News, and Perspectives
================================
Search
Add Filters
Filter by:
Threats
* APT & Targeted Attacks
* Artificial Intelligence (AI)
* Compliance & Risks
* Cyber Crime
* Cyber Risk
* Cyber Threats
* Deep Web
* Exploits & Vulnerabilities
* Malware
* Phishing
* Privacy & Risks
* Ransomware
* Risk Management
* Spam
Environments
* ASRM
* Cloud
* Connected Car
* Data center
* Endpoints
* ICS OT
* IoT
* Mobile
* Network
* Platform
* Smart Home
* Social Media
* TM Vision One Platform
* Web
Article Type
* #LetsTalk Series
* Annual Predictions
* Consumer Focus
* Encyclopedia
* Expert Perspective
* Foresight
* Glossary
* How To
* Latest News
* Reports
* Research
* Security Strategies
* Thought Leadership
Medium
* Articles, News, Reports
* Infographic
* Live Broadcast
* Podcast
* Report
* Video
* Webinar
[](/en_us/research/25/c/windows-shortcut-zero-day-exploit.html)
Exploits & Vulnerabilities
[ZDI-CAN-25373: Windows Shortcut Exploit Abused as Zero-Day in Widespread APT Campaigns](/en_us/research/25/c/windows-shortcut-zero-day-exploit.html)
-----------------------------------------------------------------------------------------------------------------------------------------------------
Trend Zero Day Initiative™ (ZDI) uncovered both state-sponsored and cybercriminal groups extensively exploiting ZDI-CAN-25373, a Windows .lnk file vulnerability that enables hidden command execution.
March 18, 2025
Trending Topics
---------------
Cyber Threats
### [AI-Assisted Fake GitHub Repositories Fuel SmartLoader and LummaStealer Distribution](/en_us/research/25/c/ai-assisted-fake-github-repositories.html)
Malware
### [SocGholish’s Intrusion Techniques Facilitate Distribution of RansomHub Ransomware](/en_us/research/25/c/socgholishs-intrusion-techniques-facilitate-distribution-of-rans.html)
Cyber Risk
### [Exploiting DeepSeek-R1: Breaking Down Chain of Thought Security](/en_us/research/25/c/exploiting-deepseek-r1.html)
[](https://www.trendmicro.com/en_us/research/25/c/albabat-ransomware-group.html)
Ransomware
### [Albabat Ransomware Group Potentially Expands Targets to Multiple OS, Uses GitHub to Streamline Operations](https://www.trendmicro.com/en_us/research/25/c/albabat-ransomware-group.html)
Trend Research encounters new versions of the Albabat ransomware, which appears to target Windows, Linux, and macOS devices. We also reveal the group’s use of GitHub to streamline their ransomware operation.
Research Mar 21, 2025
Save to Folio
Research Mar 21, 2025
Save to Folio
[](https://www.trendmicro.com/en_us/research/25/c/socgholishs-intrusion-techniques-facilitate-distribution-of-rans.html)
Malware
### [SocGholish’s Intrusion Techniques Facilitate Distribution of RansomHub Ransomware](https://www.trendmicro.com/en_us/research/25/c/socgholishs-intrusion-techniques-facilitate-distribution-of-rans.html)
Trend Research analyzed SocGholish’s MaaS framework and its role in deploying RansomHub ransomware through compromised websites, using highly obfuscated JavaScript loaders to evade detection and execute various malicious tasks.
Research Mar 14, 2025
Save to Folio
Research Mar 14, 2025
Save to Folio
[](https://www.trendmicro.com/en_us/research/25/c/ai-assisted-fake-github-repositories.html)
Cyber Threats
### [AI-Assisted Fake GitHub Repositories Fuel SmartLoader and LummaStealer Distribution](https://www.trendmicro.com/en_us/research/25/c/ai-assisted-fake-github-repositories.html)
In this blog entry, we uncovered a campaign that uses fake GitHub repositories to distribute SmartLoader, which is then used to deliver Lumma Stealer and other malicious payloads. The campaign leverages GitHub’s trusted reputation to evade detection, using AI-generated content to make fake repositories appear legitimate.
Research Mar 11, 2025
Save to Folio
Research Mar 11, 2025
Save to Folio
[](https://www.trendmicro.com/en_us/research/25/c/from-event-to-insight.html)
Cyber Threats
### [From Event to Insight: Unpacking a B2B Business Email Compromise (BEC) Scenario](https://www.trendmicro.com/en_us/research/25/c/from-event-to-insight.html)
Trend Micro™ Managed XDR assisted in an investigation of a B2B BEC attack that unveiled an entangled mesh weaved by the threat actor with the help of a compromised server, ensnaring three business partners in a scheme that spanned for days. This article features investigation insights, a proposed incident timeline, and recommended security practices.
Research Mar 05, 2025
Save to Folio
Research Mar 05, 2025
Save to Folio
[](https://www.trendmicro.com/en_us/research/25/c/exploiting-deepseek-r1.html)
Cyber Risk
### [Exploiting DeepSeek-R1: Breaking Down Chain of Thought Security](https://www.trendmicro.com/en_us/research/25/c/exploiting-deepseek-r1.html)
This entry explores how the Chain of Thought reasoning in the DeepSeek-R1 AI model can be susceptible to prompt attacks, insecure output generation, and sensitive data theft.
Research Mar 04, 2025
Save to Folio
Research Mar 04, 2025
Save to Folio
[](https://www.trendmicro.com/en_us/research/25/b/black-basta-cactus-ransomware-backconnect.html)
Ransomware
### [Black Basta and Cactus Ransomware Groups Add BackConnect Malware to Their Arsenal](https://www.trendmicro.com/en_us/research/25/b/black-basta-cactus-ransomware-backconnect.html)
In this blog entry, we discuss how the Black Basta and Cactus ransomware groups utilized the BackConnect malware to maintain persistent control and exfiltrate sensitive data from compromised machines.
Latest News Mar 03, 2025
Save to Folio
Latest News Mar 03, 2025
Save to Folio
[](https://www.trendmicro.com/en_us/research/25/b/updated-shadowpad-malware-leads-to-ransomware-deployment.html)
Ransomware
### [Updated Shadowpad Malware Leads to Ransomware Deployment](https://www.trendmicro.com/en_us/research/25/b/updated-shadowpad-malware-leads-to-ransomware-deployment.html)
In this blog entry, we discuss how Shadowpad is being used to deploy a new undetected ransomware family. Attackers deploy the malware by exploiting weak passwords and bypassing multi-factor authentication.
Research Feb 20, 2025
Save to Folio
Research Feb 20, 2025
Save to Folio
[](https://www.trendmicro.com/en_us/research/25/b/earth-preta-mixes-legitimate-and-malicious-components-to-sidestep-detection.html)
Cyber Threats
### [Earth Preta Mixes Legitimate and Malicious Components to Sidestep Detection](https://www.trendmicro.com/en_us/research/25/b/earth-preta-mixes-legitimate-and-malicious-components-to-sidestep-detection.html)
Our Threat Hunting team discusses Earth Preta’s latest technique, in which the APT group leverages MAVInject and Setup Factory to deploy payloads, and maintain control over compromised systems.
Latest News Feb 18, 2025
Save to Folio
Latest News Feb 18, 2025
Save to Folio
[](https://www.trendmicro.com/en_us/research/25/b/chinese-speaking-group-manipulates-seo-with-badiis.html)
Malware
### [Chinese-Speaking Group Manipulates SEO with BadIIS](https://www.trendmicro.com/en_us/research/25/b/chinese-speaking-group-manipulates-seo-with-badiis.html)
This blog post details our analysis of an SEO manipulation campaign targeting Asia. We also share recommendations that can help enterprises proactively secure their environment.
Research Feb 07, 2025
Save to Folio
Research Feb 07, 2025
Save to Folio
[](https://www.trendmicro.com/en_us/research/25/a/cve-2025-0411-ukrainian-organizations-targeted.html)
Exploits & Vulnerabilities
### [CVE-2025-0411: Ukrainian Organizations Targeted in Zero-Day Campaign and Homoglyph Attacks](https://www.trendmicro.com/en_us/research/25/a/cve-2025-0411-ukrainian-organizations-targeted.html)
The Trend ZDI team offers an analysis on how CVE-2025-0411, a zero-day vulnerability in 7-Zip, was actively exploited to target Ukrainian organizations in a SmokeLoader campaign involving homoglyph attacks.
Research Feb 04, 2025
Save to Folio
Research Feb 04, 2025
Save to Folio
Load More
No matches found
### Resources
* [Blog](/en_us/research.html)
* [Newsroom](https://newsroom.trendmicro.com/)
* [Threat Reports](https://www.trendmicro.com/vinfo/us/security/research-and-analysis/threat-reports)
* [Find a Partner](https://partner.trendmicro.com/partner-locator-home/)
*
*
### Support
* [Business Support Portal](https://success.trendmicro.com/en-US/)
* [Contact Us](/en_us/business/get-info-form.html)
* [Downloads](/en_us/business/products/downloads.html)
* [Free Trials](/en_us/business/products/trials.html)
*
*
### About Trend
* [About Us](/en_us/about.html)
* [Careers](/en_us/about/careers.html)
* [Locations](/en_us/contact.html)
* [Upcoming Events](/en_us/about/events.html)
* [Trust Center](/en_us/about/trust-center.html)
*
### Country Headquarters
* Trend Micro - United States (US)
* 225 East John Carpenter Freeway
Suite 1500
Irving, Texas 75062
* Phone:: +1 (817) 569-8900
* [](https://www.linkedin.com/company/trend-micro/)
* [](https://www.facebook.com/TrendMicro/)
* [](https://x.com/trendmicro)
* [](https://www.instagram.com/trendmicro/)
* [](https://www.youtube.com/user/TrendMicroInc)
Select a country / region
United States expand\_more
close
#### The Americas
* [United States](/en_us.html)
* [Brasil](/pt_br.html)
* [Canada](/en_ca.html)
* [México](/es_mx.html)
#### Middle East & Africa
* [South Africa](/en_za.html)
* [Middle East and North Africa](/en_ae.html)
#### Europe
* [België (Belgium)](/en_be.html)
* [Česká Republika](http://www.trendmicro.cz/)
* [Danmark](/en_dk.html)
* [Deutschland, Österreich Schweiz](/de_de.html)
* [España](/es_es.html)
* [France](/fr_fr.html)
* [Ireland](/en_ie.html)
* [Italia](/it_it.html)
* [Nederland](/en_nl.html)
* [Norge (Norway)](/en_no.html)
* [Polska (Poland)](/pl_pl.html)
* [Suomi (Finland)](/en_fi.html)
* [Sverige (Sweden)](/en_se.html)
* [Türkiye (Turkey)](/tr_tr.html)
* [United Kingdom](/en_gb.html)
#### Asia & Pacific
* [Australia](/en_au.html)
* [Центральная Азия (Central Asia)](/ru_ru.html)
* [Hong Kong (English)](/en_hk.html)
* [香港 (中文) (Hong Kong)](/zh_hk.html)
* [भारत गणराज्य (India)](/en_in.html)
* [Indonesia](/in_id.html)
* [日本 (Japan)](/ja_jp.html)
* [대한민국 (South Korea)](/ko_kr/business.html)
* [Malaysia](/en_my.html)
* [Монголия (Mongolia) and рузия (Georgia)](/en_us.html)
* [New Zealand](/en_nz.html)
* [Philippines](/en_ph.html)
* [Singapore](/en_sg.html)
* [台灣 (Taiwan)](/zh_tw.html)
* [ประเทศไทย (Thailand)](/th_th.html)
* [Việt Nam](/vi_vn.html)
Experience our unified platform for free
* [Claim your 30-day trial](/en_us/business/products/trials.html)
* [Privacy](/en_us/about/trust-center/privacy.html)
* [Legal](/en_us/about/legal.html)
* [Accessibility](/en_us/about/legal/accessibility-policy.html)
* [Terms of Use](/en_us/about/legal/terms-of-use.html)
* [Sitemap](/en_us/business/sitemap.html)
Copyright ©2025 Trend Micro Incorporated. All rights reserved.
sXpIBdPeKzI9PC2p0SWMpUSM2NSxWzPyXTMLlbXmYa0R20xk