ThaiCERT

451/68 Friday, November 7, 2025 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added vulnerabilities affecting Gladinet CentreStack / Triofox and CWP Control Web Panel to its Known Exploited Vulnerabilities (KEV) catalog. CentreStack and Triofox are enterprise solutions for Enterprise File Sharing and hybrid cloud storage, enabling secure access to file servers and SMB/NFS […]

450/68 Friday, November 7, 2025 After seven months of inactivity, the Gootloader malware operation has returned, continuing to use SEO poisoning to manipulate search engine results and promote fake websites that lure users into downloading documents. These sites typically impersonate platforms offering free legal templates or contract forms. When victims search for such documents and […]

449/68 Thursday, November 6, 2025 Cybersecurity researchers have disclosed four vulnerabilities in Microsoft Teams that could allow attackers to impersonate coworkers, edit messages without being detected, and trick victims into believing that messages come from executives or trusted individuals. The issues were reported to Microsoft in March 2024, with partial fixes released in August 2024 […]

448/68 Thursday, November 6, 2025 Google has released the November 2025 Android security update, addressing two significant vulnerabilities in the System component. One of the flaws is classified as critical, as it could enable Remote Code Execution (RCE) without requiring additional privileges or user interaction. These fixes are included in the Android security patch level […]

447/68 Thursday, November 6, 2025 Google has expanded the capabilities of Chrome’s Autofill feature to store and automatically enter more sensitive personal information, including driver’s license details, passport information, and even vehicle identification numbers (VINs). The goal is to make online form-filling faster and more convenient. Google states that the upgrade includes stronger privacy protections […]

446/68 Wednesday, November 5, 2025 Cybersecurity researchers are warning that cybercriminals are abusing Remote Monitoring and Management (RMM) tools such as ScreenConnect, SimpleHelp, PDQ Connect, and LogMeIn Resolve to infiltrate transportation carriers and freight brokerage companies. Attackers install remote-control software through malicious links or phishing emails, take over employee accounts, and gain access to shipment […]

445/68 Wednesday, November 5, 2025 Balancer Protocol, a decentralized finance (DeFi) platform built on the Ethereum blockchain, disclosed that it was exploited through a vulnerability in its Balancer v2 Pools, resulting in losses exceeding $128 million USD (approximately 4.7 billion THB). Balancer operates as an Automated Market Maker (AMM) and liquidity infrastructure platform, allowing users […]

444/68 Wednesday, November 5, 2025 Cybersecurity researchers have issued a warning about a new malicious extension on the Open VSX registry called “SleepyDuck.” The extension, published under the name juan-bianco.solidity-vlang (version 0.0.8), contains a hidden Remote Access Trojan (RAT). According to Secure Annex, the extension first appeared in version 0.0.7 on October 31, 2025, as […]

443/68 Tuesday, November 4, 2025 A cybersecurity student researcher has revealed that the University of Pennsylvania (Penn) was the target of a cyberattack, with the hacker group claiming to have stolen data on more than 1.2 million donors, along with internal university documents. The incident surfaced after numerous alumni and students received emails from the […]

442/68 Tuesday, November 4, 2025 The Australian Signals Directorate (ASD) has issued a warning about ongoing cyberattacks exploiting the vulnerability CVE-2023-20198 in Cisco IOS XE devices. Attackers are using the flaw to implant a malicious webshell known as BadCandy, which gives them administrator-level control over the device. The vulnerability carries the highest severity rating, CVSS […]