ThaiCERT

344/68 Tuesday, September 16, 2025 Okta Threat Intelligence has uncovered a new phishing platform called VoidProxy, categorized as Phishing-as-a-Service (PhaaS). It provides cybercriminals with a full toolkit to conduct attacks, with a key capability being its ability to bypass Multi-Factor Authentication (MFA) for Microsoft and Google accounts using an Adversary-in-the-Middle (AitM) technique to intercept sensitive […]

343/68 Tuesday, September 16, 2025 The ShinyHunters hacking group has successfully breached the systems of the National Credit Information Center of Vietnam (CIC). Investigators confirmed evidence of unauthorized access, with leaked data containing sensitive customer information tied to several leading Vietnamese financial institutions, including VietCredit, MB Bank, Ocean Bank, VPBank, and Agribank. Authorities in Vietnam, […]

342/68 Monday, September 15, 2025 Samsung has released its monthly Android security update, which includes a fix for the critical zero-day vulnerability CVE-2025-21043 (CVSS 8.8). The flaw is an out-of-bounds write in the libimagecodec.quram.so library that could allow attackers to execute remote malicious code. According to a 2020 report by Google Project Zero, libimagecodec.quram.so is […]

341/68 Monday, September 15, 2025 The U.S. Federal Bureau of Investigation (FBI) has issued a Flash Alert warning of ongoing cyberattacks by two groups, UNC6040 and UNC6395, which are increasingly targeting the Salesforce platform. The primary objective of these campaigns is to steal sensitive organizational data and conduct extortion. The alert also includes Indicators of […]

340/68 Monday, September 15, 2025 Researchers have uncovered a new ransomware strain called “HybridPetya”, which merges features of the infamous Petya and NotPetya malware that caused devastating outbreaks in 2016–2017. The alarming aspect of HybridPetya lies in its ability to bypass the UEFI Secure Boot security mechanism, enabling it to implant malicious code into the […]

339/68 Friday, September 12, 2025 Security researchers from the Netherlands have uncovered a new Android malware strain called RatOn, which evolved from NFC relay tools into a sophisticated Remote Access Trojan (RAT). RatOn is equipped with Automated Transfer System (ATS) capabilities to manipulate financial transactions, combining features such as overlay attacks, automated transfers, and NFC […]

338/68 Friday, September 12, 2025 The KillSec ransomware group has claimed responsibility for a cyberattack against MedicSolution, a Brazilian healthcare software provider, threatening to leak stolen data if negotiations are not initiated. According to a report by Resecurity, the incident stemmed from data exfiltration via an unsecured AWS S3 bucket, which had been left exposed […]

337/68 Friday, September 12, 2025 Cybersecurity experts at Rapid7 have issued an urgent warning about escalating cyberattacks, as the Akira ransomware group has resumed exploiting vulnerabilities in SonicWall appliances. These include critical flaws that were already abused last year. Contrary to earlier suspicions of a new zero-day exploit, the attacks are leveraging known vulnerabilities such […]

336/68 Thursday, September 11, 2025 The recent incident involving the severing of undersea internet cables in the Red Sea over the weekend significantly reduced internet speeds in several countries, particularly in the Middle East, India, and Pakistan. The International Cable Protection Committee (ICPC) stated that the cause was most likely an accident related to maritime […]

335/68 Thursday, September 11, 2025 SAP has issued security updates addressing multiple vulnerabilities, including three critical flaws affecting SAP NetWeaver and one high-severity flaw in SAP S/4HANA. The details are as follows: In addition, CVE-2025-42957 (CVSS 9.9) in S/4HANA, which was patched in August 2025, has already been confirmed as under active exploitation. While there […]