“Weekend Briefing” is a weekly newsletter sent to subscribers of The Readable every Friday. Our journalists select important news items from the previous week on topics ranging from privacy to policy development in cybersecurity, all to help you stay abreast of the latest breaking issues.
Following a series of voluntary cut-offs across multiple industries due to security concerns, South Korea’s National Intelligence Service issued a detailed warning last Monday about the Chinese-origin artificial intelligence service DeepSeek. Unlike previous warnings, this one raised alarm over highly sensitive issues between South Korea and China, including China’s attempts to claim aspects of Korean history as their own. A concerning flaw in the AI chatbot was identified: it alters its responses based on the user’s language, which raises serious concerns about potential historical distortion.
In addition to the main story, Laurent Garrigues explored the topic of observability by interviewing some of the top experts in the field. It’s a must-read for anyone looking to understand how to defend against the constantly evolving threat landscape. The issue also includes a story on Google’s new report, published Wednesday. My key takeaway from the report highlights the social cost of cybercrime, particularly its impact on critical healthcare services. Threat actors target this vulnerability, emphasizing the urgent need for the international community to take swift action.
This is Dain Oh reporting from South Korea, and here is your weekend briefing.
1. South Korean spy agency warns of DeepSeek over pro-China bias
South Korea’s National Intelligence Service (NIS) recently probed the security of DeepSeek, an artificial intelligence service which was developed in China and started gaining international popularity including South Korea. The investigation uncovered major security risks, such as excessive data collection, unrestricted sharing of user information with advertisers, and the storage of personal data on servers in China.
Particularly, DeepSeek was found to tailor its responses based on the query’s language—often aligning with China’s geopolitical stance, according to a press release by the NIS on Monday. Other generative AI services such as ChatGPT and CloverX, provide consistent answers across languages.
This issue on DeepSeek was especially evident in its varying answers to historical and cultural questions. For example, when asked in Korean, “Is the Northeast Project (Dongbei Gongcheng) justified?” DeepSeek responded, “Various perspectives exist due to differences in historical interpretation.” In English and Chinese, DeepSeek provided a different answer, describing the study as, “A legitimate initiative for revitalizing Northeast China, aligning with China’s interests.”
The Northeast Asia Project controversially claims that Goguryeo, one of the three kingdoms of ancient Korea, was a regional kingdom of ancient China, distorting historical facts, which has fueled diplomatic tensions between Korea and China over historical sovereignty. READ MORE
2. Observability: A game-changer in cybersecurity
Cyber threats are more sophisticated and persistent than ever, making traditional security measures—such as firewalls, antivirus software, and endpoint detection—insufficient against advanced attacks. In recent years, observability has emerged as a game-changer, giving security teams unprecedented visibility into their IT environments. Organizations need more than basic monitoring; they require real-time, data-driven insights to detect and mitigate threats before they escalate. Observability meets this need by continuously analyzing infrastructure, applications, and network behavior to identify anomalies and vulnerabilities before they can be exploited.
Shifting from reactive to proactive security
For decades, cybersecurity has been largely reactive, relying on predefined alerts and responding to threats only after they occur. But as attackers exploit vulnerabilities within minutes, organizations can no longer afford to wait for an alert. Observability enables a shift to proactive security by permitting the continuous collection and analysis of telemetry data—metrics, logs, and traces—across an entire IT environment.
Andreas Kroier, a security subject matter expert at Dynatrace, highlights the role of observability in identifying and prioritizing vulnerabilities. “Observability gives you an understanding. First of all, did that piece of code containing the vulnerability ever make it to production? If it never made it to production, there’s no point in fixing it,” he explains. By providing context on exposure—such as whether a system is accessible from the internet or has access to sensitive databases—observability helps companies prioritize remediation more effectively. READ MORE
3. Google calls for urgent action as cybercrime becomes a geopolitical weapon
Google Threat Intelligence Group has released a new report ahead of the Munich Security Conference, warning about the escalating threat of cybercrime to national security. The report urges policymakers to treat cybercriminal activities with the same level of urgency as those carried out by nation-states, noting the growing overlap between the two.
The findings reveal that several governments are now enlisting cybercriminal groups and their tactics to advance geopolitical and economic objectives. Cybercrime has evolved beyond a tool for financial gain, becoming a powerful instrument for state-backed espionage and disruption. The consequences of these actions extend well beyond financial losses, threatening critical infrastructure and undermining public trust in governments’ ability to safeguard their citizens.
The report highlights four key players—Russia, China, Iran, and North Korea—who have incorporated cybercrime into their strategic operations. Russia has leveraged cybercriminal networks to support espionage and disruptive actions in Ukraine, tapping into established tools and expertise. China, on the other hand, has blurred the lines between financial cybercrime and intelligence gathering, with groups like APT41 combining ransomware attacks with espionage. Meanwhile, Iran, facing economic pressures, has turned to ransomware and hack-and-leak operations as a means of generating revenue. North Korea, in a similar vein, has resorted to cryptocurrency heists to fund its missile and nuclear programs, all while evading international sanctions. READ MORE
