ThaiCERT

407/68 Thursday, October 16, 2025 The U.S. Department of Justice (DOJ) announced the seizure of more than $15 billion worth of cryptocurrency (approximately 560 billion THB) from the leaders of the cybercrime network known as Prince Group, which orchestrated a massive crypto investment scam, also referred to as “Pig Butchering.” Victims were tricked into transferring […]

406/68 Thursday, October 16, 2025 Harvard University has confirmed that it was targeted in a cyberattack exploiting a vulnerability in Oracle E-Business Suite (EBS), after the Cl0p ransomware group published over 1.3 terabytes of data on its leak site on the Tor network. The university stated that the incident only affected a “small administrative unit” […]

405/68 Thursday, October 16, 2025 FortiGuard Labs, a cybersecurity research company, has disclosed a new wave of attacks spreading an information-stealing malware known as “Stealit.” Threat actors are disguising Stealit inside fake game and VPN installers, which they then upload to popular file-sharing platforms such as Mediafire and Discord to lure unsuspecting users into downloading […]

404/68 Wednesday, October 15, 2025 Unity Technologies, the developer of the Unity game engine-a widely used tool for building 3D games and applications-has confirmed that the website for SpeedTree, its graphics software and plugin marketplace, was compromised with malicious code on its payment page, resulting in the theft of customer data. The incident was detected […]

403/68 Wednesday, October 15, 2025 Researchers from the threat monitoring platform GreyNoise have detected a massive campaign leveraging over 100,000 botnet IP addresses worldwide to attack Remote Desktop Protocol (RDP) services in the United States. The campaign, which began on October 8, 2025, originates from multiple countries, including Brazil, Argentina, Iran, China, Mexico, Russia, South […]

402/68 Wednesday, October 15, 2025 On October 14, 2025, Microsoft officially ended support (End of Support – EOS) for the Windows 10 operating system. This means that the company will no longer provide software updates, technical support, or free security patches. As a result, hundreds of millions of computers worldwide that still rely on Windows […]

401/68 Tuesday, October 14, 2025 Cybersecurity authorities have issued a warning about a new scam in the United States after detecting a Smishing campaign (phishing via SMS) targeting New Yorkers. Threat actors are sending fraudulent text messages impersonating the New York State Department of Taxation and Finance, claiming to be part of an “Inflation Refund […]

400/68 Tuesday, October 14, 2025 Oracle has issued a security advisory regarding a newly discovered vulnerability affecting Oracle E-Business Suite (EBS) that could allow attackers to access sensitive information without authentication. Tracked as CVE-2025-61884, the flaw carries a CVSS score of 7.5 (High Severity) and impacts versions 12.2.3 through 12.2.14. According to the National Vulnerability […]

399/68 Tuesday, October 14, 2025 Threat actors tracked as Storm-2603-also known as CL-CRI-1040 and Gold Salem-have been observed weaponizing Velociraptor, an open-source digital forensics and incident response (DFIR) tool widely used by security professionals, turning it into a weapon for ransomware attacks. According to Cisco Talos, the group exploited a SharePoint vulnerability dubbed “ToolShell” to […]

398/68 Friday, October 10, 2025 OpenAI announced that it has suspended accounts linked to three hacker groups that misused ChatGPT to aid in the development of malware and cyberattack tools. One of the groups, a Russian-speaking threat actor, reportedly used the AI model to help build and refine a Remote Access Trojan (RAT) and data-stealing […]