See the no-go signals before they become incidents.
Recent high-profile security incidents involving Hatena and Money Forward, combined with the discovery of the 'Copy Fail' Linux kernel vulnerability (CVE-2026-31431), highlight a dangerous trend where attackers combine social engineering with local system exploits to bypass traditional network defenses. Read more
Google's Threat Intelligence Group (GTIG) has revealed that state-sponsored actors from China, North Korea, and Russia are increasingly integrating generative AI to discover zero-day vulnerabilities, automate malware generation, and conduct large-scale disinformation campaigns. Read more
Google's Threat Intelligence Group (GTIG) has reported the first observed instances of hackers using AI to discover zero-day vulnerabilities and generate exploit tools for large-scale attacks. The activity involved several notorious hacking groups collaborating to bypass two-factor authentication (2FA) in open-source network management tools. Read more
SAP has released its May 2026 security updates, addressing 15 vulnerabilities including two critical flaws in S/4HANA and Commerce Cloud that could lead to unauthorized data access and remote code execution. Read more
TWCERT/CC published a TVN advisory for a critical stack-based buffer overflow in ShangShang Technology’s EHG2408 series Ethernet switches. The flaw (CVE-2026-3823, CVSS 9.8) is reachable over the network without authentication and could allow remote attackers to hijack execution flow and run arbitrary code. Affected users are advised to upgrade to firmware v3.36 or later. Read more
Taiwan’s TWCERT/CC published a high-severity vulnerability notice for the D-Link DWM-222W Wi‑Fi 6 USB mobile network adapter/modem. The issue allows an unauthenticated attacker on the same network domain to bypass login attempt limits, enabling brute-force attempts that could lead to device control. D-Link firmware 1.02.00 and later is listed as the fix. Read more
TWCERT/CC disclosed three vulnerabilities affecting WeiQiao Information’s “Single Sign-On and Electronic Directory Service System” (單一簽入暨電子目錄服務系統). Two medium-severity issues are open redirect (CVE-2026-3824) and reflected XSS (CVE-2026-3825), both described as exploitable by authenticated remote attackers via user interaction. A critical issue, CVE-2026-3826 (CVSS 9.8), is a local file inclusion flaw described as exploitable by an unauthenticated remote attacker and could enable server-side arbitrary code execution. TWCERT/CC recommends upgrading to IFTOP_P4_181 or later; versions before IFTOP_P4_181 are affected. Read more
TWCERT/CC published a Taiwan Vulnerability Note (TVN-202604011) detailing two vulnerabilities affecting Herlin Digital Technology’s AVACAST for Windows versions 5.10.10.43 and earlier. The issues—DLL hijacking (CVE-2026-7279, CVSS 7.8 High) and an unquoted service path (CVE-2026-7280, CVSS 6.7 Medium)—could allow authenticated local attackers (and in the second case, a local admin) to execute code with SYSTEM privileges. TWCERT/CC recommends updating to AVACAST 5.10.10.45 or later. Read more
TWCERT/CC disclosed a critical “Missing Authentication” vulnerability in Chunghwa Long Network’s GCB/FCB government/financial cybersecurity configuration audit software. The issue allows a remote, unauthenticated attacker to use an API function to create a new administrator-privileged account. Affected deployments are versions prior to 20260108; users are advised to upgrade to 20260108 or later. Read more
Microsoft’s May 12, 2026 Patch Tuesday release disclosed 137 CVEs across Microsoft products (down from 165 the prior month, per iThome). Including third‑party component fixes Microsoft shipped, the total reaches 265 vulnerabilities. iThome highlights 13 vulnerabilities Microsoft assessed as more likely to be targeted by attackers; most are elevation-of-privilege issues across Windows components, plus two Word remote code execution bugs. Four of the 13 are rated Critical, and the highest CVSS score called out is 9.1 for a Microsoft Single Sign-On (SSO) plugin used with Jira and Confluence. Read more