Track East Asia cyber, AI, cloud, and infrastructure risk before it becomes an incident.
Researchers developed TWGuard, an LLM safety guardrail optimized for the Taiwan linguistic context, achieving a +0.289 F1 gain over foundation models and a 94.9% reduction in false positive rate compared to the strongest baseline, demonstrating the value of linguistic context in AI safety. Read more
A new research paper argues that current AI safety case methodologies lack rigor by over-relying on alignment community approaches instead of established safety assurance practices from aerospace, nuclear, and automotive sectors, proposing a stronger framework grounded in decades of safety-critical system validation. Read more
A research study identified over 1.2 million exposed Thai National Identification Numbers via search engines, with most originating from government websites, highlighting systemic data protection failures in public sector digital systems. Read more
Global security teams can monitor Japanese product vulnerabilities and supplier risk by using the JVN feed as a primary source. This guide outlines concrete steps for tracking exposure, assessing patch urgency, and managing cross-border risk without requiring numeric thresholds or fixed review cadences. Read more
Fujitsu Japan's Musetheque V4 Information Disclosure for IPKNOWLEDGE contains multiple vulnerabilities, including XSS (CVE-2026-24662) and CSRF (CVE-2026-28761), allowing attackers to execute arbitrary scripts or perform unintended actions via crafted files or pages when users are logged in. Fixes are available in revision rev2603.1. Read more
Experts at Taiwan Cybersecurity Conference highlight that the greatest obstacle in multinational cybersecurity governance is not technology, but cultural and cognitive misalignment across teams, requiring deliberate alignment on risk understanding, roles, and communication to overcome interpretation gaps and differing workplace norms. Read more
In April 2026, Trojan malware accounted for 47% of phishing email attachments in South Korea, followed by phishing payloads at 39%, according to ASEC analysis. Attackers used social engineering lures like fake tax invoices and logistics notifications, with Trojans often delivered via double-extension files and phishing via HTML spoofs. The share of phishing malware rose from 21% to 39% month-over-month. Read more
A research paper reports that more than 1.2 million Thai National Identification Numbers were exposed through pages indexed by search engines. This Nogosee research digest translates the paper abstract into English context, links the full paper, and explains the operational relevance for privacy, identity, government web governance, and East Asia risk monitoring. Read more
In March 2026, a Japanese automaker suffered a personal data breach via unauthorized external access, while INC Ransom targeted a South Korean steel manufacturer in a ransomware attack. Simultaneously, the administrator of the LeakBase dark web forum was arrested in Russia. These incidents underscore ongoing cyber risks to manufacturing sectors in Japan and South Korea, with implications for supply chain security and threat actor infrastructure disruption. Read more
ASEC reports three new ransomware variants—TiMC, BlackWater, and Lamashtu—alongside NoName05716’s claimed DDoS attacks on South Korean public and private entities and the VECT·TeamPCP campaign targeting a Dutch travel booking platform via social engineering. Read more