Track East Asia cyber, AI, cloud, and infrastructure risk before it becomes an incident.
In Week 4 of April 2026, ShinyHunters claimed responsibility for data breaches targeting a major U.S. convenience store chain and a U.S. software development firm, while a new data extortion group, Prinz Eugen, emerged on the dark web, according to ASEC Blog. Read more
A targeted cyber-espionage campaign attributed to the Iran-linked MuddyWater group successfully breached a major South Korean electronics manufacturer in early 2026. The operation utilized DLL sideloading and legitimate service abuse to conduct industrial reconnaissance and credential theft, signaling a shift toward more operationally mature and quiet attacks against high-value East Asian industrial targets. Read more
Monitor JPCERT/CC alerts as a primary source for Japanese enterprise and infrastructure risk, focusing on vendor advisories, exploitation signals, and exposure relevant to global security teams. This evergreen playbook outlines how to use the official JPCERT/CC RSS feed for continuous monitoring without treating it as breaking news. Read more
AhnLab SEcurity intelligence Center (ASEC) reports persistent targeting of Windows-based IIS and Apache Tomcat servers in Q1 2026. Attackers, notably the Larva-26001 threat actor, utilize web shell command execution, privilege escalation exploits like JuicyPotato, and port-forwarding tools to seize control of infected systems through RDP-mediated access and internal network lateral movement. Read more
ASEC’s analysis of ASD logs for Q1 2026 shows persistent attacks on Windows-based MS-SQL and MySQL servers, with a temporary decline in February followed by a March rebound. The Larva-26002 threat actor was observed deploying the Go-written ICE Cloud scanner via BCP exploitation on mismanaged MS-SQL systems, continuing prior use of Trigona and Mimic ransomware. Turkish-language strings in the scanner align with earlier Mimic campaigns. Primary vectors include brute force, dictionary attacks, and exploitation of weak or misconfigured accounts due to poor administrative hygiene. Read more
KISA and KrCERT/CC have identified a high-severity arbitrary file download vulnerability in Tagfree X-Free Uploader. Designated as CVE-2025-29865, the flaw stems from insufficient validation of server communication parameters. If exploited, attackers could leak sensitive information or download arbitrary files. Users are urged to update to XFU versions 1.0.1.0085 or 2.0.1.0035. Read more
A high-severity vulnerability (CVE-2025-29866) has been identified in Tagfree's X-Free Uploader, allowing unauthorized attackers to delete arbitrary files. With a CVSS score of 8.8, this improper privilege validation flaw enables data tampering and system disruption. South Korea's KISA recommends immediate patching to versions 1.0.1.0085 or 2.0.1.0035 to mitigate operational risks. Read more
Palo Alto Networks has released critical security updates addressing CVE-2026-0300, an out-of-bounds write vulnerability in its PAN-OS software. Affecting versions 10.2 through 12.1, the flaw poses significant risks to network infrastructure security. The Korea Internet & Security Agency (KISA) strongly recommends that organizations apply the specific hotfixes and maintenance releases provided to mitigate potential exploitation risks. Read more
Cisco has released critical security patches for Cisco Unity Connection to address vulnerabilities including Path Traversal (CVE-2026-20034) and Server-Side Request Forgery (CVE-2026-20035). These flaws affect versions 12.5 through 15.0, potentially allowing unauthorized system access. Organizations are advised to upgrade to version 15SU4 or 14SU5 to mitigate these infrastructure risks. Read more
Ollama has released a critical security update to address CVE-2026-7482, an out-of-bounds read vulnerability. KISA has issued an advisory recommending that users upgrade to version 0.17.1 or higher. The flaw could allow unauthorized memory access, necessitating immediate patching or temporary mitigation by restricting external API access and rotating keys. Read more