PSA Cyber Risk Reports
The Cyber Security Agency of Singapore (CSA) reports that a China-linked threat actor group tracked as UNC3886 has targeted Singapore’s four major telecommunications providers—Singtel, StarHub, M1, and SIMBA Telecom— in a months-long cyber espionage campaign. These intrusions exploited zero-day vulnerabilities in edge devices to bypass perimeter defenses, allowing threat actors to remain undetected while harvesting …
The Securities and Exchange Commission (SEC) has released an advisory flagging unregistered online lending platforms operating in the Philippines. Authorities noted that such platforms may expose users to abusive practices, data misuse, and financial harm. The advisory is part of an ongoing regulatory crackdown on illegal digital lenders, which continue to operate through mobile applications …
Check Point Software Technologies Ltd., an Israeli cybersecurity company, has reported a 423 percent increase in phishing sites in the Philippines year-on-year. The spike was attributed to cybercriminals scaling up industrialized fraud operations and identity-based deception rather than highly technical attacks. Rising Exposure to Cyber Threats According to the Philippine Threat Landscape Report 2025, phishing …
The Philippine National Police Anti-Cybercrime Group (PNP-ACG) and Bank of the Philippine Islands (BPI) have formalized a partnership to combat the rise of sophisticated financial crimes. Meanwhile, the Cybercrime Investigation and Coordination Center (CICC) has issued warnings about deepfakes used in romance scams. The move comes as authorities warn that traditional scams are rapidly evolving, …
A new Google Threat Intelligence Group (GTIG) report reveals that state-sponsored hackers from Russia, China, Iran, and North Korea are actively abusing Google’s Gemini AI model in their cyber operations. Rather than using novel tactics, threat actors use AI tools to accelerate digital reconnaissance, draft convincing phishing campaigns, generate and refine malware codes, and support …
Researchers from GuidePoint’s Research and Intelligence Team (GRIT) exposed a cybercrime group falsely claiming to have breached hundreds of organizations to extort payments. Identified as “0APT,” the group lists high-profile targets and uses recycled data and junk files to simulate theft. This tactic aims to convince companies to pay ransom while simultaneously scamming other cybercriminals …
February 19, 2026
A malicious campaign dubbed as the Phorpiex campaign is reportedly distributing the “Global Group” ransomware through a high volume phishing campaign. This attack vector leverages deceptive file naming and a unique ‘offline encryption mode’ to bypass traditional security filters which allows it to encrypt files without needing an internet connection. This campaign is particularly dangerous …
February 19, 2026
North Korean state-sponsored threat actors are targeting cryptocurrency and fintech industries using Windows and macOs devices. Threat actors are heavily leveraging social engineering, utilizing Artificial Intelligence (AI) generated ‘deepfake’ video calls and ‘ClickFix’ tactics to deploy malicious software. Google’s Mandiant reports that the primary objectives include “cryptocurrency theft” and the exfiltration of victim data to …
The Cyber Security Agency of Singapore (CSA) reports that a China-linked threat actor group tracked as UNC3886 has targeted Singapore’s four major telecommunications providers—Singtel, StarHub, M1, and SIMBA Telecom— in a months-long cyber espionage campaign. These intrusions exploited zero-day vulnerabilities in edge devices to bypass perimeter defenses, allowing threat actors to remain undetected while harvesting …
The Securities and Exchange Commission (SEC) has released an advisory flagging unregistered online lending platforms operating in the Philippines. Authorities noted that such platforms may expose users to abusive practices, data misuse, and financial harm. The advisory is part of an ongoing regulatory crackdown on illegal digital lenders, which continue to operate through mobile applications …
Check Point Software Technologies Ltd., an Israeli cybersecurity company, has reported a 423 percent increase in phishing sites in the Philippines year-on-year. The spike was attributed to cybercriminals scaling up industrialized fraud operations and identity-based deception rather than highly technical attacks. Rising Exposure to Cyber Threats According to the Philippine Threat Landscape Report 2025, phishing …
The Philippine National Police Anti-Cybercrime Group (PNP-ACG) and Bank of the Philippine Islands (BPI) have formalized a partnership to combat the rise of sophisticated financial crimes. Meanwhile, the Cybercrime Investigation and Coordination Center (CICC) has issued warnings about deepfakes used in romance scams. The move comes as authorities warn that traditional scams are rapidly evolving, …
A new Google Threat Intelligence Group (GTIG) report reveals that state-sponsored hackers from Russia, China, Iran, and North Korea are actively abusing Google’s Gemini AI model in their cyber operations. Rather than using novel tactics, threat actors use AI tools to accelerate digital reconnaissance, draft convincing phishing campaigns, generate and refine malware codes, and support …
Researchers from GuidePoint’s Research and Intelligence Team (GRIT) exposed a cybercrime group falsely claiming to have breached hundreds of organizations to extort payments. Identified as “0APT,” the group lists high-profile targets and uses recycled data and junk files to simulate theft. This tactic aims to convince companies to pay ransom while simultaneously scamming other cybercriminals …
February 19, 2026
A malicious campaign dubbed as the Phorpiex campaign is reportedly distributing the “Global Group” ransomware through a high volume phishing campaign. This attack vector leverages deceptive file naming and a unique ‘offline encryption mode’ to bypass traditional security filters which allows it to encrypt files without needing an internet connection. This campaign is particularly dangerous …
February 19, 2026
North Korean state-sponsored threat actors are targeting cryptocurrency and fintech industries using Windows and macOs devices. Threat actors are heavily leveraging social engineering, utilizing Artificial Intelligence (AI) generated ‘deepfake’ video calls and ‘ClickFix’ tactics to deploy malicious software. Google’s Mandiant reports that the primary objectives include “cryptocurrency theft” and the exfiltration of victim data to …
CyberSecurity.PH Reports
Read the full report here. Philippines and South East Asia Philippine Presidential Communications Office responding to fake news and misinformation Chinese threat actor hidden inside another Asian telecommunication network for four years Malaysia refuses to pay $10USD million ransom related to airport outages Cybersecurity Threat Landscape Oracle cloud compute data breach confirmed Threat actor claims …
Read the full report here. Cybersecurity Threat Landscape Multiple APT groups using Windows shortcut exploit with no Microsoft fix available Compromised GitHub Action leads to further GitHub Action compromises Authentic looking Adobe OAuth and DocuSign OAuth targeting Microsoft 365 accounts Cybersecurity Vulnerabilities Apache Tomcat remote code execution (CVSS 9.8) PHP remote code execution vulnerability exploited …
Read the full report here. Philippines and South East Asia Philippine Army confirms hack by threat-actor Exodus Security Chinese Lotus Panda threat-group targeting APAC organizations with Sagerunex variants Threat actors impersonating Taiwan Taxation authority to deploy malware Solo hacker responsible for 90x high-profile data leaks arrested in Thailand Cybersecurity Threat Landscape FBI confirms Lazarus threat-group …
Read the full report here. Philippines and South East Asia 7,000 people rescued from Myanmar scam-centres Google stops malicious apps with ‘AI-Powered Threat Detection’ and continuous scanning Cybersecurity Threat Landscape Threat actors tricking users into linking devices to access Signal, WhatsApp and Telegram messages China sponsored Salt Typhoon threat actors continue to breach telecom organizations …
Cybersecurity.PH recently published a report providing an in-depth analysis on the risks and vulnerabilities associated with AI technologies like DeepSeek. It explores various security concerns including browser-based tracking, user data collection, and the potential for AI model manipulation. While DeepSeek serves as the focal point, the report emphasizes that similar vulnerabilities exist across many AI …
Read the full report here. Artificial Intelligence AI Technologies Philippines and South East Asia China-linked threat actor “PlushDaemon” targets victims in South East Asia with malicious VPN installers Fake wedding invites, parcel delivery notifications, and government job offers used to spread Android malware Thai police arrest woman linked to $182m romance scam Cybersecurity Threat Landscape …
January 23, 2025
Cybersecurity.PH just released a new update! Check out the full report HERE. Philippines NBI clearance data claimed to be compromised Philippines arrests Chinese national for spying on critical infrastructure Cybersecurity Threat Landscape VPN credentials of 15,000 FortiGate appliances posted on dark-web forum Mustang Panda’s PlugX malware removed from 4,200 computers in the US Phishing-as-a-service “Sneaky …
January 9, 2025
Read the full report HERE. Philippines Chinese cyber threat actors targeting Philippine Executive Branch, stealing military data Cybersecurity Threat Landscape United States Treasury OFAC breached by Chinese threat-actors via third-party vendor 30+ Chrome plugins hacked, exposing millions of users to credential theft Tools released to abuse Windows server LDAP bug causes crashes and reboots Cybersecurity …
Read the full report here. Philippines and South East Asia Philippine Presidential Communications Office responding to fake news and misinformation Chinese threat actor hidden inside another Asian telecommunication network for four years Malaysia refuses to pay $10USD million ransom related to airport outages Cybersecurity Threat Landscape Oracle cloud compute data breach confirmed Threat actor claims …
Read the full report here. Cybersecurity Threat Landscape Multiple APT groups using Windows shortcut exploit with no Microsoft fix available Compromised GitHub Action leads to further GitHub Action compromises Authentic looking Adobe OAuth and DocuSign OAuth targeting Microsoft 365 accounts Cybersecurity Vulnerabilities Apache Tomcat remote code execution (CVSS 9.8) PHP remote code execution vulnerability exploited …
Read the full report here. Philippines and South East Asia Philippine Army confirms hack by threat-actor Exodus Security Chinese Lotus Panda threat-group targeting APAC organizations with Sagerunex variants Threat actors impersonating Taiwan Taxation authority to deploy malware Solo hacker responsible for 90x high-profile data leaks arrested in Thailand Cybersecurity Threat Landscape FBI confirms Lazarus threat-group …
Read the full report here. Philippines and South East Asia 7,000 people rescued from Myanmar scam-centres Google stops malicious apps with ‘AI-Powered Threat Detection’ and continuous scanning Cybersecurity Threat Landscape Threat actors tricking users into linking devices to access Signal, WhatsApp and Telegram messages China sponsored Salt Typhoon threat actors continue to breach telecom organizations …
Cybersecurity.PH recently published a report providing an in-depth analysis on the risks and vulnerabilities associated with AI technologies like DeepSeek. It explores various security concerns including browser-based tracking, user data collection, and the potential for AI model manipulation. While DeepSeek serves as the focal point, the report emphasizes that similar vulnerabilities exist across many AI …
Read the full report here. Artificial Intelligence AI Technologies Philippines and South East Asia China-linked threat actor “PlushDaemon” targets victims in South East Asia with malicious VPN installers Fake wedding invites, parcel delivery notifications, and government job offers used to spread Android malware Thai police arrest woman linked to $182m romance scam Cybersecurity Threat Landscape …
January 23, 2025
Cybersecurity.PH just released a new update! Check out the full report HERE. Philippines NBI clearance data claimed to be compromised Philippines arrests Chinese national for spying on critical infrastructure Cybersecurity Threat Landscape VPN credentials of 15,000 FortiGate appliances posted on dark-web forum Mustang Panda’s PlugX malware removed from 4,200 computers in the US Phishing-as-a-service “Sneaky …
January 9, 2025
Read the full report HERE. Philippines Chinese cyber threat actors targeting Philippine Executive Branch, stealing military data Cybersecurity Threat Landscape United States Treasury OFAC breached by Chinese threat-actors via third-party vendor 30+ Chrome plugins hacked, exposing millions of users to credential theft Tools released to abuse Windows server LDAP bug causes crashes and reboots Cybersecurity …
