ThaiCERT

180/68 Monday, May 19, 2025 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three critical vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog after confirming they are being actively exploited. These include flaws in Google Chromium, DrayTek Vigor routers, and SAP NetWeaver. Details of the vulnerabilities: CISA emphasized that mitigating KEV-listed vulnerabilities is […]

179/68 Monday, May 19, 2025 Dynamic DNS (DDNS) services, originally designed to conveniently map frequently changing IP addresses to domain names, are increasingly being exploited by cybercriminal groups such as Scattered Spider and various phishing actors. These groups use rented subdomains from DDNS providers to disguise malicious activity and spoof identities, making detection and tracking […]

178/68 Friday, May 16, 2025 Fortinet has released a patch to fix a critical zero-day vulnerability that was actively exploited in FortiVoice Enterprise, an enterprise VoIP (voice over IP) system. The vulnerability, tracked as CVE-2025-32756, is a stack-based buffer overflow flaw that allows unauthenticated remote attackers to execute arbitrary code or commands via specially crafted […]

177/68 Friday, May 16, 2025 Researchers have uncovered a new ad fraud network named Kaleidoscope, targeting Android users with unskippable ads that cause significant disruption and frustration. Traditionally, ad fraud mainly affects advertisers, who pay for impressions or clicks that are not genuine—often generated by bots or deceptive tricks. These malicious activities typically run in […]

176/68 Thursday, May 15, 2025 Adobe has released its scheduled Patch Tuesday security updates, addressing more than 39 vulnerabilities across various products. The company issued warnings about the risk of remote code execution (RCE), which could allow attackers to gain unauthorized access to systems or escalate privileges. The most critical updates affect Adobe ColdFusion, with […]

175/68 Thursday, May 15, 2025 Ivanti has issued an urgent security advisory urging customers to immediately update their Endpoint Manager Mobile (EPMM) software after discovering two critical vulnerabilities that can be chained together to allow unauthenticated remote code execution by attackers. The first vulnerability, CVE-2025-4427, is an authentication bypass on the EPMM API that enables […]

174/68 Wednesday, May 14, 2025 Cybersecurity researchers at Morphisec have issued a warning about a new cyberattack campaign that exploits the popularity of AI tools to trick users into downloading a newly discovered malware called Noodlophile Stealer. This information stealer malware is being spread under the guise of fake AI applications like “Dream Machine” or […]

173/68 Wednesday, May 14, 2025 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has announced a significant change in how it shares cybersecurity-related information. Starting May 12, 2025, CISA will discontinue general updates on its “Cybersecurity Alerts & Advisories” webpage and will shift to using social media and email as primary channels for disseminating cybersecurity […]

172/68 Tuesday, May 13, 2025 South African Airways (SAA), the national carrier of South Africa, confirmed that it experienced a cyberattack on May 3, 2025, which temporarily disrupted its website, mobile app, and some internal operating systems. However, flight operations and core services remained unaffected. The airline’s IT team quickly brought the situation under control, […]

171/68 Tuesday, May 13, 2025 Following the April 22, 2025, shooting incident targeting tourists in Pahalgam, Kashmir, tensions between India and Pakistan have rapidly escalated into the cyber domain. Hacktivist groups from across Asia, the Middle East, and North Africa (MENA) have united under an operation dubbed #OpIndia, targeting Indian government agencies and critical infrastructure. […]