Attackers Exploit Critical Trend Micro Apex One Zero-Day Flaw

Two critical zero-day vulnerabilities, CVE-2025-54948 and CVE-2025-54987, affect Trend Micro’s Apex One Management Console, allowing attackers to execute arbitrary code. While cloud-based products have been patched, an on-premises patch is expected in mid-August. Organizations are advised to apply available updates and review remote access to critical systems.