Qualcomm Releases Patches for Three Actively Exploited Zero-Day Vulnerabilities

200/68 Wednesday, June 4, 2025 Qualcomm has issued patches to address three zero-day vulnerabilities that have been actively exploited in the wild. These flaws were reported by Google’s Android Security team and are tracked as CVE-2025-21479, CVE-2025-21480, and CVE-2025-27038. The company distributed the patches to OEMs in May 2025 and strongly recommends immediate updates. Details […]

ThaiCERT

June 4, 2025

Australia Introduces New Law Requiring Organizations to Report Ransomware Payments

199/68 Wednesday, June 4, 2025 Australia has introduced new regulations mandating organizations with annual revenues of over AUD 3 million (approximately USD 2 million) to report ransomware payments and any related communications within 72 hours of the incident. The move is part of Australia’s broader national cybersecurity strategy, which aims to position the country as […]

ThaiCERT

June 4, 2025

“PumaBot” – New Botnet Targets Linux-Based IoT Devices to Steal SSH Credentials and Mine Cryptocurrency

197/68 Friday, May 30, 2025 Cybersecurity firm Darktrace has discovered a new botnet dubbed “PumaBot”, which is actively targeting Internet of Things (IoT) devices running on Linux. Unlike traditional widespread scans, PumaBot uses SSH brute-force attacks to compromise devices and expand its botnet network. It pulls a curated list of IP addresses from an external […]

ThaiCERT

May 30, 2025

DragonForce Exploits SimpleHelp Vulnerabilities to Launch Supply Chain Attacks on MSPs

196/68 Thursday, May 29, 2025 The ransomware group DragonForce has been identified as the actor behind a series of supply chain attacks targeting Managed Service Providers (MSPs). The attackers exploited vulnerabilities in SimpleHelp, a widely used Remote Monitoring and Management (RMM) platform, to breach MSP networks, conduct reconnaissance on client environments, exfiltrate sensitive data, and […]

ThaiCERT

May 29, 2025

Fake AI Ads on Facebook Spread Malware to Steal Personal Data, Researchers Warn

195/68 Thursday, May 29, 2025 Cybersecurity researchers have issued a warning about a large-scale malware campaign spreading across social media platforms, particularly Facebook and LinkedIn. A threat actor known as UNC6032 is exploiting growing public interest in artificial intelligence by distributing fake advertisements promoting AI-powered video generation tools. These ads claim to offer text-to-video AI […]

ThaiCERT

May 29, 2025

Fake TikTok Videos Lure Users into Installing Vidar and StealC Malware

193/68 Wednesday, May 28, 2025 Cybersecurity experts at Trend Micro have uncovered a malicious campaign where cybercriminals are leveraging AI-generated TikTok videos to trick users into executing PowerShell commands that install dangerous malware such as Vidar and StealC. The videos claim to show users how to activate popular software like Windows, Microsoft Office, CapCut, or […]

ThaiCERT

May 28, 2025

Operation ENDGAME Dismantles Global Ransomware Infrastructure

192/68 Tuesday, May 27, 2025 Between May 19–22, 2025, law enforcement agencies from multiple countries carried out Operation ENDGAME, a large-scale coordinated cybercrime takedown led by Europol and Eurojust, aimed at dismantling the global infrastructure used to distribute ransomware. The operation resulted in the seizure of over 300 servers, the shutdown of more than 650 […]

ThaiCERT

May 27, 2025

Hackers Increasingly Abuse Legitimate Remote Access Tools Like ConnectWise in 2025

191/68 Tuesday, May 27, 2025 A May 2025 report by Cofense Intelligence highlights a troubling cybersecurity trend: cybercriminals are increasingly abusing legitimate remote access tools (RATs) such as ConnectWise and Splashtop to infiltrate computer systems. Originally designed for IT professionals, these trusted tools have become double-edged swords — their legitimacy and familiarity allow them to […]

ThaiCERT

May 27, 2025
1 15 16 17 45