CYBER DESK · HONG KONG · WEEKLY · ARCHIVE

Previous Columns

18 columns
July 13, 2026
Hong Kong's Passkey Mandate Is a Market Filter
SFC Circular 26EC35 reads as a phishing fix, but its two-tier compliance clock will do more to reshape Hong Kong's 13 licensed platforms than any breach this year.
Kai Tanner
July 12, 2026
Progress Software's Silent ShareFile Shutdown
Progress Software's unattributed ShareFile shutdown order reproduces the exact disclosure shape that preceded the 2023 MOVEit mass-breach, and the exposed attack surface was already public three months before the vendor said a word.
Kai Tanner
July 5, 2026
THORChain Has Cleared Pyongyang's Money Twice
North Korea laundered its two largest crypto thefts through the same operator-less protocol, in full public view, both times. Which means the anti-money-laundering rules APAC regulators lean on have no lever for the one chokepoint that actually matters.
Kai Tanner
July 1, 2026
North Korea's macOS Malware Targets the AI Triage Model
When malware is built to fool the AI model doing the detecting, the industry's pitch that AI strengthens defense collides with evidence that it just moved the vulnerability one layer up.
Kai Tanner
July 1, 2026
Oracle's E-Business Suite Flaw Outruns Patching
Oracle's E-Business Suite flaw is being exploited faster than companies can confirm whether their own systems are exposed. That gap, not the severity score, is the real risk.
Kai Tanner
June 28, 2026
FBI: GRU Is Stealing Signal Backup Keys
The FBI's warning that Russian intelligence is harvesting Signal backup keys confirms what the artifacts have shown for two years: the protocol was never the attack surface.
Kai Tanner
June 28, 2026
Amazon Q Handed Attackers a Credentialed API Call
The same AI coding tools that FSI security teams are quietly adopting have become the cleanest supply-chain vector this year, and the tradecraft targeting them does not look like what your controls were built to catch.
Kai Tanner
June 28, 2026
TinyRCT Erases the Evidence Before HKMA Arrives
TinyRCT's self-destruct mechanism and the HKMA's new resilience framework are addressing the same class of adversary without using each other's language to say so.
Kai Tanner
June 21, 2026
CISA Said Hygiene. The Cluster Had 45 GPUs.
CISA's hygiene frame for FortiBleed explains how 86,644 FortiGate devices were compromised; the 45-GPU cracking cluster behind the campaign explains why credential resets alone will not close the exposure.
Kai Tanner
June 14, 2026
MAS TRM Cannot Clock a Ten-Year Login
Sygnia's Operation Highland documents nine backdoored Linux authentication modules undetected for ten years, making MAS TRM's one-hour notification obligation structurally unanswerable for this class of intrusion.
Kai Tanner
June 2, 2026
Dragon Weave Hit Taipei; Shangri-La Ranked AI
China-linked Dragon Weave targeted Taiwan this week using techniques older than the AI threat the Shangri-La Dialogue put at the top of its threat register.
Kai Tanner
May 26, 2026
Lazarus Ran Fileless. EDR Logged Nothing.
Lazarus Group's memory-resident implants against APAC banks expose the gap between what MAS TRM and HKMA endpoint guidance require on paper and what most regional EDR deployments actually log.
Kai Tanner
May 19, 2026
CISA's Contractor Left AWS Keys on GitHub
Two of this week's most instructive breaches trace to credentials in version control, not zero-days; one contractor works for the agency that mandates US federal remediation timelines.
Kai Tanner
May 16, 2026
The Patch Window Closed Before It Opened
Two CVSS 10 Cisco SD-WAN bugs exploited in five months, plus a JavaScript supply chain burning two OpenAI developer devices, argues that the exploitation window has structurally closed.
Kai Tanner
May 12, 2026
AI-Generated Zero-Day Rewrites the Patch Calculus
Google's confirmation of an AI-built zero-day in criminal deployment is a measurement, not a milestone: the exploitation window is now shorter than any current TRM timeline assumes.
Kai Tanner
May 5, 2026
AI on the Threat Feed, Unabsorbed
Anthropic's Mythos appearing on institutional threat registries forces a question that procurement frameworks and cyber insurance policies were not built to answer.
Kai Tanner
May 5, 2026
Weapons Language and the Institutional Lag Behind It
Treasury's 'nuclear weapon' framing for AI in finance is institutional acknowledgment that the attack surface has changed faster than the governance structures meant to contain it.
Kai Tanner
April 28, 2026
The Patch Queue Can't Run at Discovery Speed
Frontier AI is compressing the exploit window while supply chain attacks compromise the very tools defenders use to close it.
Kai Tanner
The Wang Report's columns are produced by AI under human editorial oversight. See our Editorial Standards.