PSA Cyber Risk Reports
NVIDIA, a computer chip and graphics card manufacturer, released a series of patches for a vulnerability in its software suite. Identified as Common Vulnerabilities and Exposures (CVE)-2025-33244, this flaw allows threat actors to execute unauthorized commands remotely (RCE) or crash the system through Denial of Service (DoS) attacks. The vulnerability specifically targets NVIDIA’s enterprise AI …
The United States Federal Communications Commission (FCC) has recently updated its “Covered List” to include all new consumer-grade routers manufactured in foreign countries, effectively banning the sale of new models in the US, citing significant national security risks. The Covered List is a FCC-maintained list of communication equipment and services that poses a risk to …
Two recent supply chain attacks targeting the Axios development library and the Trivy security scanner exposed vulnerabilities across enterprise environments. These incidents highlight an escalating threat tactic where threat actors are targeting not the organizations directly, but the foundational software dependencies used by thousands of businesses globally. Library Dependency Axios Supply Chain Attack Axios, a …
The United States (US) Cybersecurity Infrastructure Security Agency (CISA) released an advisory urging US federal agencies to immediately patch an actively exploited ‘insufficient input validation’ vulnerability against Citrix NetScaler appliances. Identified as Common Vulnerabilities and Exposures (CVE)-2026-3055, this flaw allows an unauthenticated, remote threat actor to steal sensitive information directly from the appliance’s memory. Citrix …
The United States Federal Bureau of Investigation (FBI) has issued an alert regarding Handala, a threat actor group reportedly linked to Iran’s Ministry of Intelligence and Security (MOIS), which has been using Telegram-based malware targeting civilians, journalists, and dissidents. Unlike conventional military cyber threats, the operations focus on civilian devices and commercial networks, posing significant …
Ubiquiti, a known network device manufacturer, disclosed a maximum severity path traversal vulnerability in its UniFi network management software. Identified as Common Vulnerabilities and Exposures (CVE)-2026-22557, this flaw requires minimal effort by threat actors to remotely compromise a network. UniFi platforms are widely adopted for their centralized management ecosystem (UniFi OS) which offers enterprise-grade control …
April 1, 2026
Oracle, a technology company providing cloud infrastructure, database management, and software development services, released a patch for a remote code execution (RCE) vulnerability in its Identity Manager and Web Services Manager platform. Identified as Common Vulnerabilities and Exposures (CVE)-2026-21992, the flaw, when successfully exploited, gives a threat actor unauthenticated remote code access to the compromised …
April 1, 2026
The United States (US) Cybersecurity Infrastructure Security Agency (CISA) released an advisory warning that threat actors are exploiting a vulnerability in Langflow, a platform for building Artificial Intelligence (AI) applications. Identified as Common Vulnerabilities and Exposures (CVE)-2026-33017, the flaw, when successfully exploited, allows a threat actor remote code execution (RCE) access to a targeted system. …
NVIDIA, a computer chip and graphics card manufacturer, released a series of patches for a vulnerability in its software suite. Identified as Common Vulnerabilities and Exposures (CVE)-2025-33244, this flaw allows threat actors to execute unauthorized commands remotely (RCE) or crash the system through Denial of Service (DoS) attacks. The vulnerability specifically targets NVIDIA’s enterprise AI …
The United States Federal Communications Commission (FCC) has recently updated its “Covered List” to include all new consumer-grade routers manufactured in foreign countries, effectively banning the sale of new models in the US, citing significant national security risks. The Covered List is a FCC-maintained list of communication equipment and services that poses a risk to …
Two recent supply chain attacks targeting the Axios development library and the Trivy security scanner exposed vulnerabilities across enterprise environments. These incidents highlight an escalating threat tactic where threat actors are targeting not the organizations directly, but the foundational software dependencies used by thousands of businesses globally. Library Dependency Axios Supply Chain Attack Axios, a …
The United States (US) Cybersecurity Infrastructure Security Agency (CISA) released an advisory urging US federal agencies to immediately patch an actively exploited ‘insufficient input validation’ vulnerability against Citrix NetScaler appliances. Identified as Common Vulnerabilities and Exposures (CVE)-2026-3055, this flaw allows an unauthenticated, remote threat actor to steal sensitive information directly from the appliance’s memory. Citrix …
The United States Federal Bureau of Investigation (FBI) has issued an alert regarding Handala, a threat actor group reportedly linked to Iran’s Ministry of Intelligence and Security (MOIS), which has been using Telegram-based malware targeting civilians, journalists, and dissidents. Unlike conventional military cyber threats, the operations focus on civilian devices and commercial networks, posing significant …
Ubiquiti, a known network device manufacturer, disclosed a maximum severity path traversal vulnerability in its UniFi network management software. Identified as Common Vulnerabilities and Exposures (CVE)-2026-22557, this flaw requires minimal effort by threat actors to remotely compromise a network. UniFi platforms are widely adopted for their centralized management ecosystem (UniFi OS) which offers enterprise-grade control …
April 1, 2026
Oracle, a technology company providing cloud infrastructure, database management, and software development services, released a patch for a remote code execution (RCE) vulnerability in its Identity Manager and Web Services Manager platform. Identified as Common Vulnerabilities and Exposures (CVE)-2026-21992, the flaw, when successfully exploited, gives a threat actor unauthenticated remote code access to the compromised …
April 1, 2026
The United States (US) Cybersecurity Infrastructure Security Agency (CISA) released an advisory warning that threat actors are exploiting a vulnerability in Langflow, a platform for building Artificial Intelligence (AI) applications. Identified as Common Vulnerabilities and Exposures (CVE)-2026-33017, the flaw, when successfully exploited, allows a threat actor remote code execution (RCE) access to a targeted system. …
CyberSecurity.PH Reports
Read the full report here. Philippines and South East Asia Philippine Presidential Communications Office responding to fake news and misinformation Chinese threat actor hidden inside another Asian telecommunication network for four years Malaysia refuses to pay $10USD million ransom related to airport outages Cybersecurity Threat Landscape Oracle cloud compute data breach confirmed Threat actor claims …
Read the full report here. Cybersecurity Threat Landscape Multiple APT groups using Windows shortcut exploit with no Microsoft fix available Compromised GitHub Action leads to further GitHub Action compromises Authentic looking Adobe OAuth and DocuSign OAuth targeting Microsoft 365 accounts Cybersecurity Vulnerabilities Apache Tomcat remote code execution (CVSS 9.8) PHP remote code execution vulnerability exploited …
Read the full report here. Philippines and South East Asia Philippine Army confirms hack by threat-actor Exodus Security Chinese Lotus Panda threat-group targeting APAC organizations with Sagerunex variants Threat actors impersonating Taiwan Taxation authority to deploy malware Solo hacker responsible for 90x high-profile data leaks arrested in Thailand Cybersecurity Threat Landscape FBI confirms Lazarus threat-group …
Read the full report here. Philippines and South East Asia 7,000 people rescued from Myanmar scam-centres Google stops malicious apps with ‘AI-Powered Threat Detection’ and continuous scanning Cybersecurity Threat Landscape Threat actors tricking users into linking devices to access Signal, WhatsApp and Telegram messages China sponsored Salt Typhoon threat actors continue to breach telecom organizations …
Cybersecurity.PH recently published a report providing an in-depth analysis on the risks and vulnerabilities associated with AI technologies like DeepSeek. It explores various security concerns including browser-based tracking, user data collection, and the potential for AI model manipulation. While DeepSeek serves as the focal point, the report emphasizes that similar vulnerabilities exist across many AI …
Read the full report here. Artificial Intelligence AI Technologies Philippines and South East Asia China-linked threat actor “PlushDaemon” targets victims in South East Asia with malicious VPN installers Fake wedding invites, parcel delivery notifications, and government job offers used to spread Android malware Thai police arrest woman linked to $182m romance scam Cybersecurity Threat Landscape …
January 23, 2025
Cybersecurity.PH just released a new update! Check out the full report HERE. Philippines NBI clearance data claimed to be compromised Philippines arrests Chinese national for spying on critical infrastructure Cybersecurity Threat Landscape VPN credentials of 15,000 FortiGate appliances posted on dark-web forum Mustang Panda’s PlugX malware removed from 4,200 computers in the US Phishing-as-a-service “Sneaky …
January 9, 2025
Read the full report HERE. Philippines Chinese cyber threat actors targeting Philippine Executive Branch, stealing military data Cybersecurity Threat Landscape United States Treasury OFAC breached by Chinese threat-actors via third-party vendor 30+ Chrome plugins hacked, exposing millions of users to credential theft Tools released to abuse Windows server LDAP bug causes crashes and reboots Cybersecurity …
Read the full report here. Philippines and South East Asia Philippine Presidential Communications Office responding to fake news and misinformation Chinese threat actor hidden inside another Asian telecommunication network for four years Malaysia refuses to pay $10USD million ransom related to airport outages Cybersecurity Threat Landscape Oracle cloud compute data breach confirmed Threat actor claims …
Read the full report here. Cybersecurity Threat Landscape Multiple APT groups using Windows shortcut exploit with no Microsoft fix available Compromised GitHub Action leads to further GitHub Action compromises Authentic looking Adobe OAuth and DocuSign OAuth targeting Microsoft 365 accounts Cybersecurity Vulnerabilities Apache Tomcat remote code execution (CVSS 9.8) PHP remote code execution vulnerability exploited …
Read the full report here. Philippines and South East Asia Philippine Army confirms hack by threat-actor Exodus Security Chinese Lotus Panda threat-group targeting APAC organizations with Sagerunex variants Threat actors impersonating Taiwan Taxation authority to deploy malware Solo hacker responsible for 90x high-profile data leaks arrested in Thailand Cybersecurity Threat Landscape FBI confirms Lazarus threat-group …
Read the full report here. Philippines and South East Asia 7,000 people rescued from Myanmar scam-centres Google stops malicious apps with ‘AI-Powered Threat Detection’ and continuous scanning Cybersecurity Threat Landscape Threat actors tricking users into linking devices to access Signal, WhatsApp and Telegram messages China sponsored Salt Typhoon threat actors continue to breach telecom organizations …
Cybersecurity.PH recently published a report providing an in-depth analysis on the risks and vulnerabilities associated with AI technologies like DeepSeek. It explores various security concerns including browser-based tracking, user data collection, and the potential for AI model manipulation. While DeepSeek serves as the focal point, the report emphasizes that similar vulnerabilities exist across many AI …
Read the full report here. Artificial Intelligence AI Technologies Philippines and South East Asia China-linked threat actor “PlushDaemon” targets victims in South East Asia with malicious VPN installers Fake wedding invites, parcel delivery notifications, and government job offers used to spread Android malware Thai police arrest woman linked to $182m romance scam Cybersecurity Threat Landscape …
January 23, 2025
Cybersecurity.PH just released a new update! Check out the full report HERE. Philippines NBI clearance data claimed to be compromised Philippines arrests Chinese national for spying on critical infrastructure Cybersecurity Threat Landscape VPN credentials of 15,000 FortiGate appliances posted on dark-web forum Mustang Panda’s PlugX malware removed from 4,200 computers in the US Phishing-as-a-service “Sneaky …
January 9, 2025
Read the full report HERE. Philippines Chinese cyber threat actors targeting Philippine Executive Branch, stealing military data Cybersecurity Threat Landscape United States Treasury OFAC breached by Chinese threat-actors via third-party vendor 30+ Chrome plugins hacked, exposing millions of users to credential theft Tools released to abuse Windows server LDAP bug causes crashes and reboots Cybersecurity …
