11 reports
Recent reports highlight critical vulnerabilities across enterprise platforms and severe supply chain attacks. Malicious groups continue to target telecommunications companies and exploit weaknesses, requiring immediate security updates.
China-linked espionage targets Philippine infrastructure while AI-generated scams and illegal text blasters exploit local trust. Meanwhile, the Instructure breach exposed data of thousands of institutions, and cascading supply chain attacks continue to compromise major security and software vendors.
Recent incidents expose severe risks to Philippine companies from state-backed hacking groups, unverified government data breaches, and compromised third-party software. Organizations are advised to track software vulnerabilities and secure cloud configurations to prevent massive data theft.
Cyber threats in the Philippines are shifting toward human-centric manipulation. Organized syndicates now use sophisticated social engineering, such as impersonating government officials and hijacking technical platforms like Axios, to bypass automated security and compromise enterprises.
Recent supply chain attacks on widely used development tools and severe network equipment vulnerabilities demand immediate patching. Additionally, Philippine enterprises are advised to maintain strict vigilance against persistent, state sponsored cyber espionage and data harvesting operations.
Philippine authorities are intensifying crackdowns on illegal gambling and regional scam hubs, while Meta has disabled 150,000 fraudulent accounts. Concurrently, enterprises face rising threats from APT41 espionage, sophisticated VPN phishing, and critical vulnerabilities in Microsoft and Veeam.
The Philippine government has shifted to monitoring Telegram, while the BSP proposes annual cyber self-assessments for banks. Regionally, the FBI is targeting industrialized scam hubs. Meanwhile, threat actors are weaponizing AI tools and malicious web apps to bypass enterprise defenses.
Singapore’s major telcos were targeted in a months-long espionage campaign by Chinese-linked UNC3886. Locally, phishing sites surged 423%, while state-sponsored actors are weaponizing Gemini AI to accelerate attacks. Critical flaws in Honeywell CCTVs and Windows further expand the regional risk.
Multiple ransomware groups, including Qilin and Tengu, have allegedly targeted Philippine firms like PSBank and Lenotech. Concurrently, China-linked HoneyMyte and PeckBirdy campaigns are intensifying regional espionage, while critical vulnerabilities in n8n and Microsoft Office pose risks.
The AFP is undergoing joint cyber training with Canada, while the Philippines lifted its ban on Grok AI following new safeguards. High-severity zero-days in Cisco and n8n (CVSS 10.0) demand immediate patching, as threat actors weaponize malicious browser extensions and "Reprompt" flaws.
Taiwan’s energy sector is facing 2.63 million daily intrusion attempts from Chinese-linked groups like APT41. Meanwhile, a "KimWolf" botnet has compromised 2 million Android devices, and new "ClickFix" scams use fake blue screens to trick users into manually executing malicious code.
