Track East Asia cyber, AI, cloud, and infrastructure risk before it becomes an incident.
Google's Threat Intelligence Group (GTIG) has reported the first observed instances of hackers using AI to discover zero-day vulnerabilities and generate exploit tools for large-scale attacks. The activity involved several notorious hacking groups collaborating to bypass two-factor authentication (2FA) in open-source network management tools. Read more
At the 2026 CYBERSEC Taiwan conference, high-tech manufacturer Wistron revealed how its security operations center (SOC) successfully integrated generative AI to reduce incident analysis time from 15 minutes to 1 minute and overall response times from hours to under 10 minutes, achieving a 97.5% accuracy rate in threat detection. Read more
Security researchers have identified a new cloud-native malware framework, PCPJack, which specializes in credential theft across Docker, Kubernetes, and Redis environments. Uniquely, the framework actively removes tools associated with the TeamPCP (PCPcat) threat group, suggesting a possible internal rift or turf war over compromised cloud assets. Read more
Taiwan's Financial Supervisory Commission (FSC) has announced a new roadmap for financial cybersecurity resilience, focusing on the 'AI Vulnerability Storm' and the transition to Post-Quantum Cryptography (PQC). The commission is set to release a formal PQC migration guide to prepare the industry for 'Y2Q' risks by 2029. Read more
Coupang Taiwan has announced a strategic partnership with HackerOne to launch the nation's first public bug bounty program, marking a significant shift toward open security validation following a 2025 data breach that impacted 200,000 Taiwanese customers. Read more
TWCERT/CC published a TVN advisory for a critical stack-based buffer overflow in ShangShang Technology’s EHG2408 series Ethernet switches. The flaw (CVE-2026-3823, CVSS 9.8) is reachable over the network without authentication and could allow remote attackers to hijack execution flow and run arbitrary code. Affected users are advised to upgrade to firmware v3.36 or later. Read more
Taiwan’s TWCERT/CC published a high-severity vulnerability notice for the D-Link DWM-222W Wi‑Fi 6 USB mobile network adapter/modem. The issue allows an unauthenticated attacker on the same network domain to bypass login attempt limits, enabling brute-force attempts that could lead to device control. D-Link firmware 1.02.00 and later is listed as the fix. Read more
TWCERT/CC published a Taiwan Vulnerability Note (TVN-202604011) detailing two vulnerabilities affecting Herlin Digital Technology’s AVACAST for Windows versions 5.10.10.43 and earlier. The issues—DLL hijacking (CVE-2026-7279, CVSS 7.8 High) and an unquoted service path (CVE-2026-7280, CVSS 6.7 Medium)—could allow authenticated local attackers (and in the second case, a local admin) to execute code with SYSTEM privileges. TWCERT/CC recommends updating to AVACAST 5.10.10.45 or later. Read more
Taiwan's TWCERT/CC has disclosed two high-severity security vulnerabilities affecting SunNet's Corporate Training Management System (CTMS) and Corporate Appraisal Performance System (CAPS). These flaws include a SQL injection vulnerability and an arbitrary file upload weakness that could lead to full system compromise. Read more
TWCERT/CC published a Taiwan Vulnerability Note (TVN-202603007) describing two high-severity vulnerabilities affecting Galaxia Information’s Vitals ESP up to and including version 6.3. One issue could allow an authenticated remote attacker to perform some admin functions and escalate privileges (CVE-2026-4639, CVSS 8.8). The other could allow an unauthenticated remote attacker to access some functions and obtain sensitive information (CVE-2026-4640, CVSS 7.5). TWCERT/CC advises customers to contact the vendor for a patch. Read more