Security Operations Archives - Page 6 of 13

May 21, 2026 AI Security Identity & Governance Security Operations Vulnerability Intelligence

YellowKey Exploit Exposes TPM-Only BitLocker Gaps in Modern Windows Systems

Microsoft issued a mitigation for CVE-2026-45585 (YellowKey), a zero-day BitLocker bypass allowing physical-access attackers to trigger an unrestricted shell in WinRE via USB-delivered FsTx files and CTRL key input. The flaw affects Windows 11 versions 24H2, 25H2, 26H1 and Windows Server 2025, revealing a critical limitation in TPM-only encryption that requires multi-factor pre-boot authentication to fully mitigate. Read more

May 21, 2026 AI Security Cloud Security Identity & Governance Security Operations

Build an East Asia AI security watchlist for governance teams using Nogosee’s tracker

Governance, risk, and AI platform teams can use Nogosee’s East Asia Cyber & AI Risk Tracker to build a structured watchlist for monitoring AI security signals across Taiwan, Japan, Korea, China, Singapore, Philippines, and Thailand. This workflow outlines repeatable steps for signal discovery, filtering, validation, and operational use—without relying on breaking news or speculative thresholds. Read more

May 21, 2026 AI Security Cloud Security Incidents & Breaches Security Operations

UK-China Education Partnerships Expose Global Flaw in University Cybersecurity Design

A new arXiv paper reveals that stringent university cybersecurity measures—such as MFA, device compliance, and remote management—disproportionately block international students in UK-China transnational programmes due to time-zone gaps and lack of real-time IT support, exposing a critical flaw in co-located security assumptions. Read more

May 21, 2026 AI Security Cloud Security Security Operations Vulnerability Intelligence

How to Compare Taiwan, Japan, and Korea CERT Signals for One Vendor Using Nogosee’s Public Tracker

This practical tutorial guides security teams through comparing CERT and vulnerability signals across Taiwan, Japan, and Korea for a single vendor using Nogosee's East Asia Cyber & AI Risk Tracker. It provides step-by-step workflow guidance for signal discovery, inspection, and monitoring without implying real-time urgency or inventing unsupported metrics. Read more

May 20, 2026 AI Security Identity & Governance Incidents & Breaches Security Operations

MolTrust: W3C-Verifiable-Credential Trust Infrastructure for Autonomous Agents Deployed at Scale

MolTrust implements a production trust infrastructure for autonomous AI agents using W3C Verifiable Credentials and DIDs, with 69,000 bots processing 165 million transactions worth $50M USDC on Base Layer 2 since March 2026, featuring kernel-level authorization enforcement and cross-protocol interoperability. Read more

May 20, 2026 AI Security Identity & Governance Incidents & Breaches Security Operations

Taiwan Cyber Risk Signal: What Security Teams Should Monitor

Researchers developed TWGuard, an LLM safety guardrail optimized for the Taiwan linguistic context, achieving a +0.289 F1 gain over foundation models and a 94.9% reduction in false positive rate compared to the strongest baseline, demonstrating the value of linguistic context in AI safety. Read more

May 20, 2026 AI Security Identity & Governance Incidents & Breaches Security Operations

Rethinking Frontier AI Safety Cases: Lessons from Safety-Critical Industries

A new research paper argues that current AI safety case methodologies lack rigor by over-relying on alignment community approaches instead of established safety assurance practices from aerospace, nuclear, and automotive sectors, proposing a stronger framework grounded in decades of safety-critical system validation. Read more

May 20, 2026 AI Security Cloud Security Security Operations Vulnerability Intelligence

Weaponization of CVE-2026-42945: NGINX Rewrite Module Vulnerability Under Active Exploitation

A critical security flaw impacting NGINX Plus and NGINX Open Source, tracked as CVE-2026-42945, has transitioned from public disclosure to active exploitation in the wild. The vulnerability is a heap buffer overflow within the ngx_http_rewrite_module that allows unauthenticated attackers to trigger worker process crashes (denial-of-service) or potentially achieve remote code execution (RCE) via crafted HTTP requests. While RCE is largely mitigated by Address Space Layout Randomization (ASLR), honeypot data confirms threat actors are already weaponizing the flaw to disrupt services. This exploitation coincides with a cluster of attacks targeting openDCIM infrastructure management software, reportedly utilizing AI-assisted vulnerability discovery tools. F5 has released patches, and immediate updates are recommended for all NGINX deployments within the affected version range (0.6.27 to 1.30.0). Read more

May 19, 2026May 19, 2026 Cloud Security Incidents & Breaches Security Operations Vulnerability Intelligence

Taiwan April 2026 Public Cyber Signals: Listed-Company Incident Disclosures in Context

Nogosee monitored 13 Taiwan listed-company cyber incident disclosures in April 2026. The cleaned month is incident-only: 13 incident records, 0 governance records, and 0 procurement records. This is a MOPS incident-disclosure snapshot for analyst workflow use, not a complete census of Taiwan cyber activity. Read more

May 19, 2026 AI Security Identity & Governance Incidents & Breaches Security Operations

Thai National ID Exposure Reveals Government Data Governance Gaps

A research study identified over 1.2 million exposed Thai National Identification Numbers via search engines, with most originating from government websites, highlighting systemic data protection failures in public sector digital systems. Read more