Phishing tools like the Tycoon 2FA kit have declined in effectiveness, but they remain a threat in systems using outdated security frameworks. Cybercriminals now rely on more advanced phishing kits with improved automation, realistic login pages, and stronger evasion techniques, allowing them to quickly steal credentials and exploit accounts. These modern tools enable immediate attacks such as data theft, financial fraud, and account takeovers, often with minimal human effort

the country’s newest major player took home two prestigious titles, signaling its transition from a traditional telco to a regional "TechCo" powerhouse.

Malware that rewrites itself, 31Tbps attacks, and $2.5 million fines for 'weak doors', cybersecurity in 2026 isn't just evolving; it's accelerating. This week, we dive into the rise of 'Agentic AI' threats and why regulatory bodies are no longer waiting for a breach to happen before issuing massive penalties. Are your defenses ready for a synthetic coworker?

Exploitation activity tied to the critical React2Shell vulnerability has surged, with more than 1.4 million attack attempts observed in the past week since a Metasploit module became publicly available. Threat intelligence firm GreyNoise reports that attackers are not only deploying XMRig cryptocurrency miners on compromised systems but also establishing reverse shells, likely to gain interactive access rather than simply steal data. Two IP addresses alone were responsible fo

Australia is bolstering the Philippines' defenses by providing specialized drone training to 40 PCG personnel and ₱110M in assets. This initiative, focused on maritime surveillance, is part of a larger Strategic Partnership to fortify cyber resilience and shared security. The move reinforces the goal of securing both physical borders and the digital data transmitted from surveillance platforms.

A significant internal failure at Cloudflare on November 18 caused a global internet disruption, crashing services like ChatGPT, X, and Spotify. The root cause was an accidental configuration change in a ClickHouse database that overloaded the core proxy system. The incident exposes the critical fragility of the centralized digital infrastructure and the immense financial risks posed by a single point of failure.

AI firm Anthropic alleges a Chinese state-sponsored group used its Claude Code model to launch the first large-scale, autonomous cyber espionage campaign. The AI agent performed 80-90% of the hacking tasks—including writing exploits and exfiltrating data—targeting 30 global entities in finance and government. The incident highlights a critical shift: AI is now executing, not just advising, cyberattacks.

China has accused foreign hackers of escalating cyberattacks, issuing a major alert that flags ten malicious websites and IP addresses across the US, Germany, Korea, and Brazil. The national cybersecurity center alleges these overseas sites are being used to build botnets and perform backdoor exploitation against China's networked institutions, forcing the government to strengthen its internal security and demand international cooperation.

GCash is officially cleared! The National Privacy Commission (NPC) concluded its investigation into the highly publicized data breach claims, finding no evidence that a system breach occurred within the e-wallet platform. The NPC confirmed the public dataset circulating online was inconsistent with GCash's actual records, closing the case and providing reassurance to millions of users.

Japan's new Prime Minister, Sanae Takaichi, announced a major push to build a "Cyber-AI Shield" for ASEAN at the Kuala Lumpur Summit. The alliance focuses on fortifying regional cybersecurity and AI capacity against escalating state-sponsored threats and organized cybercrime. This strategic move aligns with Japan's FOIP vision, using digital resilience to counter-balance rising geopolitical tensions in the Indo-Pacific. The core strategy is developing shared AI governance and