Warlock continues to enhance its attack chain with new tactics to improve persistence, lateral movement, and defense evasion using an expanded toolset: TightVNC Yuze, and a persistent BYOVD technique leveraging the NSec driver.

Our analysis of an active KongTuke campaign deploying modeloRAT — malware capable of reconnaissance, command execution, and persistent access — through compromised WordPress sites and fake CAPTCHA lures shows that the group still operates this delivery chain in parallel with the newer CrashFix technique.

Learn about OpenClaw (a sovereign agent) and how this can be viable for enterprises.

At [un]prompted 2026, TrendAI™ demonstrated how documents can be used to exploit AI-driven KYC pipelines and introduced FENRIR, an automated system for discovering AI vulnerabilities at scale.

The BoryptGrab campaign uses fake SEO‑optimized GitHub repositories and deceptive download pages to distribute a data‑stealing malware family that delivers multiple payloads, including a reverse SSH backdoor, to Windows users.

Learn how Claude Code Security set Cybersecurity stocks on fire.

Learn how Claude Code Security set Cybersecurity stocks on fire.

Malicious OpenClaw skills trick AI agents and users into installing a new AMOS variant that steals extensive data at scale.

We uncover how a campaign used Atlassian Jira Cloud to launch automated and targeted spam campaigns, exploiting trusted SaaS workflows to bypass security controls.

Discover why Government and Education must prioritize Cyber Risk Management.

OpenClaw (aka Clawdbot or Moltbot) represents a new frontier in agentic AI: powerful, highly autonomous, and surprisingly easy to use. In this research, we examine how its capabilities compare to its predecessors’ and highlight the security risks inherent to the agentic AI paradigm.

Discover how the TrendAI Vision One and SentinelOne integration exemplifies our commitment to endpoint flexibility.