Posted on Cloud Security Identity & Governance Incidents & Breaches Security Operations

Ransomware group “Nitrogen” claims Foxconn breach with 8TB of alleged internal data, raising supply-chain exposure questions

Taiwan’s iThome reports that ransomware operators using the “Nitrogen” name have listed Foxconn (Hon Hai Precision Industry) as a victim on a dark-web leak site, claiming they stole 8TB of data comprising about 11 million files. The actors allege the haul includes confidential orders, projects, and design sketches tied to multiple technology companies, but the report notes those partner references are not yet independently verified. The disclosure follows a widely reported early-May IT outage at Foxconn’s U.S. Wisconsin campus; Foxconn confirmed an “IT network issue” and later stated that production operations at affected North American sites remained normal after response actions were initiated. Read more

Posted on AI Infrastructure Risk Identity & Governance Incidents & Breaches Vulnerability Intelligence

Taiwan CERT warns of two local privilege escalation flaws in AVACAST for Windows (CVE-2026-7279, CVE-2026-7280)

TWCERT/CC published a Taiwan Vulnerability Note (TVN-202604011) detailing two vulnerabilities affecting Herlin Digital Technology’s AVACAST for Windows versions 5.10.10.43 and earlier. The issues—DLL hijacking (CVE-2026-7279, CVSS 7.8 High) and an unquoted service path (CVE-2026-7280, CVSS 6.7 Medium)—could allow authenticated local attackers (and in the second case, a local admin) to execute code with SYSTEM privileges. TWCERT/CC recommends updating to AVACAST 5.10.10.45 or later. Read more

Posted on Cloud Security Identity & Governance Incidents & Breaches Vulnerability Intelligence

Taiwan CERT warns of critical unauthenticated API flaw in GCB/FCB government-finance security audit software (CVE-2026-4312)

TWCERT/CC disclosed a critical “Missing Authentication” vulnerability in Chunghwa Long Network’s GCB/FCB government/financial cybersecurity configuration audit software. The issue allows a remote, unauthenticated attacker to use an API function to create a new administrator-privileged account. Affected deployments are versions prior to 20260108; users are advised to upgrade to 20260108 or later. Read more

Posted on AI Security Cloud Security Incidents & Breaches Vulnerability Intelligence

Microsoft May 2026 Patch Tuesday: 137 Microsoft CVEs disclosed; 13 flagged as likely exploitation targets

Microsoft’s May 12, 2026 Patch Tuesday release disclosed 137 CVEs across Microsoft products (down from 165 the prior month, per iThome). Including third‑party component fixes Microsoft shipped, the total reaches 265 vulnerabilities. iThome highlights 13 vulnerabilities Microsoft assessed as more likely to be targeted by attackers; most are elevation-of-privilege issues across Windows components, plus two Word remote code execution bugs. Four of the 13 are rated Critical, and the highest CVSS score called out is 9.1 for a Microsoft Single Sign-On (SSO) plugin used with Jira and Confluence. Read more

Posted on AI Infrastructure Risk Identity & Governance Incidents & Breaches Vulnerability Intelligence

Dual High-Severity Vulnerabilities Identified in SunNet Corporate Training and Performance Management Systems

Taiwan's TWCERT/CC has disclosed two high-severity security vulnerabilities affecting SunNet's Corporate Training Management System (CTMS) and Corporate Appraisal Performance System (CAPS). These flaws include a SQL injection vulnerability and an arbitrary file upload weakness that could lead to full system compromise. Read more

Posted on Cloud Security Incidents & Breaches Security Operations Vulnerability Intelligence

Taiwan CERT warns of two medium-severity a+HRD flaws enabling authenticated database read via SQL injection and missing authorization

TWCERT/CC published a Taiwan Vulnerability Note (TVN-202604004) for two vulnerabilities affecting Yuqi Digital Technology’s a+HRD product in versions 7.1 and earlier. The issues—SQL injection (CVE-2026-6833) and missing authorization (CVE-2026-6834)—could allow an authenticated remote attacker to read database contents. TWCERT/CC advises upgrading to a patched release referenced by the vendor’s security notice. Read more

Posted on AI Infrastructure Risk Identity & Governance Incidents & Breaches Vulnerability Intelligence

TWCERT warns of high-severity insecure deserialization bug in Gigabyte Control Center Performance Library (CVE-2026-4416)

Taiwan’s TWCERT/CC published a vulnerability note for an insecure deserialization flaw in Gigabyte Control Center’s Performance Library component. The issue (CVE-2026-4416, CVSS 7.8 High) could allow a locally authenticated attacker to send a crafted serialized payload to the EasyTuneEngine service and escalate privileges. Gigabyte’s advised fix is to update Performance Library to version 25.12.31.01 or later. Read more

Posted on Cloud Security Incidents & Breaches Security Operations Vulnerability Intelligence

Taiwan CERT warns of two high-severity flaws in ThreatSonar Anti-Ransomware (pre‑4.0.0)

Taiwan’s TWCERT/CC disclosed two high-severity vulnerabilities affecting ThreatSonar Anti-Ransomware versions earlier than 4.0.0: an arbitrary file deletion issue via path traversal (CVE-2026-5966) and a privilege escalation flaw enabling OS command injection executed as root (CVE-2026-5967). Both issues require authentication and specific operational access (web or shell). TWCERT/CC recommends installing the vendor patch identified as version 20260302. Read more

Posted on AI Infrastructure Risk Identity & Governance Incidents & Breaches Vulnerability Intelligence

Taiwan CERT warns of two critical MailGates/MailAudit vulnerabilities enabling unauthenticated RCE and file access

TWCERT/CC published TVN-202604003 detailing two vulnerabilities in Openfind’s MailGates/MailAudit email security/audit products. One issue (CVE-2026-6350) is a critical stack-based buffer overflow rated 9.8 that could allow unauthenticated remote code execution. The second (CVE-2026-6351) is a high-severity CRLF injection rated 7.5 that could allow unauthenticated access to system files. Openfind’s technical team reported the issues; updates are available for affected versions. Read more