ThaiCERT

229/68 Wednesday, June 25, 2025 Citrix has released critical security patches for vulnerabilities affecting its NetScaler ADC and NetScaler Gateway products, addressing serious flaws including CVE-2025-5777, which carries a CVSS score of 9.3. This vulnerability is classified as an out-of-bounds read, resulting from insufficient input validation. It allows attackers to craft specially designed requests to […]

228/68 Tuesday, June 24, 2025 On June 20, 2025, cryptocurrency price tracking platform CoinMarketCap experienced a supply chain attack that led to the injection of a malicious wallet drainer script into its homepage. During the incident, users who visited the site encountered a fake Web3 popup that mimicked a “Connect Wallet” prompt. Upon connecting, the […]

227/68 Tuesday, June 24, 2025 The Qilin ransomware group has escalated its operations by launching a new feature called “Call Lawyer”, offering legal advisory services to its affiliates to help pressure victims into paying ransom. According to cybersecurity firm Cybereason, Qilin is aiming to position itself as a major player in the Ransomware-as-a-Service (RaaS) ecosystem, […]

226/68 Monday, June 23, 2025 The Iranian government has officially confirmed that it has restricted nationwide internet access in response to escalating cyber tensions with Israel. Officials stated that the move was aimed at protecting critical infrastructure from cyberattacks and preventing adversaries from remotely controlling drones via internet networks. According to reports by Iranian news […]

225/68 Monday, June 23, 2025 In May 2025, Cloudflare—one of the world’s leading web infrastructure and cybersecurity companies—announced that it successfully mitigated the largest Distributed Denial of Service (DDoS) attack ever recorded, which peaked at a staggering 7.3 terabits per second (Tbps). The attack targeted a hosting provider and exceeded the previous record by 12%, […]

224/68 Friday, June 20, 2025 Veeam has released a security update to address a critical vulnerability in its Backup & Replication product. The flaw, tracked as CVE-2025-23121 and rated CVSS 9.9, allows authenticated domain users to execute arbitrary code remotely on the Backup Server, potentially leading to full system compromise. This vulnerability affects versions 12.3.1.1139 […]

223/68 Friday, June 20, 2025 A Russian state-linked hacking group has been detected using a highly targeted phishing technique that bypasses Gmail’s two-factor authentication (2FA) by exploiting a lesser-known Google feature called App-Specific Passwords (ASPs). According to Google’s Threat Intelligence Group, the campaign ran from April to early June, with attackers impersonating officials from the […]

222/68 Thursday, June 19, 2025 GreyNoise has reported widespread exploitation attempts targeting CVE-2023-28771, a critical Remote Code Execution (RCE) vulnerability (CVSS score: 9.8) affecting Zyxel devices’ IKE decoder via UDP port 500. On June 16, 2025, GreyNoise detected attack attempts from 244 unique IP addresses over a short timeframe, with primary targets located in the […]

221/68 Thursday, June 19, 2025 Cybersecurity researchers at Todyl have uncovered a new variant of the ClickFix malware, dubbed “LightPerlGirl”, on June 13, 2025. This variant was found embedded in a compromised WordPress-based travel website, used as part of a “waterholing” attack—a tactic where attackers lure victims through otherwise trusted websites. The site mimicked a […]

220/68 Wednesday, June 18, 2025 Trend Micro has released a report on a newly discovered ransomware strain named “Anubis”, which poses a serious threat due to its unique dual-functionality: it not only encrypts files but also features a “wipe mode” that permanently erases file contents. This destructive behavior makes data recovery impossible, even if the […]