ThaiCERT

485/68 Monday, November 24, 2025 Security researchers are warning about a long-running cyber-espionage campaign-active for nearly three years-that leverages supply-chain attacks and multiple infection techniques to distribute the “BadAudio” malware to a wide range of targets. The attackers spread the malware through website compromises, embedding malicious code into files from partner companies, and highly targeted […]

484/68 Monday, November 24, 2025 SolarWinds has released a security update addressing three critical vulnerabilities in its Serv-U File Transfer Solution that could allow attackers to execute arbitrary code remotely (Remote Code Execution – RCE). All vulnerabilities affect Serv-U version 15.5.2.2.102 and have been fixed in version 15.5.3. Details of the patched vulnerabilities include: SolarWinds […]

483/68 Monday, November 24, 2025 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Oracle Identity Manager vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, confirming that attackers are actively exploiting it in the wild. The flaw, CVE-2025-61757, carries a CVSS score of 9.8/10 and stems from an authentication validation failure. It […]

482/68 Friday, November 21, 2025 Researchers have uncovered a cyberattack campaign known as Operation WrtHug, which targets older and near end-of-life (EOL) ASUS routers-over 50,000 devices worldwide-with the goal of creating a massive botnet. The largest concentrations of compromised devices were found in Taiwan, the United States, and Russia. Most affected routers were using ASUS […]

481/68 Friday, November 21, 2025 NHS England Digital has issued an alert regarding a security vulnerability in the 7-Zip file archiving software, identified as CVE-2025-11001 (CVSS 7.0), which is now being actively exploited. The flaw allows attackers to execute arbitrary code remotely (RCE). The 7-Zip development team has already released a fix in version 25.00, […]

480/68 Friday, November 21, 2025 A recent report from Push Security reveals that the Phishing-as-a-Service (PhaaS) toolkit known as Sneaky2FA has enhanced its capabilities by integrating Browser-in-the-Browser (BitB) techniques. This upgrade allows attackers to steal Microsoft 365 login credentials and session tokens with a high degree of realism. The BitB method enables the toolkit to […]

479/68 Thursday, November 20, 2025 Google has released an emergency security update to patch a Zero-Day vulnerability in Chrome that has been actively exploited. The flaw, tracked as CVE-2025-13223, is rated High Severity and stems from a Type Confusion bug in the V8 JavaScript engine. The issue was discovered by Clement Lecigne of Google’s Threat […]

478/68 Thursday, November 20, 2025 Microsoft has revealed that Azure DDoS Protection successfully detected and mitigated a massive Distributed Denial-of-Service (DDoS) attack on October 24, 2025. The attack reached a peak volume of 15.72 Tbps and 3.64 billion packets per second (pps), making it the largest cloud-based DDoS attack ever recorded. The target was a […]

477/68 Thursday, November 20, 2025 Cybersecurity experts are closely monitoring the rapid spread of RondoDox, a large-scale botnet now exploiting a critical vulnerability in the XWiki platform. The flaw, tracked as CVE-2025-24893, is a Remote Code Execution (RCE) vulnerability that allows attackers to execute arbitrary malicious code on vulnerable systems. The U.S. Cybersecurity and Infrastructure […]

476/68 Wednesday, November 19, 2025 The Everest ransomware group claims to have breached the systems of Under Armour, Inc., a major U.S. sportswear company, stealing over 343 GB of internal corporate data, including personal information belonging to millions of customers across multiple countries. The attackers published sample data on their Dark Web site to prove […]