Microsoft Warns of Critical Vulnerability in Canon Printer Drivers Allowing Code Execution

130/68 Thursday, April 3, 2025 Microsoft’s MORSE (Microsoft Offensive Research and Security Engineering) team has discovered a critical vulnerability, tracked as CVE-2025-1268 (CVSS 9.4), affecting Canon printer drivers. The vulnerability is classified as an out-of-bounds issue that impacts various printer driver models, including those for production printers, office/small office multifunction printers, and laser printers—particularly during […]

ThaiCERT

April 3, 2025

Over 1,500 PostgreSQL Servers Compromised in Fileless Cryptocurrency Mining Campaign

129/68 Thursday, April 3, 2025 Cybersecurity researchers at Wiz have uncovered an ongoing campaign targeting externally accessible PostgreSQL servers, exploiting weak or easily guessable credentials to deploy fileless cryptocurrency mining malware. One of the key payloads used in this campaign is a malware strain called PG_MEM, which was first detected by Aqua Security in August […]

ThaiCERT

April 3, 2025

CISA Adds Cisco Smart Licensing Utility Flaws to Known Exploited Vulnerabilities Catalog

128/68 Wednesday, April 2, 2025 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two high-severity vulnerabilities in Cisco Smart Licensing Utility to its Known Exploited Vulnerabilities (KEV) Catalog: Although there was no evidence of active exploitation initially, once vulnerability details were published by researcher Nicholas Starke, associated attack activity began to surface. The […]

ThaiCERT

April 2, 2025

‘Lucid’ Phishing Platform Behind Global SMS Attacks on iOS and Android

127/68 Wednesday, April 2, 2025 Researchers at Prodaft have uncovered that Lucid, a Phishing-as-a-Service (PhaaS) platform operated by the Chinese cybercriminal group XinXin, is behind a wave of targeted SMS phishing attacks affecting 169 victims across 88 countries. Lucid provides Telegram-registered members with access to automated phishing site generators, over 1,000 domains, and fake messaging […]

ThaiCERT

April 2, 2025

CISA Warns of RESURGE Malware Exploiting Ivanti Connect Secure Vulnerability

126/68 Tuesday, April 1, 2025 The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a new malware strain named RESURGE, which is actively exploiting CVE-2025-0282, a vulnerability in Ivanti Connect Secure (ICS) appliances. In a recently published Malware Analysis Report (MAR), CISA highlights that RESURGE exhibits behaviors similar to SPAWNCHIMERA malware, but […]

ThaiCERT

April 1, 2025

Crocodilus Banking Trojan Targets Android Users to Steal Financial and Crypto Wallet Data

125/68 Tuesday, April 1, 2025 Cybersecurity researchers at ThreatFabric have discovered a new Android banking trojan named Crocodilus, which is actively targeting users in Spain and Turkey. Designed to take full control of infected devices, the malware leverages advanced techniques such as remote access, screen recording, and overlay attacks to steal user credentials. Crocodilus disguises […]

ThaiCERT

April 1, 2025

New Phishing-as-a-Service Platform ‘Morphing Meerkat’ Mimics Login Pages for Over 114 Brands

123/68 Monday, March 31, 2025 Cybersecurity researchers have uncovered a new Phishing-as-a-Service (PhaaS) platform called Morphing Meerkat, capable of spoofing login pages for over 114 well-known brands. This tool dynamically generates fake login pages based on a target’s email provider, determined by querying DNS MX records—for example, Gmail, Outlook, or Yahoo—ensuring the phishing page matches […]

ThaiCERT

March 31, 2025

Google Patches First Chrome Zero-Day Vulnerability of the Year

122/68 Friday, March 28, 2025 Google has addressed the first zero-day vulnerability of the year in Chrome for Windows, which was actively exploited in attacks targeting organizations in Russia. Tracked as CVE-2025-2783, the vulnerability stems from improper handle management in Mojo, the IPC (Inter-Process Communication) system used in Chromium-based browsers. The issue was discovered and […]

ThaiCERT

March 28, 2025

UK Fines Software Provider £3.07 Million Over Ransomware Data Breach Impacting NHS Patients

121/68 Friday, March 28, 2025 The UK Information Commissioner’s Office (ICO) has fined Advanced Computer Software Group Ltd £3.07 million (approximately 135 million baht) following a ransomware attack in 2022 that resulted in the personal data of 79,404 individuals, including NHS patients, being compromised. The breach severely impacted several healthcare services, including the NHS 111 […]

ThaiCERT

March 28, 2025
1 2 23