Trump’s sanctions on ICC prosecutor have halted tribunal’s work

The International Criminal Court’s chief prosecutor has lost access to his email, and his bank accounts have been frozen. The Hague-based court’s American staffers have been told that if they travel to the U.S. they risk arrest. Some non-governmental organizations Read More …

ZDI-23-1527 and ZDI-23-1528: The Potential Impact of Overly Permissive SAS Tokens on PC Manager Supply Chains

In this blog entry, Trend Micro researchers look at overly permissive cloud service credentials in Microsoft’s public-facing assets and assess their potential implications on software supply chain and software integrity. We do this by exploring two scenarios involving PC Manager, Read More …

Patch Tuesday – April 2025

Microsoft is addressing 121 vulnerabilities this April 2025 Patch Tuesday, which is more than twice as many as last month. Microsoft has evidence of in-the-wild exploitation for just one of the vulnerabilities published today, which is already reflected in CISA Read More …

A Deep Dive into Water Gamayun’s Arsenal and Infrastructure

Water Gamayun, a suspected Russian threat actor also known as EncryptHub and Larva-208, has been exploiting the MSC EvilTwin (CVE-2025-26633), a zero-day vulnerability that was patched on March 11. In the first installment of this two-part series, Trend Research discussed Read More …

ZDI-CAN-25373: Windows shortcut exploit abused as Zero-Day in widespread APT campaigns

The Trend Zero Day Initiative threat hunting team identified significant instances of the exploitation of ZDI-CAN-25373 across a variety of campaigns dating back to 2017. The researchers analysis revealed that 11 state-sponsored groups from North Korea, Iran, Russia, and China Read More …

Information Stealer Masquerades as LDAPNightmare (CVE-2024-49113) PoC Exploit

In December 2024, two critical vulnerabilities in Microsoft’s Windows Lightweight Directory Access Protocol (LDAP) were addressed via Microsoft’s monthly Patch Tuesday release. Both vulnerabilities were deemed as highly significant due to the widespread use of LDAP in Windows environments. In Read More …