Google Introduces Digital Signatures to Defend Against Quantum Computer Attacks in Cloud KMS

75/68 Tuesday, February 25, 2025 Google Cloud has announced the launch of digital signatures designed to protect against quantum computer attacks within its Cloud Key Management Service (Cloud KMS), now available for trial. This initiative is part of Google’s effort to prepare for future threats, as quantum computers may potentially break traditional encryption methods. The […]

ThaiCERT

February 25, 2025

Lazarus APT Hacker Group Steals $1.5 Billion from Bybit, Becoming the Largest Crypto Heist in History

74/68 Monday, February 24, 2025 The crypto exchange platform Bybit experienced the largest hack in history, with hackers stealing over $1.5 billion worth of cryptocurrency from the company’s cold wallets. The hackers used a technique to spoof the signing interface, redirecting transactions to untraceable addresses. This incident surpasses previous major hacks such as Ronin Network […]

ThaiCERT

February 24, 2025

Ghost Ransomware Attacks Victims in 70 Countries, Urging Organizations Worldwide to Update Their Systems

73/68 Monday, February 24, 2025 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about Ghost Ransomware, a ransomware group linked to China that is rapidly spreading across more than 70 countries worldwide. This group is notable for its ability to escalate from initial network access to a full-scale attack within just […]

ThaiCERT

February 24, 2025

OpenSSH Vulnerabilities Expose Systems to Man-in-the-Middle and DoS Attacks

72/68 Friday, February 21, 2025 Researchers from the Qualys Threat Research Unit (TRU) have discovered two vulnerabilities in OpenSSH that could allow attackers to exploit systems through Man-in-the-Middle (MitM) and Denial-of-Service (DoS) attacks. The first vulnerability, CVE-2025-26465 (CVSS 6.8), affects the OpenSSH Client, enabling attackers to intercept SSH connections, leading to MitM attacks, which pose […]

ThaiCERT

February 21, 2025

Critical Vulnerability in Jupiter X Core Plugin on WordPress Poses Remote Attack Risk

71/68 Friday, February 21, 2025 Security researchers from Wordfence have disclosed a critical vulnerability (CVE-2025-0366) in the Jupiter X Core plugin, which is used on over 90,000 websites. The vulnerability was discovered on January 6, 2025, and has been assigned a severity score of 8.8 out of 10 based on the CVSS standard. This flaw […]

ThaiCERT

February 21, 2025

Juniper Networks Releases Patch for Session Smart Router Vulnerability

70/68 Thursday, February 20, 2025 Juniper Networks has released a patch to address a critical vulnerability, CVE-2025-21589, which has been assigned a CVSS severity score of 9.8. This vulnerability allows attackers to bypass authentication processes and gain control over affected devices. It impacts Session Smart Router, Session Smart Conductor, and WAN Assurance Managed Routers across […]

ThaiCERT

February 20, 2025

Alert! New Variant of Snake Keylogger Malware Spreading Across Asia and Europe

69/68 Thursday, February 20, 2025 Security researchers from Fortinet have issued a warning about the spread of a new variant of the Snake Keylogger malware, which is actively targeting Windows users in Asia and Europe. The latest version of this malware leverages AutoIt scripting language to install itself while enhancing its ability to evade antivirus […]

ThaiCERT

February 20, 2025

Vulnerability in Xerox VersaLink Printers Could Enable Lateral Movement Attacks

68/68 Wednesday, February 19, 2025 Security researchers at Rapid7 have discovered vulnerabilities in Xerox VersaLink multifunction printers, identified as CVE-2024-12510 and CVE-2024-12511. These flaws affect VersaLink C7020, C7025, and C7030 models and allow attackers to exploit a pass-back attack to steal authentication credentials used in LDAP and SMB/FTP protocols. The issue arises from the ability […]

ThaiCERT

February 19, 2025

South Korea Temporarily Suspends DeepSeek App Downloads Over Data Protection Concerns

67/68 Wednesday, February 19, 2025 South Korea’s Personal Information Protection Commission (PIPC) has announced a temporary suspension of downloads for the Chinese AI chatbot app DeepSeek starting February 15, 2025. The suspension will remain in place until the app provider ensures compliance with the country’s data protection regulations. However, the DeepSeek website remains accessible and […]

ThaiCERT

February 19, 2025

New Backdoor Malware Uses Telegram Bot API for Remote Control

66/68 Tuesday, February 18, 2025 Security researchers from Netskope Threat Labs have discovered a new backdoor malware written in Golang, which uses the Telegram Bot API as a communication channel between attackers and the malware. This allows attackers to easily send commands and receive data directly through Telegram chats. Researchers believe the malware may have […]

ThaiCERT

February 18, 2025
1 2 3 19