Sneaky 2FA Phishing Kit Adds BitB Pop-ups Designed to Mimic the Browser Address Bar

The malware authors associated with a Phishing-as-a-Service (PhaaS) kit known as Sneaky 2FA have incorporated Browser-in-the-Browser (BitB) functionality into their arsenal, underscoring the continued evolution of such offerings and further making it easier for less-skilled threat actors to mount attacks at scale.
Push Security, in a report shared with The Hacker News, said it observed the use

---

Fonte: Leia a matéria original

Fortinet Warns of New FortiWeb CVE-2025-58034 Vulnerability Exploited in the Wild

Fortinet has warned of a new security flaw in FortiWeb that it said has been exploited in the wild.
The medium-severity vulnerability, tracked as CVE-2025-58034, carries a CVSS score of 6.7 out of a maximum of 10.0.
"An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] in FortiWeb may allow an authenticated attacker to execute

---

Fonte: Leia a matéria original

ServiceNow AI Agents Can Be Tricked Into Acting Against Each Other via Second-Order Prompts

Malicious actors can exploit default configurations in ServiceNow's Now Assist generative artificial intelligence (AI) platform and leverage its agentic capabilities to conduct prompt injection attacks.
The second-order prompt injection, according to AppOmni, makes use of Now Assist's agent-to-agent discovery to execute unauthorized actions, enabling attackers to copy and exfiltrate sensitive

---

Fonte: Leia a matéria original

EdgeStepper Implant Reroutes DNS Queries to Deploy Malware via Hijacked Software Updates

The threat actor known as PlushDaemon has been observed using a previously undocumented Go-based network backdoor codenamed EdgeStepper to facilitate adversary-in-the-middle (AitM) attacks.
EdgeStepper "redirects all DNS queries to an external, malicious hijacking node, effectively rerouting the traffic from legitimate infrastructure used for software updates to attacker-controlled infrastructure

---

Fonte: Leia a matéria original

Application Containment: How to Use Ringfencing to Prevent the Weaponization of Trusted Software

The challenge facing security leaders is monumental: Securing environments where failure is not an option. Reliance on traditional security postures, such as Endpoint Detection and Response (EDR) to chase threats after they have already entered the network, is fundamentally risky and contributes significantly to the half-trillion-dollar annual cost of cybercrime.
Zero Trust fundamentally shifts

---

Fonte: Leia a matéria original

Gunra Ransomware Group Unveils Efficient Linux Variant

This blog discusses how Gunra ransomware’s new Linux variant accelerates and customizes encryption, expanding the group’s reach with advanced cross-platform tactics.

---

Fonte: Leia a matéria original

BERT Ransomware Group Targets Asia and Europe on Multiple Platforms

BERT is a newly emerged ransomware group that pairs simple code with effective execution—carrying out attacks across Europe and Asia. In this entry, we examine the group’s tactics, how their variants have evolved, and the tools they use to get past defenses and speed up encryption across platforms.

---

Fonte: Leia a matéria original

Preventing Zero-Click AI Threats: Insights from EchoLeak

A zero-click exploit called EchoLeak reveals how AI assistants like Microsoft 365 Copilot can be manipulated to leak sensitive data without user interaction. This entry breaks down how the attack works, why it matters, and what defenses are available to proactively mitigate this emerging AI-native threat.

---

Fonte: Leia a matéria original

CISA's NIMBUS 2000 Initiative: Understanding Key Findings and Strengthening Cloud Identity Security

This blog explores key findings from CISA’s NIMBUS 2000 Cloud Identity Security Technical Exchange and how Trend Vision One™ Cloud Security aligns with these priorities. It highlights critical challenges in token validation, secrets management, and logging visibility—offering insights into how integrated security solutions can help organizations strengthen their cloud identity defenses and meet evolving federal standards.

---

Fonte: Leia a matéria original

Securing Tomorrow: An Interview with Trend Micro VP of Product Management Michael Habibi

Proactive security in a rapidly evolving threat landscape

---

Fonte: Leia a matéria original

Proactive Security Insights for SharePoint Attacks (CVE-2025-53770 and CVE-2025-53771)

CVE-2025-53770 and CVE-2025-53771 are vulnerabilities in on-premise Microsoft SharePoint Servers that evolved from previously patched flaws, allowing unauthenticated remote code execution through advanced deserialization and ViewState abuse.

---

Fonte: Leia a matéria original

Back to Business: Lumma Stealer Returns with Stealthier Methods

Lumma Stealer has re-emerged shortly after its takedown. This time, the cybergroup behind this malware appears to be intent on employing more covert tactics while steadily expanding its reach. This article shares the latest methods used to propagate this threat.

---

Fonte: Leia a matéria original

Proactive Email Security: The Power of AI

Lead with AI-powered email security to stay ahead of attackers and personalize user interaction at every touchpoint, bridging technology and behavior with precision.

---

Fonte: Leia a matéria original

Unlocking the Power of Amazon Security Lake for Proactive Security

Security is a central challenge in modern application development and maintenance, requiring not just traditional practices but also a deep understanding of application architecture and data flow. While organizations now have access to rich data like logs and telemetry, the real challenge lies in translating this information into actionable insights. This article explores how leveraging those insights can help detect genuine security incidents and prevent their recurrence.

---

Fonte: Leia a matéria original

Revisiting UNC3886 Tactics to Defend Against Present Risk

We examine the past tactics used by UNC3886 to gain insight on how to best strengthen defenses against the ongoing and emerging threats of this APT group.

---

Fonte: Leia a matéria original

New Ransomware Charon Uses Earth Baxia APT Techniques to Target Enterprises

We uncovered Charon, a new ransomware strainfamily that uses advanced APT-style techniques, including DLL sideloading, process injection, and anti-EDR capabilities, to target organizations with customized ransom demands.

---

Fonte: Leia a matéria original

Crypto24 Ransomware Group Blends Legitimate Tools with Custom Malware for Stealth Attacks

Crypto24 is a ransomware group that stealthily blends legitimate tools with custom malware, using advanced evasion techniques to bypass security and EDR technologies.

---

Fonte: Leia a matéria original

Warlock: From SharePoint Vulnerability Exploit to Enterprise Ransomware

Warlock ransomware exploits unpatched Microsoft SharePoint vulnerabilities to gain access, escalate privileges, steal credentials, move laterally, and deploy ransomware with data exfiltration across enterprise environments.

---

Fonte: Leia a matéria original

Leadership, Innovation, and the Future of AI: Lessons from Trend Micro CEO & Co-Founder Eva Chen

Discover how AI is reshaping cybersecurity through our CEO, Eva Chen’s industry briefing series. Gain practical strategies, real-world insights, and a clear roadmap to secure your AI initiatives with confidence.

---

Fonte: Leia a matéria original

Trend Vision One Integrates Microsoft Defender for Endpoint

Discover how Trend Vision One integrates with Microsoft Defender for Endpoint to unify visibility, close security gaps, and accelerate risk mitigation - maximizing protection without replacing existing tools.

---

Fonte: Leia a matéria original