AI Security, Cloud Security, Incidents & Breaches, Vulnerability Intelligence

A Practical Workflow for Minimum fields to capture for a CVE watchlist entry

A Practical Workflow for Minimum fields to capture for a CVE watchlist entry helps security, cloud, and supplier-risk teams keep an East Asia cyber or AI-risk signal under review when there is no fresh publish-ready news item. It explains how to preserve the original link, separate visible evidence from assumptions, and route unclear findings without inventing unsupported claims.

Read more

AI Security, Cloud Security, Incidents & Breaches, Vulnerability Intelligence

A Practical Workflow for Use the CISA KEV catalog to build an East Asia supplier patch watchlist

A Practical Workflow for Use the CISA KEV catalog to build an East Asia supplier patch watchlist helps security, cloud, and supplier-risk teams keep an East Asia cyber or AI-risk signal under review when there is no fresh publish-ready news item. It explains how to preserve the original link, separate visible evidence from assumptions, and route unclear findings without inventing unsupported claims.

Read more

AI Security, Cloud Security, Incidents & Breaches, Vulnerability Intelligence

A Practical Workflow for How to score East Asia public signals before writing an article

A Practical Workflow for How to score East Asia public signals before writing an article helps security, cloud, and supplier-risk teams keep an East Asia cyber or AI-risk signal under review when there is no fresh publish-ready news item. It explains how to preserve the original link, separate visible evidence from assumptions, and route unclear findings without inventing unsupported claims.

Read more

AI Security, Cloud Security, Incidents & Breaches, Vulnerability Intelligence

A Practical Workflow for Build a supplier-risk question set from East Asia public records

A Practical Workflow for Build a supplier-risk question set from East Asia public records helps security, cloud, and supplier-risk teams keep an East Asia cyber or AI-risk signal under review when there is no fresh publish-ready news item. It explains how to preserve the original link, separate visible evidence from assumptions, and route unclear findings without inventing unsupported claims.

Read more

AI Security, Cloud Security, Incidents & Breaches, Vulnerability Intelligence

A Practical Workflow for Critical-infrastructure signals worth adding to a regional risk brief

A Practical Workflow for Critical-infrastructure signals worth adding to a regional risk brief helps security, cloud, and supplier-risk teams keep an East Asia cyber or AI-risk signal under review when there is no fresh publish-ready news item. It explains how to preserve the original link, separate visible evidence from assumptions, and route unclear findings without inventing unsupported claims.

Read more

Cloud Security, Identity & Governance, Security Operations, Vulnerability Intelligence

GovCERT.HK Issues High Threat Alert for Linux Kernel Privilege Escalation Flaws

GovCERT.HK has issued a High Threat Security Alert (A26-06-45) for two elevation-of-privilege vulnerabilities in the Linux kernel—DirtyClone (CVE-2026-43503) and pedit COW (CVE-2026-46331)—with public PoC exploits available, allowing local unprivileged users to gain root access on affected systems.

Read more

Cloud Security, Incidents & Breaches, Security Operations, Vulnerability Intelligence

Active Exploitation of Oracle E-Business Suite CVE-2026-46817 Highlights Critical Patch Delay Risks

Attackers are actively exploiting CVE-2026-46817, a critical unauthenticated remote code execution flaw in Oracle E-Business Suite’s Payments module, with Defused observing real-world exploitation over the weekend and Shadowserver tracking over 450 exposed instances globally. Oracle patched the vulnerability in its May 2026 CPU but warns unpatched systems remain at risk.

Read more

Cloud Security, Incidents & Breaches, Security Operations, Vulnerability Intelligence

Nissan Employee Data Breach Highlights Systemic Risk in Oracle PeopleSoft in Oracle PeopleSoft Zero-Day Campaign

Nissan disclosed a data breach affecting current and former employees across North and South America after threat actors exploited CVE-2026-35273, a zero-day vulnerability in Oracle PeopleSoft PeopleTools, in a campaign linked to ShinyHunters that compromised over 300 instances across 100 organizations, primarily in education, between May 27 and June 9, 2026.

Read more

AI Security, Cloud Security, Incidents & Breaches, Vulnerability Intelligence

AhnLab Details May 2026 Korean APT Campaigns Using LNK Files and Living-off-the-Land Techniques

AhnLab’s May 2026 report identifies spear phishing with malicious LNK files as the dominant APT infection vector in South Korea, detailing six attack types that abuse PowerShell, curl.exe, and legitimate Windows tools to deploy info-stealers, keyloggers, and backdoors via GitHub and Google Drive, while also noting CHM and JSE-based variants using regsvr32 and certutil for evasion.

Read more

Cloud Security, Incidents & Breaches, Security Operations, Vulnerability Intelligence

DirtyClone Linux Kernel Flaw Enables Root Escalation via Cloned Network Packets

CVE-2026-43503 (CVSS 8.8) allows local users to gain root by corrupting file-backed memory through cloned network packets, exploiting a missing shared-frag flag in kernel packet handling. The flaw affects multi-tenant systems where unprivileged namespaces are enabled, including CI runners and Kubernetes clusters. A patch was merged in Linux v7.1-rc5 on May 21, 2026.

Read more