Track East Asia cyber, AI, cloud, and infrastructure risk before it becomes an incident.
Governance, risk, and AI platform teams can use Nogosee’s East Asia Cyber & AI Risk Tracker to build a structured watchlist by searching, inspecting, and exporting signals related to AI security, model risk, identity, data, and cloud infrastructure across Taiwan, Japan, Korea, and selected Southeast Asian regions. Read more
Governance, risk, and AI platform teams can use Nogosee’s East Asia Cyber & AI Risk Tracker to build a structured watchlist by searching, inspecting, and exporting signals related to AI security, model risk, identity, data, and cloud infrastructure across Taiwan, Japan, Korea, and selected Southeast Asian regions. Read more
Use the SLSA framework to evaluate supplier build integrity through neutral questions on provenance, signing, reproducibility, dependency pinning, and evidence artifacts—without accepting marketing claims as proof. This checklist supports East Asia-facing security, cloud, and supply-chain teams in verifying supplier assertions. Read more
Organizations can transform Korea KISA/KrCERT vulnerability notices into an auditable internal patch-SLA workflow by establishing clear triage steps, ownership rules, severity interpretation, exception tracking, and integration with existing vulnerability management systems—without imposing rigid thresholds or inventing unsupported procedures. Read more
This practical tutorial guides security teams in using the CISA Known Exploited Vulnerabilities (KEV) catalog to create a focused, actionable patch watchlist for East Asia-based suppliers. It outlines steps to map KEVs to supplier software inventories, assign ownership, set flexible escalation thresholds, and maintain evidence records—without relying on numeric thresholds or rigid schedules. Read more
ASEC’s Ransom & Dark Web Issues report for week 3 of May 2026 details a ransomware attack on South Korean cosmetics firm Nova, alleged data leakage from an open-source visualization platform attributed to CoinbaseCartel, and claimed source-code theft and sale from a developer platform by TeamPCP, based on AhnLab TIP monitoring. Read more
The paper proposes a novel approach to decentralize federated learning using blockchain technology and multi-task peer prediction to address the computational burden of contribution measurement on blockchain systems. It leverages smart contracts and cryptocurrencies to incentivize honest participation in AI training. Read more
Microsoft issued a mitigation for CVE-2026-45585 (YellowKey), a zero-day BitLocker bypass allowing physical-access attackers to trigger an unrestricted shell in WinRE via USB-delivered FsTx files and CTRL key input. The flaw affects Windows 11 versions 24H2, 25H2, 26H1 and Windows Server 2025, revealing a critical limitation in TPM-only encryption that requires multi-factor pre-boot authentication to fully mitigate. Read more
Governance, risk, and AI platform teams can use Nogosee’s East Asia Cyber & AI Risk Tracker to build a structured watchlist for monitoring AI security signals across Taiwan, Japan, Korea, China, Singapore, Philippines, and Thailand. This workflow outlines repeatable steps for signal discovery, filtering, validation, and operational use—without relying on breaking news or speculative thresholds. Read more
MolTrust implements a production trust infrastructure for autonomous AI agents using W3C Verifiable Credentials and DIDs, with 69,000 bots processing 165 million transactions worth $50M USDC on Base Layer 2 since March 2026, featuring kernel-level authorization enforcement and cross-protocol interoperability. Read more