Track East Asia cyber, AI, cloud, and infrastructure risk before it becomes an incident.
MCPThreatHive is an open-source platform that automates MCP threat intelligence through continuous data collection, AI-driven extraction, and a unified taxonomy of 38 threat patterns mapped to STRIDE and OWASP frameworks, addressing gaps in compositional attack modeling and continuous monitoring. Read more
This checklist guides analysts in extracting actionable intelligence from public cyber incident disclosures using Nogosee’s East Asia Cyber & AI Risk Tracker. It outlines steps for identifying source wording, affected entities, sectors, uncertainty levels, response status, and watchlist follow-up, with clear ownership, decision criteria, and escalation paths for security and operations teams. Read more
Microsoft issued a mitigation for CVE-2026-45585 (YellowKey), a zero-day BitLocker bypass allowing physical-access attackers to trigger an unrestricted shell in WinRE via USB-delivered FsTx files and CTRL key input. The flaw affects Windows 11 versions 24H2, 25H2, 26H1 and Windows Server 2025, revealing a critical limitation in TPM-only encryption that requires multi-factor pre-boot authentication to fully mitigate. Read more
CVE-2026-45829 in ChromaDB’s Python FastAPI server allows unauthenticated remote code execution by executing malicious models from Hugging Face before authentication verification, affecting an estimated 73% of exposed instances and posing significant risk to agentic AI deployments reliant on dynamic model loading. Read more
GovCERT.HK's High Threat Security Alert (A26-05-36) confirms active exploitation of CVE-2026-42945, a denial-of-service and remote code execution vulnerability in Nginx, affecting stable versions prior to 1.30.1 and mainline prior to 1.31.0. The alert references six CVEs spanning memory safety, input validation, and configuration flaws, with potential impacts including full system compromise, service disruption, and data exfiltration. Given Nginx's pervasive role as a reverse proxy, load balancer, and ingress controller in enterprise, cloud, and containerized environments, the vulnerability presents a critical initial access vector for threat actors. Immediate patching is urged, with defenders advised to verify patch status across public-facing, internal, and cloud-deployed instances while monitoring for exploit indicators in logs and network traffic. Read more
This practical tutorial guides security teams through comparing CERT and vulnerability signals across Taiwan, Japan, and Korea for a single vendor using Nogosee's East Asia Cyber & AI Risk Tracker. It provides step-by-step workflow guidance for signal discovery, inspection, and monitoring without implying real-time urgency or inventing unsupported metrics. Read more
A critical security flaw impacting NGINX Plus and NGINX Open Source, tracked as CVE-2026-42945, has transitioned from public disclosure to active exploitation in the wild. The vulnerability is a heap buffer overflow within the ngx_http_rewrite_module that allows unauthenticated attackers to trigger worker process crashes (denial-of-service) or potentially achieve remote code execution (RCE) via crafted HTTP requests. While RCE is largely mitigated by Address Space Layout Randomization (ASLR), honeypot data confirms threat actors are already weaponizing the flaw to disrupt services. This exploitation coincides with a cluster of attacks targeting openDCIM infrastructure management software, reportedly utilizing AI-assisted vulnerability discovery tools. F5 has released patches, and immediate updates are recommended for all NGINX deployments within the affected version range (0.6.27 to 1.30.0). Read more
Use Nogosee's public tracker to assess East Asia vulnerability signals by verifying asset exposure, supplier impact, exploitability evidence, business ownership, compensating controls, and monitoring needs before escalation. Read more
Nogosee monitored 13 Taiwan listed-company cyber incident disclosures in April 2026. The cleaned month is incident-only: 13 incident records, 0 governance records, and 0 procurement records. This is a MOPS incident-disclosure snapshot for analyst workflow use, not a complete census of Taiwan cyber activity. Read more
A practical workflow for security teams to efficiently triage East Asia cyber and AI risk signals using Nogosee’s public tracker, focusing on filtering, ranking, and decision-making without hard thresholds or numeric claims. Read more