ThaiCERT

130/68 Thursday, April 3, 2025 Microsoft’s MORSE (Microsoft Offensive Research and Security Engineering) team has discovered a critical vulnerability, tracked as CVE-2025-1268 (CVSS 9.4), affecting Canon printer drivers. The vulnerability is classified as an out-of-bounds issue that impacts various printer driver models, including those for production printers, office/small office multifunction printers, and laser printers—particularly during […]

129/68 Thursday, April 3, 2025 Cybersecurity researchers at Wiz have uncovered an ongoing campaign targeting externally accessible PostgreSQL servers, exploiting weak or easily guessable credentials to deploy fileless cryptocurrency mining malware. One of the key payloads used in this campaign is a malware strain called PG_MEM, which was first detected by Aqua Security in August […]

128/68 Wednesday, April 2, 2025 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two high-severity vulnerabilities in Cisco Smart Licensing Utility to its Known Exploited Vulnerabilities (KEV) Catalog: Although there was no evidence of active exploitation initially, once vulnerability details were published by researcher Nicholas Starke, associated attack activity began to surface. The […]

127/68 Wednesday, April 2, 2025 Researchers at Prodaft have uncovered that Lucid, a Phishing-as-a-Service (PhaaS) platform operated by the Chinese cybercriminal group XinXin, is behind a wave of targeted SMS phishing attacks affecting 169 victims across 88 countries. Lucid provides Telegram-registered members with access to automated phishing site generators, over 1,000 domains, and fake messaging […]

126/68 Tuesday, April 1, 2025 The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a new malware strain named RESURGE, which is actively exploiting CVE-2025-0282, a vulnerability in Ivanti Connect Secure (ICS) appliances. In a recently published Malware Analysis Report (MAR), CISA highlights that RESURGE exhibits behaviors similar to SPAWNCHIMERA malware, but […]

125/68 Tuesday, April 1, 2025 Cybersecurity researchers at ThreatFabric have discovered a new Android banking trojan named Crocodilus, which is actively targeting users in Spain and Turkey. Designed to take full control of infected devices, the malware leverages advanced techniques such as remote access, screen recording, and overlay attacks to steal user credentials. Crocodilus disguises […]

124/68 Monday, March 31, 2025 The U.S. Department of Justice (DOJ) and the FBI have seized $8.2 million in USDT connected to a romance baiting scam, also known as a pig butchering scheme. This form of fraud involves building fake romantic relationships through dating apps or social media to trick victims into transferring funds into […]

123/68 Monday, March 31, 2025 Cybersecurity researchers have uncovered a new Phishing-as-a-Service (PhaaS) platform called Morphing Meerkat, capable of spoofing login pages for over 114 well-known brands. This tool dynamically generates fake login pages based on a target’s email provider, determined by querying DNS MX records—for example, Gmail, Outlook, or Yahoo—ensuring the phishing page matches […]

122/68 Friday, March 28, 2025 Google has addressed the first zero-day vulnerability of the year in Chrome for Windows, which was actively exploited in attacks targeting organizations in Russia. Tracked as CVE-2025-2783, the vulnerability stems from improper handle management in Mojo, the IPC (Inter-Process Communication) system used in Chromium-based browsers. The issue was discovered and […]

121/68 Friday, March 28, 2025 The UK Information Commissioner’s Office (ICO) has fined Advanced Computer Software Group Ltd £3.07 million (approximately 135 million baht) following a ransomware attack in 2022 that resulted in the personal data of 79,404 individuals, including NHS patients, being compromised. The breach severely impacted several healthcare services, including the NHS 111 […]