Nogosee Intelligence | East Asia Cyber & AI Risk Tracker

Taiwan first. Japan, Korea, and Thailand next.

Public-record layers turn local disclosures, advisories, procurement notices, and regional incident signals into structured data. Taiwan is the first deep layer; Japan, Korea, Thailand, Singapore, and other East Asia watchlists plug into the same workbench as source coverage matures.

Cloud Security, Identity & Governance, Incidents & Breaches, Security Operations

UNC5537’s Snowflake data-theft campaign made SaaS identity controls a first-order data platform risk

May 13, 2026

Mandiant (Google Cloud) reported a financially motivated cluster, UNC5537, systematically accessing Snowflake customer instances using stolen credentials—then stealing data and pursuing extortion and resale. Mandiant says it found no evidence the activity originated from a breach of Snowflake’s own enterprise environment; incidents it investigated traced back to compromised customer credentials, often sourced from historical infostealer infections dating to 2020. The campaign’s success, per Mandiant, was strongly associated with missing MFA, long-lived unrotated credentials, and lack of network allow lists—shifting the security conversation from “SaaS breach” to “identity hygiene as data-platform blast radius.”

AI Infrastructure Risk, AI Security, Cloud Security, Identity & Governance

AWS frames “AI sovereignty” as control-and-choice across the AI stack, highlighting Nitro isolation, Bedrock data-use commitments, and sovereign deployment options

May 13, 2026

In a Security Blog post, AWS outlines how it approaches “AI sovereignty” as an extension of digital sovereignty, centered on data sovereignty (including residency and operator access restrictions) and operational sovereignty (including resilience and independence). AWS positions its sovereignty offering as “control and choice” across the AI stack—deployment location options (including on-premises and isolated deployments), model/service selection, and governance controls. The post highlights AWS Nitro System isolation properties for EC2 instances (including AI accelerator instances), a commitment that Amazon Bedrock customer inputs/outputs are not used to train Amazon Nova or third-party models, and references third-party validation of Nitro’s design by NCC Group. AWS also notes its ISO/IEC 42001 accredited certification coverage for certain AI services and a 2025 surveillance audit with no findings, framing these as assurance mechanisms for customers with sovereignty and compliance requirements.