Data / Tool
Open the risk workbench
Search records, inspect source links, compare priority, export capped samples, and check source freshness before deciding what deserves deeper review.
Convergence of Human and System Vulnerabilities: Analyzing ‘Copy Fail’ and Recent Japanese Security Breaches
Recent high-profile security incidents involving Hatena and Money Forward, combined with the discovery of the ‘Copy Fail’ Linux kernel vulnerability (CVE-2026-31431), highlight a dangerous trend where attackers combine social engineering with local system exploits to bypass traditional network defenses.
Passkeys and SSO Adoption Drive First Decline in Managed Password Volume Since 2020
A 2026 study by NordPass reveals that the average number of managed passwords per user has decreased to 120, marking a reversal of a multi-year growth trend. The shift is attributed to the rise of passkeys, biometric authentication, and Single Sign-On (SSO) platforms, signaling a transition toward passwordless infrastructure.
Japan’s SCS Evaluation System Shifts Toward Continuous Security Operations and Workforce Frameworks
Japan is implementing a new Supply Chain Cybersecurity (SCS) Evaluation System that prioritizes continuous operational maintenance over one-time audits, requiring organizations to integrate annual inspections and specialized personnel frameworks into their core business processes.
Google Identifies AI-Generated Zero-Day Exploits and Autonomous Malware Operations
Google’s Threat Intelligence Group (GTIG) has revealed that state-sponsored actors from China, North Korea, and Russia are increasingly integrating generative AI to discover zero-day vulnerabilities, automate malware generation, and conduct large-scale disinformation campaigns.
Google Identifies First Cases of AI-Driven Zero-Day Exploitation by Threat Actors
Google’s Threat Intelligence Group (GTIG) has reported the first observed instances of hackers using AI to discover zero-day vulnerabilities and generate exploit tools for large-scale attacks. The activity involved several notorious hacking groups collaborating to bypass two-factor authentication (2FA) in open-source network management tools.
Wistron Accelerates Blue Team Response from Hours to Minutes via Generative AI Integration
At the 2026 CYBERSEC Taiwan conference, high-tech manufacturer Wistron revealed how its security operations center (SOC) successfully integrated generative AI to reduce incident analysis time from 15 minutes to 1 minute and overall response times from hours to under 10 minutes, achieving a 97.5% accuracy rate in threat detection.
PCPJack Malware Framework Targets Cloud Infrastructure while Displacing Rival Threat Group
Security researchers have identified a new cloud-native malware framework, PCPJack, which specializes in credential theft across Docker, Kubernetes, and Redis environments. Uniquely, the framework actively removes tools associated with the TeamPCP (PCPcat) threat group, suggesting a possible internal rift or turf war over compromised cloud assets.
Taiwan FSC Unveils Post-Quantum Cryptography Migration Guidelines for Financial Sector
Taiwan’s Financial Supervisory Commission (FSC) has announced a new roadmap for financial cybersecurity resilience, focusing on the ‘AI Vulnerability Storm’ and the transition to Post-Quantum Cryptography (PQC). The commission is set to release a formal PQC migration guide to prepare the industry for ‘Y2Q’ risks by 2029.
SAP Patches Critical Vulnerabilities in S/4HANA and Commerce Cloud with CVSS 9.6 Ratings
SAP has released its May 2026 security updates, addressing 15 vulnerabilities including two critical flaws in S/4HANA and Commerce Cloud that could lead to unauthorized data access and remote code execution.
Coupang Launches Taiwan’s First Public Bug Bounty Program Amid Regional Trust Rebuilding Efforts
Coupang Taiwan has announced a strategic partnership with HackerOne to launch the nation’s first public bug bounty program, marking a significant shift toward open security validation following a 2025 data breach that impacted 200,000 Taiwanese customers.