ThaiCERT

188/68 Friday, May 23, 2025 Security researchers from Codean Labs have disclosed a critical vulnerability in the OpenPGP.js JavaScript library (CVE-2025-47934), an open-source implementation used for encryption and digital signing. The flaw affects versions 5.0.1 to 5.11.2 and 6.0.0 to 6.1.0, and allows attackers to spoof digital signatures in inline-signed or signed+encrypted messages. Detached signatures […]

187/68 Friday, May 23, 2025 Google has introduced a new feature in the Chrome browser that allows its built-in password manager to automatically change user passwords when they are found to be compromised in a data breach. According to Google engineers Ashima Arora, Chirag Desai, and Eiji Kitamura, when Chrome detects that a password has […]

186/68 Thursday, May 22, 2025 Researchers from DomainTools Intelligence (DTI) have uncovered a large-scale cyber campaign in which over 100 fake Google Chrome extensions were created and distributed since February 2024. These malicious extensions were disguised as legitimate tools for productivity, VPNs, cryptocurrency, finance, and other services. They were promoted via phishing websites that closely […]

185/68 Thursday, May 22, 2025 A recent cyber threat activity report by ESET reveals a significant rise in Advanced Persistent Threat (APT) operations originating from Asia, particularly those linked to China and North Korea. These APT groups accounted for over 55% of all documented cyberattacks between Q4 2024 and Q1 2025. While Europe remains the […]

184/68 Wednesday, May 21, 2025 Mozilla has released a security update for its Firefox browser to address two zero-day vulnerabilities that were exploited during the Pwn2Own Berlin 2025 hacking contest. These flaws could allow attackers to access sensitive data or execute malicious code in memory, and the exploits earned researchers a combined $100,000 in prize […]

183/68 Wednesday, May 21, 2025 Cybersecurity experts from WithSecure have issued a warning about a cyberattack campaign involving a fake version of the popular password manager KeePass. Attackers modified the open-source KeePass code to create a trojanized version called “KeeLoader”, which retains the full functionality of the original software but secretly includes malicious code. This […]

182/68 Tuesday, May 20, 2025 The U.S. Federal Bureau of Investigation (FBI) has issued a warning about a cyberattack campaign involving smishing (SMS phishing) and AI-generated deepfake voice messages (vishing) aimed at current and former federal and state government officials. Threat actors are impersonating high-ranking U.S. officials—such as cabinet secretaries or agency directors—to trick victims […]

181/68 Tuesday, May 20, 2025 Cybersecurity experts have uncovered a serious threat to global energy infrastructure after discovering undocumented components—so-called “kill switches”—embedded in electrical inverters manufactured in China. These include hidden cellular modems, raising concerns that China could remotely disable power grid systems, especially during times of conflict. Such an attack could cause widespread blackouts […]

180/68 Monday, May 19, 2025 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three critical vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog after confirming they are being actively exploited. These include flaws in Google Chromium, DrayTek Vigor routers, and SAP NetWeaver. Details of the vulnerabilities: CISA emphasized that mitigating KEV-listed vulnerabilities is […]

179/68 Monday, May 19, 2025 Dynamic DNS (DDNS) services, originally designed to conveniently map frequently changing IP addresses to domain names, are increasingly being exploited by cybercriminal groups such as Scattered Spider and various phishing actors. These groups use rented subdomains from DDNS providers to disguise malicious activity and spoof identities, making detection and tracking […]