ThaiCERT

425/68 Monday, October 27, 2025 The Federal Service for Veterinary and Phytosanitary Surveillance, under Russia’s Ministry of Agriculture, suffered a major DDoS attack that temporarily disrupted its agricultural and chemical tracking systems, VetIS and Saturn. The incident severely impacted food transportation across the country, particularly the Mercury subsystem, which is used to issue electronic veterinary […]

424/68 Monday, October 27, 2025 Microsoft has released an out-of-band security update to fix a severe vulnerability in Windows Server Update Services (WSUS), tracked as CVE-2025-59287 with a CVSS score of 9.8. The flaw – a deserialization of untrusted data – allows a remote attacker to send a specially crafted cookie to the GetCookie() endpoint […]

423/68 Monday, October 27, 2025 Researchers from Palo Alto Networks Unit 42 have uncovered evidence of a large-scale, ongoing smishing (SMS phishing) operation tied to a China-based threat actor group known as the “Smishing Triad.” The group has been linked to more than 194,000 malicious domains. Since January 1, 2024, the group has been distributing […]

422/68 Friday, October 24, 2025 Meta has introduced a new set of tools designed to help WhatsApp and Messenger users protect themselves from online scammers and enhance account security. Messenger has begun testing an advanced scam detection system that alerts users when a new contact sends a suspicious message. Users can also choose to submit […]

421/68 Friday, October 24, 2025 Researchers from Darktrace have disclosed that the Chinese-linked APT group Salt Typhoon (also known as Earth Estries, FamousSparrow, GhostEmperor, UNC5807, and RedMike) breached a major European telecom company in July 2025 by exploiting a Citrix NetScaler Gateway vulnerability as the initial access vector. The attack began with the exploitation of […]

420/68 Friday, October 24, 2025 Taiwanese networking equipment manufacturer TP-Link has released two security advisories this week regarding four critical vulnerabilities affecting more than ten models of its Omada Gateway devices across the ER, G, and FR series. The company has already issued firmware updates to address these flaws and strongly advises all users of […]

419/68 Wednesday, October 22, 2025 Japanese retailer Muji has announced the temporary suspension of its online store after logistics partner Askul Corporation suffered a ransomware attack. The incident disrupted Muji’s product delivery systems and impacted its main website, preventing customers from browsing or placing online orders, as well as checking their purchase history via the […]

418/68 Wednesday, October 22, 2025 Researchers from The Shadowserver Foundation have discovered that more than 75,835 WatchGuard Firebox devices exposed to the internet worldwide are vulnerable to a critical flaw tracked as CVE-2025-9242 (CVSS 9.3). This vulnerability could allow remote code execution without authentication. The majority of exposed devices are located in Europe and North […]

417/68 Wednesday, October 22, 2025 The concept of Bring Your Own Device (BYOD), where employees use personal devices for work, is now expanding into a new risk area known as Bring Your Own Car (BYOC). At the recent BSides NYC conference, researchers from cybersecurity firm Threatlight showcased a new proof-of-concept (PoC) attack demonstrating how a […]

416/68 Tuesday, October 21, 2025 Envoy Air, a regional airline under American Airlines, has confirmed that it was affected by a cyberattack targeting Oracle E-Business Suite (EBS) systems, carried out by the Cl0p ransomware group, which is linked to the FIN11 cybercrime syndicate. The attackers added American Airlines to their leak site on the dark […]