Track East Asia cyber, AI, cloud, and infrastructure risk before it becomes an incident.
ASEC's Ransom & Dark Web Issues Week 2, June 2026 report documents Black X ransomware targeting Korean and U.S. organizations, a data leak from a South Korean education platform on BreachForums by threat actor Hasan, and exposure of French government messaging data on PwnForums, highlighting cross-sector dark web activity. Read more
Microsoft patched nearly 200 vulnerabilities in June 2026 Patch Tuesday, including three dozen critical flaws and three actively exploited zero-days, signaling a new norm in AI-assisted vulnerability discovery with global implications for security teams. Read more
A Practical Workflow for Japan supplier cyber risk review for cloud and SaaS teams helps security, cloud, and supplier-risk teams keep an East Asia cyber or AI-risk signal under review when there is no fresh publish-ready news item. It explains how to preserve the original link, separate visible evidence from assumptions, and route unclear findings without inventing unsupported claims. Read more
A Practical Workflow for How to decide whether a Taiwan CERT vulnerability matters to your company helps security, cloud, and supplier-risk teams keep an East Asia cyber or AI-risk signal under review when there is no fresh publish-ready news item. It explains how to preserve the original link, separate visible evidence from assumptions, and route unclear findings without inventing unsupported claims. Read more
KISA and KrCERT/CC issued a June 10, 2026 advisory urging Korean organizations to apply Microsoft's June security updates addressing 17 vulnerabilities rated Critical or Important, including 11 Critical flaws enabling privilege escalation and remote code execution across Windows, Office, Azure, and SharePoint platforms. Read more
A Practical Workflow for How to triage a JPCERT/CC alert in 10 minutes helps security, cloud, and supplier-risk teams keep an East Asia cyber or AI-risk signal under review when there is no fresh publish-ready news item. It explains how to preserve the original link, separate visible evidence from assumptions, and route unclear findings without inventing unsupported claims. Read more
A Practical Workflow for Using TWCERT/CC security news as an early-warning signal for Taiwan cyber risk helps security, cloud, and supplier-risk teams keep an East Asia cyber or AI-risk signal under review when there is no fresh publish-ready news item. It explains how to preserve the original link, separate visible evidence from assumptions, and route unclear findings without inventing unsupported claims. Read more
A Practical Workflow for Monitoring TWCERT/CC vulnerability notes for Taiwan supply-chain exposure helps security, cloud, and supplier-risk teams keep an East Asia cyber or AI-risk signal under review when there is no fresh publish-ready news item. It explains how to preserve the original link, separate visible evidence from assumptions, and route unclear findings without inventing unsupported claims. Read more
Oracle has released emergency mitigations for CVE-2026-35273, a critical unauthenticated remote code execution zero-day in PeopleSoft PeopleTools versions 8.61 and 8.62, actively exploited by the ShinyHunters extortion gang in data theft attacks targeting over 100 organizations, primarily in the U.S. education sector. Mandiant confirmed the exploitation chain involving staging servers, MeshCentral agents, and data exfiltration to ShinyHunters-linked infrastructure, with 68 percent of victims in higher education. Read more
A Practical Workflow for Using TWCERT/CC security news (English) as an early-warning feed for Taiwan IT risk helps security, cloud, and supplier-risk teams keep an East Asia cyber or AI-risk signal under review when there is no fresh publish-ready news item. It explains how to preserve the original link, separate visible evidence from assumptions, and route unclear findings without inventing unsupported claims. Read more