Google Patches First Chrome Zero-Day Vulnerability of the Year

122/68 Friday, March 28, 2025 Google has addressed the first zero-day vulnerability of the year in Chrome for Windows, which was actively exploited in attacks targeting organizations in Russia. Tracked as CVE-2025-2783, the vulnerability stems from improper handle management in Mojo, the IPC (Inter-Process Communication) system used in Chromium-based browsers. The issue was discovered and […]

ThaiCERT

March 28, 2025

UK Fines Software Provider £3.07 Million Over Ransomware Data Breach Impacting NHS Patients

121/68 Friday, March 28, 2025 The UK Information Commissioner’s Office (ICO) has fined Advanced Computer Software Group Ltd £3.07 million (approximately 135 million baht) following a ransomware attack in 2022 that resulted in the personal data of 79,404 individuals, including NHS patients, being compromised. The breach severely impacted several healthcare services, including the NHS 111 […]

ThaiCERT

March 28, 2025

Astral Foods Loses Over $1 Million to Cyberattack Disrupting Production and Delivery

120/68 Thursday, March 27, 2025 Astral Foods, South Africa’s largest poultry producer, disclosed that it suffered a cyberattack on March 16, 2025, which temporarily disrupted operations in its Poultry Division, including production and delivery. The incident caused the company to incur financial losses exceeding 20 million South African Rand (approximately $1 million USD). The company […]

ThaiCERT

March 27, 2025

Hackers Exploit Microsoft’s .NET MAUI to Spread Android Malware

119/68 Thursday, March 27, 2025 Researchers from McAfee Labs have revealed that cybercriminals are abusing Microsoft’s .NET MAUI (Multi-platform App UI) framework to distribute Android malware capable of operating across platforms. Originally designed by Microsoft to replace Xamarin and expand beyond mobile platforms, .NET MAUI is now being misused to embed malicious code into seemingly […]

ThaiCERT

March 27, 2025

Cyberattack Disrupts Ukrainian Railway’s Online Ticketing System, Impacting Passengers Nationwide

118/68 Wednesday, March 26, 2025 Ukrzaliznytsia, Ukraine’s national railway operator, has been hit by a large-scale cyberattack that brought down its online ticketing system, affecting both mobile apps and the official website. The disruption forced a surge of passengers to physical ticket counters, causing overcrowding, delays, and widespread frustration among travelers across the country. Despite […]

ThaiCERT

March 26, 2025

Cloak Ransomware Attacks Virginia Attorney General’s Office

116/68 Tuesday, March 25, 2025 The Cloak ransomware group has claimed responsibility for a cyberattack targeting the Virginia Attorney General’s Office in February 2025. The incident forced the agency to shut down its IT systems, including email and VPN, and temporarily revert to paper-based operations. The breach was reported to the FBI, state police, and […]

ThaiCERT

March 25, 2025

Cloudflare Disables HTTP Connections, Enforces HTTPS-Only Access for Enhanced Security

115/68 Tuesday, March 25, 2025 Cloudflare, a leading network and security provider, has officially disabled all HTTP connections to api.cloudflare[.]com, enforcing HTTPS-only access to improve data security. This move aims to eliminate the risk of sensitive data exposure—such as API keys or tokens—over unsecured channels, especially on public networks vulnerable to Man-in-the-Middle (MitM) attacks. While […]

ThaiCERT

March 25, 2025

Exploits Detected Targeting Vulnerabilities in Cisco Smart Licensing Utility

114/68 Monday, March 24, 2025 Cybersecurity experts have issued warnings following the discovery of active attacks exploiting two newly disclosed vulnerabilities in Cisco Smart Licensing Utility—CVE-2024-20439 and CVE-2024-20440. Both flaws, recently patched by Cisco, are rated Critical with a CVSS score of 9.8. Details of the Vulnerabilities: Although Cisco has released software updates to address […]

ThaiCERT

March 24, 2025

Warning! Hackers Use Fake Chatbots to Steal Instagram Business Accounts

113/68 Monday, March 24, 2025 A new phishing scheme is targeting Instagram business accounts by using fake chatbots and spoofed support emails to trick users into handing over their login credentials. According to the Cofense Phishing Defense Center, the attack begins with a fake notification email claiming that a user’s ad has been suspended due […]

ThaiCERT

March 24, 2025
1 2 20