Track East Asia cyber, AI, cloud, and infrastructure risk before it becomes an incident.
Taiwan's TWCERT/CC has disclosed two high-severity security vulnerabilities affecting SunNet's Corporate Training Management System (CTMS) and Corporate Appraisal Performance System (CAPS). These flaws include a SQL injection vulnerability and an arbitrary file upload weakness that could lead to full system compromise. Read more
Adobe released its May routine security updates addressing 52 vulnerabilities across 10 application systems, with a particular emphasis on critical patches for the Adobe Commerce (Magento) e-commerce platform and high-risk flaws in Adobe Connect. Read more
TWCERT/CC published a Taiwan Vulnerability Note (TVN-202604004) for two vulnerabilities affecting Yuqi Digital Technology’s a+HRD product in versions 7.1 and earlier. The issues—SQL injection (CVE-2026-6833) and missing authorization (CVE-2026-6834)—could allow an authenticated remote attacker to read database contents. TWCERT/CC advises upgrading to a patched release referenced by the vendor’s security notice. Read more
Taiwan’s TWCERT/CC published a vulnerability note for an insecure deserialization flaw in Gigabyte Control Center’s Performance Library component. The issue (CVE-2026-4416, CVSS 7.8 High) could allow a locally authenticated attacker to send a crafted serialized payload to the EasyTuneEngine service and escalate privileges. Gigabyte’s advised fix is to update Performance Library to version 25.12.31.01 or later. Read more
Taiwan’s TWCERT/CC disclosed two high-severity vulnerabilities affecting ThreatSonar Anti-Ransomware versions earlier than 4.0.0: an arbitrary file deletion issue via path traversal (CVE-2026-5966) and a privilege escalation flaw enabling OS command injection executed as root (CVE-2026-5967). Both issues require authentication and specific operational access (web or shell). TWCERT/CC recommends installing the vendor patch identified as version 20260302. Read more
TWCERT/CC published TVN-202604003 detailing two vulnerabilities in Openfind’s MailGates/MailAudit email security/audit products. One issue (CVE-2026-6350) is a critical stack-based buffer overflow rated 9.8 that could allow unauthenticated remote code execution. The second (CVE-2026-6351) is a high-severity CRLF injection rated 7.5 that could allow unauthenticated access to system files. Openfind’s technical team reported the issues; updates are available for affected versions. Read more
TWCERT/CC published a critical vulnerability notice for NewSoftOA, an office automation product from NewSoft (力新國際). The issue, tracked as CVE-2026-5965 and TVN-202604008, is an OS command injection flaw with a CVSS 3.1 score of 9.8. TWCERT/CC recommends upgrading to NewSoftOA 10.1.8.3 or later to address the risk. Read more
Taiwan’s national CERT (TWCERT/CC) reports an active social-engineering campaign that combines legitimate Microsoft 365 email accounts, near-typosquat domains, and short-term SSL certificates to bypass email and web defenses. The activity includes two waves: (1) broad phishing emails themed as “Microsoft account abnormal sign-in activity” and (2) targeted spear-phishing that repeatedly sends “Microsoft one-time code” lures to create urgency before delivering an “abnormal sign-in” message. A notable tactic described by TWCERT is URL-pattern-based gating: victims who match attacker-defined URL rules see a customized phishing page that harvests credentials, while non-matching visitors are redirected to a legitimate login page—reducing detection and increasing credibility. Read more
Taiwan’s TWCERT/CC issued an urgent alert citing SecurityScorecard’s STRIKE team research into “Operation WrtHug,” a sustained campaign targeting ASUS small office/home office routers worldwide. The activity is reported to abuse known, publicly disclosed OS command-injection vulnerabilities—including issues referenced alongside CVE-2023-39780—focused on the AiCloud service. TWCERT/CC says compromised routers may be backdoored and incorporated into a large global infected network used for follow-on cyber threat activity and espionage, with STRIKE reporting identification of more than 50,000 infected IP devices over the past six months. The advisory urges immediate firmware updates, replacement of end-of-life (EoL) models that cannot be patched, and consultation of ASUS product security advisories for official mitigation steps. Read more
Taiwan’s TWCERT/CC is urging organizations to urgently patch a high-severity Windows Server Update Services (WSUS) vulnerability, CVE-2025-59287 (CVSS 9.8), after U.S. CISA added it to the Known Exploited Vulnerabilities (KEV) catalog and Dutch NCSC-NL also confirmed real-world exploitation. The flaw enables unauthenticated remote code execution as SYSTEM via a deserialization trigger, but only impacts Windows Server systems where the WSUS server role is enabled. TWCERT/CC also cited Huntress reporting attacker scanning for exposed WSUS ports 8530/8531 and delivering malicious requests, with post-exploitation activity potentially involving PowerShell-based payload execution and data discovery/exfiltration. Read more