Security threats, solutions, and policy in the Asia-Pacific region
Security researchers documented 230 malicious OpenClaw "skills" disguised as crypto trading tools uploaded to ClawHub since late January. The extensions exploit OpenClaw's unsandboxed architecture to steal browser data and cryptocurrency information. Enterprise deployments are exposed: hundreds of instances run online without authentication.
Two infrastructure attacks this month show where OT security stands: Poland's grid held, Venezuela's didn't. The gap between attack frequency and actual impact matters more than the headlines suggest.
Internal WhatsApp logs from a Laos pig butchering compound show how forced laborers are controlled through fines and debt—while defrauding victims of millions. The leaks expose the operational reality of Southeast Asian scam operations that have become the most lucrative form of cybercrime globally.
Chris Rebholz, who researches deepfakes professionally, still nearly hired one for a security researcher role. The incident highlights how recruitment has become an attack surface - even experts miss red flags when hiring speed trumps verification.
Security researchers documented 230 malicious OpenClaw "skills" disguised as crypto trading tools uploaded to ClawHub since late January. The extensions exploit OpenClaw's unsandboxed architecture to steal browser data and cryptocurrency information. Enterprise deployments are exposed: hundreds of instances run online without authentication.
Two infrastructure attacks this month show where OT security stands: Poland's grid held, Venezuela's didn't. The gap between attack frequency and actual impact matters more than the headlines suggest.
Internal WhatsApp logs from a Laos pig butchering compound show how forced laborers are controlled through fines and debt—while defrauding victims of millions. The leaks expose the operational reality of Southeast Asian scam operations that have become the most lucrative form of cybercrime globally.
Chris Rebholz, who researches deepfakes professionally, still nearly hired one for a security researcher role. The incident highlights how recruitment has become an attack surface - even experts miss red flags when hiring speed trumps verification.
SentinelLabs and Censys found thousands of Ollama instances running identical LLM configurations with no authentication, exposed APIs, and disabled guardrails. The monoculture setup means a single vulnerability could compromise substantial infrastructure simultaneously. Separately, Treasury terminated all Booz Allen Hamilton contracts after the firm's employee leaked 400,000+ tax records.
Microsoft shipped two emergency Windows patches in two weeks following January 2026 Patch Tuesday, fixing OneDrive crashes and shutdown failures. The pattern is clear: administrators now expect at least one OOB patch to fix what monthly updates break. This isn't agility - it's a QA problem.
Android's built-in Private DNS feature encrypts DNS queries via DNS over TLS, preventing ISP tracking and DNS spoofing. Available since Android 9, the setting remains off by default on most devices, leaving query data exposed. Three billion Android users have access to the feature, yet adoption patterns suggest enterprise configuration tools may be driving most implementations.