Full View

Recent issues surrounding OpenClaw can be summarized in one sentence: locally running executable agents are becoming a new attack surface.  According to OpenClaw’s official security documentation, this agent can perform arbitrary shell command execution, file read and write operations, network service access, and message sending  depending on configuration. In other words, it goes far beyond a typical chatbot and is closer to an executable tool that actually connects and oper

"Developer tools interact directly with sensitive resources and operational systems, which means weaknesses within those tools can become meaningful entry points for attackers". Several widely used Visual Studio Code extensions have recently been associated with security vulnerabilities that may impact developer workstations. Unlike typical security issues that affect production servers or exposed infrastructure, these vulnerabilities highlight a different risk: the developme

PAGO Networks was recognized at the Great Place to Work Korea Awards, joining leading companies acknowledged for building strong organizational cultures grounded in trust. The Great Place to Work Institute evaluates companies across more than 150 countries using a consistent framework. The assessment focuses on trust in leadership, pride in work, fairness, camaraderie, and credibility. It goes beyond surface level programs and looks at how culture functions in practice. This

PAGO Networks CEO Paul Kwon’s New Year interview has been published in ZDNet Korea , where he discusses major shifts in the MDR market and outlines the company’s operational priorities and strategic direction for the year ahead. Key points from the interview include: 2026 will distinguish real MDR from fake MDR : Services limited to monitoring and alert forwarding will no longer meet market expectations. Organizations increasingly require execution centered MDR models that pr

Phishing has long been treated as a communication problem. Attackers send deceptive messages, employees make mistakes, and organizations respond with filtering controls and awareness programs. Despite sustained investment in both technical defenses and user training, phishing remains one of the most consistent initial access vectors in reported cyber incidents. The FBI Internet Crime Complaint Center continues to rank phishing and business email compromise among the highest c

A critical Remote Code Execution vulnerability has been discovered in the Metro Development Server used in React Native development environments, and recent attack activity has been observed exploiting this flaw to distribute malicious payloads. The vulnerability, tracked as CVE-2025-11953 and referred to as Metro4Shell, originates from an OS Command Injection issue in the /open-url endpoint, which is provided for development convenience. This issue is particularly noteworthy

The average cost of a data breach in 2025 is about $4.44 million. Forrester projects that global cybersecurity investment will grow at double digit rates through the coming years, rising from roughly $155 billion in 2024 to nearly $175 billion in 2025 and continuing upward toward $300 billion by the end of the decade.  At the same time, the latest data from IBM and other industry trackers shows that the average cost of a data breach in 2025 is about $4.44 million. That figure

Every year the same question shows up in cybersecurity discussions. What attacks should we expect next year? Which threats are growing? What the data is telling us? But it is worth asking whether this is even the right question. For years, cybersecurity conversations have focused on how advanced attacks are becoming. New techniques, new tools, more automation on the attacker side. That story is familiar and partly true. But recent incident data points to something more uncomf

PAGO Networks has been recognized in the 2025 MSSP Alert Top 250 , earning a place among the world’s most trusted managed security service providers. The list, released by MSSP Alert on December 15th, highlights organizations that demonstrate sustained growth, operational maturity, and the ability to deliver real security outcomes at scale. This recognition is meaningful not because of the number itself, but because of what it validates. It reflects global acknowledgment of

Recent security incidents in Korea reveal a repeating pattern that shows attackers understand the operational realities of Korean enterprises better than many organizations anticipate. Recognizing this pattern is the 1st step toward strengthening defense and reducing the time between initial compromise and effective response. 1. Identity is the new entry point Attackers rarely begin with brute force when more effective options exist. They start by acquiring valid credentials

By Reporter Jaehak Cho 2jh@etnews.com PAGO Networks, a leading provider of 24/7 Managed Detection and Response services , announced new plans to expand its next generation SOC model while strengthening its people-first operational philosophy. The company shared that its employee engagement programs and work environment improvements are directly connected to stronger customer protection and higher quality threat detection. CEO Paul Kwon highlighted that clients often comment o

Modern organizations rely on web applications for everything from customer portals to internal operations. This dependence also makes them one of the main targets for cyberattacks. Regular penetration testing is now the foundation for maintaining trust, protecting data, and ensuring the resilience of digital services. Nowadays, developers work under pressure to release features fast, and even with security reviews, small oversights can slip through. Penetration testing expose