Track East Asia cyber, AI, cloud, and infrastructure risk before it becomes an incident.
A security bypass vulnerability (CVE-2026-24498) in EFM-Networks ipTIME wireless routers allows unauthorized actors to extract Wi-Fi passwords in plaintext. Impacting multiple models including the T5008 and AX-series, the flaw bypasses internal security controls. Users must update to firmware version 15.27.2 or higher to remediate the risk of local credential theft. Read more
Cisco has released urgent security updates to address significant vulnerabilities in its networking and security product lines. The advisories cover denial-of-service risks in the Crosswork Network Controller and Network Services Orchestrator (NSO), as well as long-standing resource management issues in Cisco Email Security Appliance (ESA) running legacy AsyncOS software. Read more
Palo Alto Networks has released critical security updates addressing CVE-2026-0300, an out-of-bounds write vulnerability in its PAN-OS software. Affecting versions 10.2 through 12.1, the flaw poses significant risks to network infrastructure security. The Korea Internet & Security Agency (KISA) strongly recommends that organizations apply the specific hotfixes and maintenance releases provided to mitigate potential exploitation risks. Read more
Cisco has released critical security patches for Cisco Unity Connection to address vulnerabilities including Path Traversal (CVE-2026-20034) and Server-Side Request Forgery (CVE-2026-20035). These flaws affect versions 12.5 through 15.0, potentially allowing unauthorized system access. Organizations are advised to upgrade to version 15SU4 or 14SU5 to mitigate these infrastructure risks. Read more
Ollama has released a critical security update to address CVE-2026-7482, an out-of-bounds read vulnerability. KISA has issued an advisory recommending that users upgrade to version 0.17.1 or higher. The flaw could allow unauthorized memory access, necessitating immediate patching or temporary mitigation by restricting external API access and rotating keys. Read more
cPanel has released urgent security updates for cPanel & WHM and WP Squared to address three critical vulnerabilities: improper input validation, code injection, and symbolic link following. These flaws affect numerous legacy and current versions, potentially allowing unauthorized system access. Administrators should immediately verify their software versions and apply the recommended patches to mitigate the risk of server compromise. Read more
South Korea's internet security agency, KISA, has issued an urgent advisory regarding highly targeted smishing attacks. Cybercriminals are using stolen data from hacked travel platforms, such as accommodation reservation details, to impersonate hotel staff. These attacks aim to deceive travelers into entering credit card information on fraudulent sites to avoid supposed booking cancellations, posing significant secondary financial risk. Read more
Japanese enterprises are increasingly deploying Generative AI to train Gen Z new hires, utilizing AI avatars for customer service role-play and accelerated system development. While these tools improve operational efficiency and reduce psychological barriers for digital-native employees, companies are simultaneously intensifying information literacy training to mitigate risks associated with AI-generated hallucinations and data security. Read more
Benchmarking data released in May 2026 shows that processing Japanese text remains roughly 1.5 times more expensive than English across major LLMs due to tokenization inefficiencies. While Claude Opus 4.7 has improved relative language parity, most models still impose a significant overhead for East Asian scripts, impacting operational budgets and context window utilization for global enterprises. Read more
Trend Micro has launched 'TrendAI,' a new corporate brand integrating Anthropic’s Claude models into its Vision One platform. The partnership aims to shift cybersecurity from reactive 'If/Else' logic to autonomous AI agents capable of prioritizing threats and automating incident response. This initiative addresses the escalating speed of AI-driven attacks by providing high-speed governance and automated reporting. Read more