East Asia Cyber & AI Risk Tracker

Signal Database

East Asia Cyber & AI Risk Tracker

Search structured signals first, then open briefs, exports, or public-source records when a signal deserves deeper review.

1

Search A Task

Start with a country, CVE, company, sector, source family, or threat theme such as ransomware, JVN, KrCERT, procurement, or AI security.

2

Inspect Signals

Open source-linked records, compare priority, check dates, and use the related collection pages when a record needs context.

3

Export Or Monitor

Use capped CSV, indicator CSV, RSS, copyable briefs, and local watchlists for repeat workflow use. Larger data access uses the request form.

A

Who This Helps

Security, cloud, governance, supplier-risk, and research teams that need English access to East Asia public cyber, AI, cloud, incident, procurement, and CERT signals.

B

How To Verify

Treat Nogosee as a monitoring layer: open the linked source, compare nearby tracker records, and check methodology and update cadence before making operational decisions.

C

Public Boundary

Public search, CSV, RSS, and topic pages are capped samples. Full feeds, historical exports, and custom monitoring remain request-only, and private query logic is not published.

Live Database Proof

The tracker is backed by structured public records before any article is written.

This server-rendered proof uses the public-signal summary first, so crawlers, screenshots, and no-JavaScript checks can see that the database is alive.

2,768Total public records
1,689Taiwan/Japan/Korea records
10/10Core source families
206Added or seen in 24h

Latest database activity 2026-07-08 17:17. Snapshot generated 2026-07-08 20:00. Capped public exports prove workflow fit; full feeds and historical access remain request-only.

Dashboard Lens

Regional risk and workflow queue

Use this snapshot to decide whether to start with country monitoring, CVE triage, ransomware watch, cloud/identity review, or API/export evaluation.

Live facets load after search
Regional heat
Global242
Taiwan38
Korea32
Japan20
Hong Kong7
Watch-first queue
  1. A Practical Workflow for East Asia vulnerability signal triage questions for platform teamsGlobal / Security
  2. A Practical Workflow for Maintain an 'evidence ladder' for East Asia cyber signalsGlobal / Security
  3. A Practical Workflow for Use CISA KEV as a secondary cross-check for East Asia vulnerability signalsGlobal / Security
  4. A Practical Workflow for Questions to ask when a Korea KrCERT notice lists multiple affected productsGlobal / Security
Workflow mix
Security 318Policy 10Supply Chain 4Product 4Partnership 2Other 1
30-day trend

133 signals across 24 active days.

Vulnerability / CVE pulse
14Matching records
8High priority
13Fresh / recent
Global 12Japan 1Hong Kong 1

Review high-priority and fresh records before export.

Open vulnerability/CVE query
Ransomware pulse
3Matching records
2High priority
2Fresh / recent
Global 3

Review high-priority and fresh records before export.

Open ransomware/extortion query
Ready. Search the database or choose a preset to refresh the results below.
Active filters All public signals
Export CSV Indicator CSV RSS alert feed Share query on X 0 selected for comparison
Signal results 30 results
globalmediumsecurity

A Practical Workflow for East Asia vulnerability signal triage questions for platform teams

A Practical Workflow for East Asia vulnerability signal triage questions for platform teams helps security, cloud, and supplier-risk teams keep an East Asia cyber or AI-risk signal under review when there is no fresh publish-ready news item. It explains how to preserve the original link, separate visible evidence from assumptions, and route unclear findings without inventing unsupported claims.

cloud infrastructuregovernmentsecurity operations
East Asia cyber riskcontinuity monitoringsource verificationworkflow

Primary source

globalmediumsecurity

A Practical Workflow for Maintain an 'evidence ladder' for East Asia cyber signals

A Practical Workflow for Maintain an 'evidence ladder' for East Asia cyber signals helps security, cloud, and supplier-risk teams keep an East Asia cyber or AI-risk signal under review when there is no fresh publish-ready news item. It explains how to preserve the original link, separate visible evidence from assumptions, and route unclear findings without inventing unsupported claims.

cloud infrastructuregovernmentsecurity operations
East Asia cyber riskcontinuity monitoringsource verificationworkflow

Primary source

globalmediumsecurity

A Practical Workflow for Use CISA KEV as a secondary cross-check for East Asia vulnerability signals

A Practical Workflow for Use CISA KEV as a secondary cross-check for East Asia vulnerability signals helps security, cloud, and supplier-risk teams keep an East Asia cyber or AI-risk signal under review when there is no fresh publish-ready news item. It explains how to preserve the original link, separate visible evidence from assumptions, and route unclear findings without inventing unsupported claims.

cloud infrastructuregovernmentsecurity operations
East Asia cyber riskcontinuity monitoringsource verificationworkflow

Primary source

globalmediumsecurity

A Practical Workflow for Questions to ask when a Korea KrCERT notice lists multiple affected products

A Practical Workflow for Questions to ask when a Korea KrCERT notice lists multiple affected products helps security, cloud, and supplier-risk teams keep an East Asia cyber or AI-risk signal under review when there is no fresh publish-ready news item. It explains how to preserve the original link, separate visible evidence from assumptions, and route unclear findings without inventing unsupported claims.

cloud infrastructuregovernmentsecurity operations
East Asia cyber riskcontinuity monitoringsource verificationworkflow

Primary source

globalmediumsecurity

A Practical Workflow for Build a vendor exposure map from East Asia CERT feeds

A Practical Workflow for Build a vendor exposure map from East Asia CERT feeds helps security, cloud, and supplier-risk teams keep an East Asia cyber or AI-risk signal under review when there is no fresh publish-ready news item. It explains how to preserve the original link, separate visible evidence from assumptions, and route unclear findings without inventing unsupported claims.

cloud infrastructuregovernmentsecurity operations
East Asia cyber riskcontinuity monitoringsource verificationworkflow

Primary source

globalmediumsecurity

A Practical Workflow for What makes an East Asia AI incident 'publishable' vs 'monitor-only'

A Practical Workflow for What makes an East Asia AI incident 'publishable' vs 'monitor-only' helps security, cloud, and supplier-risk teams keep an East Asia cyber or AI-risk signal under review when there is no fresh publish-ready news item. It explains how to preserve the original link, separate visible evidence from assumptions, and route unclear findings without inventing unsupported claims.

cloud infrastructuregovernmentsecurity operations
East Asia cyber riskcontinuity monitoringsource verificationworkflow

Primary source

globalmediumsecurity

A Practical Workflow for SLSA questions to ask when a supplier claims 'secure build pipeline'

A Practical Workflow for SLSA questions to ask when a supplier claims 'secure build pipeline' helps security, cloud, and supplier-risk teams keep an East Asia cyber or AI-risk signal under review when there is no fresh publish-ready news item. It explains how to preserve the original link, separate visible evidence from assumptions, and route unclear findings without inventing unsupported claims.

cloud infrastructuregovernmentsecurity operations
East Asia cyber riskcontinuity monitoringsource verificationworkflow

Primary source

globalmediumsecurity

A Practical Workflow for Map AI misuse and model abuse signals to MITRE ATLAS without hype

A Practical Workflow for Map AI misuse and model abuse signals to MITRE ATLAS without hype helps security, cloud, and supplier-risk teams keep an East Asia cyber or AI-risk signal under review when there is no fresh publish-ready news item. It explains how to preserve the original link, separate visible evidence from assumptions, and route unclear findings without inventing unsupported claims.

cloud infrastructuregovernmentsecurity operations
East Asia cyber riskcontinuity monitoringsource verificationworkflow

Primary source

globalmediumsecurity

A Practical Workflow for Use NIST AI RMF to structure an AI security watchlist

A Practical Workflow for Use NIST AI RMF to structure an AI security watchlist helps security, cloud, and supplier-risk teams keep an East Asia cyber or AI-risk signal under review when there is no fresh publish-ready news item. It explains how to preserve the original link, separate visible evidence from assumptions, and route unclear findings without inventing unsupported claims.

cloud infrastructuregovernmentsecurity operations
East Asia cyber riskcontinuity monitoringsource verificationworkflow

Primary source

japanmediumsecurity

Path Traversal Vulnerability in Apache Jena Fuseki Admin Interface

A path traversal flaw in Apache Jena Fuseki versions prior to 5.5.0 allows authenticated administrative users to write arbitrary TTL files outside the server directory via the admin UI, tracked as CVE-2025-49656 with CVSS scores of 5.1 (CVSS 4.0) and 2.7 (CVSS 3.0).

Apache Software Foundation
cybersecuritysemantic websoftware
Apache JenaCVE-2025-49656CWE-22Fuseki

Primary source

globalmediumsecurity

A Practical Workflow for Build a Hong Kong cloud/identity watchlist from GovCERT.HK alerts

A Practical Workflow for Build a Hong Kong cloud/identity watchlist from GovCERT.HK alerts helps security, cloud, and supplier-risk teams keep an East Asia cyber or AI-risk signal under review when there is no fresh publish-ready news item. It explains how to preserve the original link, separate visible evidence from assumptions, and route unclear findings without inventing unsupported claims.

cloud infrastructuregovernmentsecurity operations
East Asia cyber riskcontinuity monitoringsource verificationworkflow

Primary source

globalmediumsecurity

A Practical Workflow for Turn Korea KISA/KrCERT notices into an internal patch-SLA queue

A Practical Workflow for Turn Korea KISA/KrCERT notices into an internal patch-SLA queue helps security, cloud, and supplier-risk teams keep an East Asia cyber or AI-risk signal under review when there is no fresh publish-ready news item. It explains how to preserve the original link, separate visible evidence from assumptions, and route unclear findings without inventing unsupported claims.

cloud infrastructuregovernmentsecurity operations
East Asia cyber riskcontinuity monitoringsource verificationworkflow

Primary source

globalmediumsecurity

A Practical Workflow for What to extract from a ransomware leak post without amplifying it

A Practical Workflow for What to extract from a ransomware leak post without amplifying it helps security, cloud, and supplier-risk teams keep an East Asia cyber or AI-risk signal under review when there is no fresh publish-ready news item. It explains how to preserve the original link, separate visible evidence from assumptions, and route unclear findings without inventing unsupported claims.

cloud infrastructuregovernmentsecurity operations
East Asia cyber riskcontinuity monitoringsource verificationworkflow

Primary source

globalmediumsecurity

A Practical Workflow for Minimum fields to capture for a CVE watchlist entry

A Practical Workflow for Minimum fields to capture for a CVE watchlist entry helps security, cloud, and supplier-risk teams keep an East Asia cyber or AI-risk signal under review when there is no fresh publish-ready news item. It explains how to preserve the original link, separate visible evidence from assumptions, and route unclear findings without inventing unsupported claims.

cloud infrastructuregovernmentsecurity operations
East Asia cyber riskcontinuity monitoringsource verificationworkflow

Primary source

globalmediumsecurity

A Practical Workflow for Use the CISA KEV catalog to build an East Asia supplier patch watchlist

A Practical Workflow for Use the CISA KEV catalog to build an East Asia supplier patch watchlist helps security, cloud, and supplier-risk teams keep an East Asia cyber or AI-risk signal under review when there is no fresh publish-ready news item. It explains how to preserve the original link, separate visible evidence from assumptions, and route unclear findings without inventing unsupported claims.

cloud infrastructuregovernmentsecurity operations
East Asia cyber riskcontinuity monitoringsource verificationworkflow

Primary source

globalhighsecurity

Ghost Traffic: ICMP Tunneling Enables LTE Billing Bypass Without Root Access

A research paper demonstrates how Android's default ICMP socket access combined with ISP billing policies that exclude ICMP traffic enables end-to-end data tunneling via VpnService, bypassing LTE billing and QoS throttling in six of seven tested ISP environments across South Korea, Japan, and the U.S.

cybersecurity researchmobile securitytelecommunications
Android VpnServiceGhost TrafficGhost Traffic: ICMP Tunneling-Based Billing Bypass in LTE NetworksICMP tunneling

Primary source

globalmediumsecurity

A Practical Workflow for How to score East Asia public signals before writing an article

A Practical Workflow for How to score East Asia public signals before writing an article helps security, cloud, and supplier-risk teams keep an East Asia cyber or AI-risk signal under review when there is no fresh publish-ready news item. It explains how to preserve the original link, separate visible evidence from assumptions, and route unclear findings without inventing unsupported claims.

cloud infrastructuregovernmentsecurity operations
East Asia cyber riskcontinuity monitoringsource verificationworkflow

Primary source

globalmediumsecurity

A Practical Workflow for Build a supplier-risk question set from East Asia public records

A Practical Workflow for Build a supplier-risk question set from East Asia public records helps security, cloud, and supplier-risk teams keep an East Asia cyber or AI-risk signal under review when there is no fresh publish-ready news item. It explains how to preserve the original link, separate visible evidence from assumptions, and route unclear findings without inventing unsupported claims.

cloud infrastructuregovernmentsecurity operations
East Asia cyber riskcontinuity monitoringsource verificationworkflow

Primary source

globalmediumsecurity

A Practical Workflow for Critical-infrastructure signals worth adding to a regional risk brief

A Practical Workflow for Critical-infrastructure signals worth adding to a regional risk brief helps security, cloud, and supplier-risk teams keep an East Asia cyber or AI-risk signal under review when there is no fresh publish-ready news item. It explains how to preserve the original link, separate visible evidence from assumptions, and route unclear findings without inventing unsupported claims.

cloud infrastructuregovernmentsecurity operations
East Asia cyber riskcontinuity monitoringsource verificationworkflow

Primary source

globalhighsecurity

Nissan Employee Data Breach Highlights Systemic Risk in Oracle PeopleSoft in Oracle PeopleSoft Zero-Day Campaign

Nissan disclosed a data breach affecting current and former employees across North and South America after threat actors exploited CVE-2026-35273, a zero-day vulnerability in Oracle PeopleSoft PeopleTools, in a campaign linked to ShinyHunters that compromised over 300 instances across 100 organizations, primarily in education, between May 27 and June 9, 2026.

NissanOracleShinyHunters
automotivehuman resourcesinformation technology
CVE-2026-35273HR systemsOracle PeopleSoftShinyHunters

Primary source

globalhighsecurity

Active Exploitation of Oracle E-Business Suite CVE-2026-46817 Highlights Critical Patch Delay Risks

Attackers are actively exploiting CVE-2026-46817, a critical unauthenticated remote code execution flaw in Oracle E-Business Suite's Payments module, with Defused observing real-world exploitation over the weekend and Shadowserver tracking over 450 exposed instances globally. Oracle patched the vulnerability in its May 2026 CPU but warns unpatched systems remain at risk.

CISADefusedOracle
cloud infrastructureenterprise softwarefinancial systems
CVE-2026-46817Oracle E-Business Suitepatch managementthreat intelligence

Primary source

globalhighsecurity

Infoblox Finds 236,000+ DCloud Uni-App Sites Used in Global Crypto Scams and Phishing

Infoblox identified over 236,000 websites using DCloud Uni-App templates for cryptocurrency scams, phishing, and wallet drainers, with evidence of centralized template distribution and widespread use of legitimate cloud hosting to evade detection.

Alibaba CloudAmazon Web ServicesCTG Server Limited
application developmentcloud infrastructurecryptocurrency
DCloud Uni-AppInfobloxbulletproof hostingcrypto fraud

Primary source

hong_konghighsecurity

GovCERT.HK Issues High Threat Alert for Linux Kernel Privilege Escalation Flaws

GovCERT.HK has issued a High Threat Security Alert (A26-06-45) for two elevation-of-privilege vulnerabilities in the Linux kernel—DirtyClone (CVE-2026-43503) and pedit COW (CVE-2026-46331)—with public PoC exploits available, allowing local unprivileged users to gain root access on affected systems.

cloud infrastructureenterprise ITgovernment
CVE-2026-43503CVE-2026-46331DirtyCloneGovCERT.HK

Primary source

koreahighsecurity

AhnLab Details May 2026 Korean APT Campaigns Using LNK Files and Living-off-the-Land Techniques

AhnLab’s May 2026 report identifies spear phishing with malicious LNK files as the dominant APT infection vector in South Korea, detailing six attack types that abuse PowerShell, curl.exe, and legitimate Windows tools to deploy info-stealers, keyloggers, and backdoors via GitHub and Google Drive, while also noting CHM and JSE-based variants using regsvr32 and certutil for evasion.

AhnLab
cybersecuritytechnology
APTBackdoorCHMGitHub

Primary source

globalhighsecurity

CISA KEV Addition of PTC Windchill RCE Flaw Exposes Gaps in Enterprise Patch Timelines

CISA’s inclusion of CVE-2026-12569 in the KEV catalog confirms active exploitation of a critical deserialization flaw in PTC Windchill PDMlink and FlexPLM, with attackers deploying JSP web shells for persistence. Despite patches released the prior week, continued threat activity highlights systemic delays in enterprise patch deployment and detection coverage for specialized PLM systems.

CISAPTC
cybersecurityenterprise softwareproduct lifecycle management
CISA KEVCVE-2026-12569PLM softwareWindchill

Primary source

globalhighsecurity

DirtyClone Linux Kernel Flaw Enables Root Escalation via Cloned Network Packets

CVE-2026-43503 (CVSS 8.8) allows local users to gain root by corrupting file-backed memory through cloned network packets, exploiting a missing shared-frag flag in kernel packet handling. The flaw affects multi-tenant systems where unprivileged namespaces are enabled, including CI runners and Kubernetes clusters. A patch was merged in Linux v7.1-rc5 on May 21, 2026.

JFrog Security Research
cloud infrastructurecybersecurityoperating systems
CVE-2026-43503DirtyCloneDirtyFragIPsec

Primary source

globalhighsecurity

Critical OS Command Injection and File Upload Flaws in H.VIEW HV-500S6 IP Cameras

Two high-severity vulnerabilities in H.VIEW HV-500S6 IP cameras allow authenticated attackers to execute arbitrary code and upload malicious files via OS command injection and unrestricted file upload flaws, affecting devices worldwide with no known public exploitation reported.

CISAH.VIEWHosei University
Commercial FacilitiesIndustrial Control Systems
CVE-2026-55975CVE-2026-56414ICS AdvisoryIP Camera

Primary source

globalhighsecurity

Yokogawa FAST/TOOLS and CI Server Vulnerability Exposes Sensitive Settings via Cleartext Transmission

CISA has republished a Yokogawa security advisory detailing CVE-2026-11833, a cleartext transmission flaw in FAST/TOOLS and CI Server that could leak sensitive configuration data. Affected versions include FAST/TOOLS >=R9.01 and CI Server >=R1.01, with CVSS scores up to 8.2. No public exploitation has been reported, but the vulnerability poses risk to critical manufacturing, energy, and food and agriculture sector...

CISAJPCERT/CCYokogawa
Critical ManufacturingEnergyFood and Agriculture
CVE-2026-11833Cleartext TransmissionDefense-in-DepthICS

Primary source

globalhighsecurity

CISA Alert: Active Exploitation of Critical Lantronix EDS5000 Flaw Demands Immediate Patching

CISA has warned of active exploitation of CVE-2025-67038, a critical code injection vulnerability in Lantronix EDS5000 Series devices, requiring Federal Civilian Executive Branch agencies to apply patches by June 26, 2026. The flaw allows unauthenticated remote command execution with root privileges via the HTTP RPC module, posing significant risks to network integrity and device security.

CISAForescout Research Vedere LabsLantronix
embedded systemsindustrial control systemsnetwork security
BRIDGE:BREAKCISACVE-2025-67038FCEB

Primary source

globalhighsecurity

Operation Endgame Disrupts Amadey and StealC Malware Infrastructure, Recovers 27 Million Credentials

A coordinated international law enforcement operation, conducted between June 15–19, 2026, dismantled the criminal infrastructure supporting the Amadey and StealC malware-as-a-service networks, recovering 27 million stolen credentials, identifying and restricting $47 million in cryptocurrency assets, seizing 326 servers and 142 domains, and severing control over 18,000+ infected computers identified by Microsoft t...

BitdefenderBitsightESET
cybersecuritylaw enforcementtechnology
AmadeyC2 infrastructureOperation EndgameStealC

Primary source

Priority Radar Ranked by freshness, importance, source signal, and operational relevance.
  1. 97
  2. 96
  3. 96
  4. 95
  5. 93
339Total Signals
285Published Briefs
142High Importance
133Recent 30D
1348143126613106761142253475
Top sectorstechnology141government123cloud infrastructure102security operations96Cybersecurity86cybersecurity54Government28Cloud Infrastructure23critical infrastructure22finance18
Top tagsworkflow97continuity monitoring88source verification88East Asia cyber risk87east-asia45tool-content42tutorial19checklist18japan17privilege escalation16
Tracker Snapshot

This summary is rendered by WordPress before browser-side API filters run, so the page remains useful even when the live signal API is slow.

Latest visible signal: A Practical Workflow for East Asia vulnerability signal triage questions for platform teams

339Tracked records
Coverage loadingSources monitored
Coverage loadingEnabled sources
Coverage loadingRecently fetched

Coverage snapshot is temporarily unavailable. The tracker still exposes methodology, RSS, CSV, and server-rendered signal cards when cached data is available.

Operational brief and triage details
Operational Brief

Scope All public signals

Latest signal 2026-07-08 - A Practical Workflow for East Asia vulnerability signal triage questions for platform teams

Signal state
  • 339 total signals
  • 285 published briefs
  • 142 high importance
Importance mix
  • Medium (197)
  • High (142)
Region mix
  • Global (242)
  • Taiwan (38)
  • Korea (32)
  • Japan (20)
Event types
  • Security (318)
  • Policy (10)
  • Supply Chain (4)
  • Product (4)
Top entities
  • Microsoft (32)
  • Google (14)
  • KISA (12)
  • CISA (9)
Top sectors
  • Technology (141)
  • Government (123)
  • Cloud Infrastructure (102)
  • Security Operations (96)
Triage Matrix
Action queue
  1. 97

    A Practical Workflow for Turn Korea KISA/KrCERT notices into an internal patch-SLA queue

    Check exposure, affected products, patch status, and official advisory details.

  2. 96

    Active Exploitation of Oracle E-Business Suite CVE-2026-46817 Highlights Critical Patch Delay Risks

    Check exposure, affected products, patch status, and official advisory details.

  3. 96

    GovCERT.HK Issues High Threat Alert for Linux Kernel Privilege Escalation Flaws

    Check exposure, affected products, patch status, and official advisory details.

  4. 95

    DirtyClone Linux Kernel Flaw Enables Root Escalation via Cloned Network Packets

    Check exposure, affected products, patch status, and official advisory details.

  5. 93

    Operation Endgame Disrupts Amadey and StealC Malware Infrastructure, Recovers 27 Million Credentials

    Compare against endpoint, identity, mail, proxy, and ticket telemetry for matching behavior.

  6. 90

    Yokogawa FAST/TOOLS and CI Server Vulnerability Exposes Sensitive Settings via Cleartext Transmission

    Check exposure, affected products, patch status, and official advisory details.

Risk mix
GlobalSecurityH 10M 17L 0
Hong KongSecurityH 1M 0L 0
KoreaSecurityH 1M 0L 0
JapanSecurityH 0M 1L 0
Coverage and methodology
Methodology

RSS and source-list items are normalized into structured signals, translated into English when needed, and enriched with entities, sectors, tags, event type, importance, timelines, and primary-source links. Low-value items can remain monitoring records instead of becoming public articles.

Freshness

Last updated Jul 8, 2026 18:37 UTC. Sources are checked on a conservative cadence, and public articles are published only after quality checks pass.

Coverage

Core focus: Taiwan, Japan, and Korea. Paused watchlist context: China, Singapore, Philippines, Thailand, and global cyber, AI, cloud, governance, observability, and security operations risk when clearly relevant.

Global 242Taiwan 38Korea 32Japan 20Hong Kong 7
English or source unknown 183En 72Traditional Chinese 38Korean 24Japanese 20Zh Hant Or Zh Hans 2