ThaiCERT

02/69 Monday, January 5, 2026 Covenant Health, a U.S.-based healthcare organization, disclosed that it suffered a ransomware cyberattack in May 2025, resulting in the unauthorized access to personal and health information of more than 478,000 individuals. Covenant Health provides medical services through hospitals and healthcare facilities across several states, including Massachusetts, Maine, New Hampshire, Pennsylvania, […]

01/69 Monday, January 5, 2026 Recent data from Shadowserver reveals that more than 10,000 Fortinet firewall devices remain exposed to the internet without having applied critical security patches and are actively at risk of exploitation via CVE-2020-12812, a severe vulnerability first disclosed in 2020. Statistics indicate that Asia is the most affected region, with over […]

557/68 Tuesday, December 30, 2025 Emurasoft, the developer of the text and code editor EmEditor, has issued a security warning after discovering a supply chain attack in which attackers modified the “Download Now” button link on the official website. As a result, users who downloaded the software between December 19 at 09:39 and December 22 […]

556/68 Tuesday, December 30, 2025 Blockchain intelligence firm TRM Labs has revealed that vault backups stolen during the 2022 LastPass data breach are still being actively cracked, enabling ongoing cryptocurrency theft through 2025, particularly in cases where users set weak or insufficiently complex master passwords. This incident highlights how a single data breach can create […]

555/68 Tuesday, December 30, 2025 A hacker using the alias “Lovely” has published a database containing more than 2.3 million user records from WIRED[.]com on an underground hacker forum. Verification confirms that the leaked data is authentic and includes over 2.3 million email addresses along with subscriber identification details. Approximately 12% of the records contain […]

554/68 Monday, December 29, 2025 Cybersecurity researchers have identified a malicious NPM package named “Lotusbail”, which has been downloaded more than 56,000 times. The package masquerades as a WhatsApp Web API library built on top of Baileys. While it functions normally for sending and receiving messages, it secretly embeds capabilities to intercept sensitive user data, […]

553/68 Monday, December 29, 2025 A serious security vulnerability has been identified in MongoDB, tracked as CVE-2025-14847, with a CVSS score of 8.7. The flaw could allow unauthenticated remote attackers to read uninitialized heap memory from a MongoDB server. The issue stems from inconsistent handling of the length parameter in MongoDB’s Zlib-based network compression protocol, […]

552/68 Monday, December 29, 2025 Researchers from Kaspersky have disclosed the discovery of a highly sophisticated cyber-espionage campaign conducted by an advanced persistent threat (APT) group known as “Evasive Panda” (also referred to as Bronze Highland or StormBamboo), which has been linked to China. The operation took place between November 2022 and 2024, targeting victims […]

551/68 Friday, December 26, 2025 Fortinet has issued a security warning after detecting active exploitation of CVE-2020-12812 affecting FortiOS SSL VPN, a vulnerability that allows attackers to bypass two-factor authentication (2FA) by simply altering the letter casing of the username during login. For example, logging in as “Admin” instead of “admin” may allow access without […]

550/68 Friday, December 26, 2025 The Federal Bureau of Investigation (FBI) has seized the domain web3adspanels[.]org, along with its associated databases, after determining that it was being used as infrastructure to collect and manage stolen banking usernames and passwords from victims in the United States. The domain functioned as a backend web panel for cybercriminals, […]