VulnHub

Real-time Cybersecurity News

Articles tagged "Trend Micro"

Found 6 articles

China-Linked Hackers Have Used the PeckBirdy JavaScript C2 Framework Since 2023

The Hacker News

Actively Exploited

Cybersecurity researchers have identified a JavaScript-based command-and-control framework named PeckBirdy, which has been utilized by China-aligned hackers since 2023. This framework has primarily targeted the Chinese gambling industry, as well as various Asian government entities and private organizations. Trend Micro reports that the flexibility of PeckBirdy allows these attackers to adapt their methods for different environments. The use of such sophisticated tools raises concerns about the security of critical sectors, especially in regions where these attacks are focused. It's crucial for organizations in the affected areas to enhance their security measures to defend against these ongoing threats.

Impact: Chinese gambling industry, Asian government entities, private organizations
Remediation: Organizations should enhance security measures and monitor for unusual activity related to PeckBirdy. Regular updates and employee training on phishing and other attack vectors are recommended.
APTCritical
Read Original
Trend Micro fixed a remote code execution in Apex Central

Security Affairs

Trend Micro has addressed three vulnerabilities in its Apex Central management console that could potentially allow attackers to execute remote code or launch denial-of-service attacks. These flaws, identified as CVE-2025-69258, CVE-2025-69259, and CVE-2025-69260, were discovered by security researchers from Tenable in August 2025. The vulnerabilities were made public after Tenable released proof-of-concept code, which could enable malicious actors to exploit the weaknesses. Organizations using Apex Central should apply the patches provided by Trend Micro to prevent potential attacks. It is crucial for users to ensure their systems are updated to mitigate any risks associated with these vulnerabilities.

Impact: Trend Micro Apex Central management console (specific versions not mentioned)
Remediation: Trend Micro has released patches for CVE-2025-69258, CVE-2025-69259, and CVE-2025-69260. Users should apply these patches to secure their systems.
CVEExploit
Read Original
Trend Micro Patches Critical Code Execution Flaw in Apex Central

SecurityWeek

Trend Micro has released patches for a significant code execution vulnerability in its Apex Central product. This flaw could allow attackers to execute arbitrary code, putting systems at risk. Tenable has since provided proof-of-concept code and technical details, which could assist malicious actors in exploiting the vulnerability if users do not update their systems promptly. Companies using Apex Central need to apply the patches to protect their networks from potential attacks. The urgency of this update is underscored by the fact that vulnerabilities of this nature can lead to serious breaches if left unaddressed.

Impact: Apex Central
Remediation: Patches available from Trend Micro for the vulnerabilities in Apex Central.
VulnerabilityUpdateCriticalPatch
Read Original
Trend Micro warns of critical Apex Central RCE vulnerability

BleepingComputer

Trend Micro has addressed a serious vulnerability in its Apex Central software, which is used for centralized management of security solutions. This flaw could allow attackers to run arbitrary code with SYSTEM privileges, potentially giving them full control over affected systems. The vulnerability affects the on-premise version of Apex Central, putting companies that rely on this tool at risk. Users are advised to apply the latest patches immediately to protect their systems from potential exploitation. This incident underscores the need for regular updates and vigilance in cybersecurity practices.

Impact: Trend Micro Apex Central (on-premise)
Remediation: Users should apply the latest patches provided by Trend Micro to mitigate the vulnerability.
VulnerabilityRCECriticalPatch
Read Original
PoC released for unauthenticated RCE in Trend Micro Apex Central (CVE-2025-69258)

Help Net Security

CVE-2025-69258

Trend Micro has issued a critical patch addressing multiple vulnerabilities in its Apex Central management platform, specifically focusing on CVE-2025-69258. This flaw allows unauthenticated attackers to execute arbitrary code on affected installations, posing a significant risk to organizations using this software. The vulnerabilities were discovered by Tenable's security researchers last year and have now been detailed publicly alongside proof-of-concept exploits. Companies relying on Apex Central for IT and security management should prioritize applying the patch to protect their systems from potential exploitation. This incident underscores the importance of timely updates in maintaining cybersecurity defenses.

Impact: Trend Micro Apex Central (on-premise)
Remediation: Trend Micro has released a critical patch to address the vulnerabilities. Users should immediately update their installations of Apex Central to the latest version as specified by Trend Micro.
CVEPatchRCECriticalVulnerability
Read Original
Emerson Appleton UPSMON-PRO

All CISA Advisories

The Emerson Appleton UPSMON-PRO vulnerability, identified as CVE-2024-3871, is a stack-based buffer overflow that could allow remote attackers to execute arbitrary code with SYSTEM privileges. This critical vulnerability, with a CVSS v4 score of 9.3, affects versions 2.6 and prior of the product, which is now End of Life and unsupported, necessitating immediate action from users.

Impact: Affected products include Emerson Appleton UPSMON-PRO versions 2.6 and prior. The vulnerability could affect critical infrastructure sectors such as Critical Manufacturing, Healthcare, and Public Health worldwide.
Remediation: Users are recommended to replace the Appleton UPSMON-PRO product or apply the following mitigations: block UDP port 2601 at the firewall level for all installations, isolate UPS monitoring networks from general corporate networks, implement network-level packet filtering to reject oversized UDP packets to port 2601, and monitor for UPSMONProSer.exe service crashes. Long-term strategies include replacing UPSMON-PRO with an actively supported UPS monitoring solution and implementing defense-in-depth strategies for critical power infrastructure monitoring.
CVEVulnerabilityUpdateCritical
Read Original