Security threats, solutions, and policy in the Asia-Pacific region
A Chinese state-sponsored group intercepted Notepad++ updates from June to December 2025, selectively targeting users through compromised hosting infrastructure. The attack exploited weak update verification in versions before 8.8.9, highlighting supply chain risks in open-source tooling - especially relevant given APAC's increasing focus on software supply chain security.
AI-enhanced floodlight cameras are showing up in APAC warehouses and office perimeters, combining 2K/4K video, motion-triggered lighting, and local storage options. The enterprise angle: data privacy concerns are pushing facilities teams toward subscription-free models as regulations tighten.
Two malicious VS Code extensions—ChatGPT 中文版 (1.34M installs) and ChatMoss (151K installs)—function as legitimate AI coding assistants while covertly transmitting entire codebases to Chinese servers. The extensions remain live in the official marketplace. Koi Security disclosed the campaign January 22.
SAST, DAST, and SCA each catch different vulnerabilities - and miss others entirely. Enterprise teams layering all three still face gaps. The real question: which combination actually reduces your risk?
A Chinese state-sponsored group intercepted Notepad++ updates from June to December 2025, selectively targeting users through compromised hosting infrastructure. The attack exploited weak update verification in versions before 8.8.9, highlighting supply chain risks in open-source tooling - especially relevant given APAC's increasing focus on software supply chain security.
AI-enhanced floodlight cameras are showing up in APAC warehouses and office perimeters, combining 2K/4K video, motion-triggered lighting, and local storage options. The enterprise angle: data privacy concerns are pushing facilities teams toward subscription-free models as regulations tighten.
Two malicious VS Code extensions—ChatGPT 中文版 (1.34M installs) and ChatMoss (151K installs)—function as legitimate AI coding assistants while covertly transmitting entire codebases to Chinese servers. The extensions remain live in the official marketplace. Koi Security disclosed the campaign January 22.
SAST, DAST, and SCA each catch different vulnerabilities - and miss others entirely. Enterprise teams layering all three still face gaps. The real question: which combination actually reduces your risk?
The Tamagotchi-looking device went viral on TikTok for fake exploits, but it's a legitimate pentesting tool that's been testing access control systems for three years. Enterprise security teams should understand what it actually does - and what it can't.
The viral AI agent that runs shell commands and accesses files locally has fundamental security gaps. Research shows 22% of enterprise OpenClaw instances are unauthorized, over half with privileged access. Cisco and Palo Alto documented data exfiltration via third-party skills.
Elon Musk's xAI ran most of 2025 with a skeleton safety crew while Grok users generated non-consensual nudes and sexualized child images at scale. The UK called it 'insulting,' the EU ordered data retention, and enterprise leaders should note: regulators are watching how AI teams staff content moderation.
Consumer security gadgets like USB data blockers ($10) and YubiKeys ($50) are increasingly marketed for enterprise travel protection. But while hardware authentication keys demonstrably reduce breach risk by 99%, USB blockers and consumer-grade trackers face questions about encryption standards and field reliability.
Cloud Security Alliance brings its international cybersecurity conference back to Uttarakhand in March, splitting focus between hands-on workshops and policy discussions. The move signals India's push to decentralize security expertise beyond metro hubs.
Security researchers documented 230 malicious OpenClaw "skills" disguised as crypto trading tools uploaded to ClawHub since late January. The extensions exploit OpenClaw's unsandboxed architecture to steal browser data and cryptocurrency information. Enterprise deployments are exposed: hundreds of instances run online without authentication.
Two infrastructure attacks this month show where OT security stands: Poland's grid held, Venezuela's didn't. The gap between attack frequency and actual impact matters more than the headlines suggest.
Internal WhatsApp logs from a Laos pig butchering compound show how forced laborers are controlled through fines and debt—while defrauding victims of millions. The leaks expose the operational reality of Southeast Asian scam operations that have become the most lucrative form of cybercrime globally.