ThaiCERT

182/68 Tuesday, May 20, 2025 The U.S. Federal Bureau of Investigation (FBI) has issued a warning about a cyberattack campaign involving smishing (SMS phishing) and AI-generated deepfake voice messages (vishing) aimed at current and former federal and state government officials. Threat actors are impersonating high-ranking U.S. officials—such as cabinet secretaries or agency directors—to trick victims […]

181/68 Tuesday, May 20, 2025 Cybersecurity experts have uncovered a serious threat to global energy infrastructure after discovering undocumented components—so-called “kill switches”—embedded in electrical inverters manufactured in China. These include hidden cellular modems, raising concerns that China could remotely disable power grid systems, especially during times of conflict. Such an attack could cause widespread blackouts […]

180/68 Monday, May 19, 2025 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three critical vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog after confirming they are being actively exploited. These include flaws in Google Chromium, DrayTek Vigor routers, and SAP NetWeaver. Details of the vulnerabilities: CISA emphasized that mitigating KEV-listed vulnerabilities is […]

179/68 Monday, May 19, 2025 Dynamic DNS (DDNS) services, originally designed to conveniently map frequently changing IP addresses to domain names, are increasingly being exploited by cybercriminal groups such as Scattered Spider and various phishing actors. These groups use rented subdomains from DDNS providers to disguise malicious activity and spoof identities, making detection and tracking […]

178/68 Friday, May 16, 2025 Fortinet has released a patch to fix a critical zero-day vulnerability that was actively exploited in FortiVoice Enterprise, an enterprise VoIP (voice over IP) system. The vulnerability, tracked as CVE-2025-32756, is a stack-based buffer overflow flaw that allows unauthenticated remote attackers to execute arbitrary code or commands via specially crafted […]

177/68 Friday, May 16, 2025 Researchers have uncovered a new ad fraud network named Kaleidoscope, targeting Android users with unskippable ads that cause significant disruption and frustration. Traditionally, ad fraud mainly affects advertisers, who pay for impressions or clicks that are not genuine—often generated by bots or deceptive tricks. These malicious activities typically run in […]

176/68 Thursday, May 15, 2025 Adobe has released its scheduled Patch Tuesday security updates, addressing more than 39 vulnerabilities across various products. The company issued warnings about the risk of remote code execution (RCE), which could allow attackers to gain unauthorized access to systems or escalate privileges. The most critical updates affect Adobe ColdFusion, with […]

175/68 Thursday, May 15, 2025 Ivanti has issued an urgent security advisory urging customers to immediately update their Endpoint Manager Mobile (EPMM) software after discovering two critical vulnerabilities that can be chained together to allow unauthenticated remote code execution by attackers. The first vulnerability, CVE-2025-4427, is an authentication bypass on the EPMM API that enables […]

174/68 Wednesday, May 14, 2025 Cybersecurity researchers at Morphisec have issued a warning about a new cyberattack campaign that exploits the popularity of AI tools to trick users into downloading a newly discovered malware called Noodlophile Stealer. This information stealer malware is being spread under the guise of fake AI applications like “Dream Machine” or […]

173/68 Wednesday, May 14, 2025 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has announced a significant change in how it shares cybersecurity-related information. Starting May 12, 2025, CISA will discontinue general updates on its “Cybersecurity Alerts & Advisories” webpage and will shift to using social media and email as primary channels for disseminating cybersecurity […]