Trend Micro warns of Apex One zero-day exploited in the wild
Trend Micro has released a security update to address a zero-day vulnerability in its Apex One endpoint protection software. The vulnerability, tracked as CVE-2026-XXXX, was exploited in the wild in targeted attacks against Windows systems. According to Trend Micro, the flaw could allow an attacker to execute arbitrary code with elevated privileges. The company did not disclose specific details about the attacks or the number of affected users. Trend Micro recommends that all Apex One customers apply the latest patch as soon as possible. The update is available through the Trend Micro update mechanism. This is the second zero-day vulnerability addressed by Trend Micro in recent months, highlighting the ongoing threat landscape.
Developers using Apex One must patch immediately to prevent remote code execution.