ThaiCERT

32/69 Monday, January 19, 2026 Cybersecurity researchers have disclosed a high-severity privilege escalation vulnerability in Google’s Vertex AI platform that could allow low-privileged users to escalate their access and take control of Service Agent accounts, which are system-managed identities with elevated permissions. The vulnerability affects Vertex AI Agent Engine and Ray on Vertex AI and […]

31/69 Monday, January 19, 2026 A recent report by cybersecurity researchers LayerX and Koi Security has uncovered 17 malicious browser extensions on the Google Chrome Web Store, Firefox Add-ons, and Microsoft Edge Add-ons, with a combined total of more than 840,000 installations. These extensions are part of a malware operation dubbed “GhostPoster,” disguising itself as […]

30/69 Friday, January 16, 2026 Researchers from GreyNoise have revealed the detection of a large-scale wave of cyberattack attempts targeting artificial intelligence (AI) systems, particularly Ollama and infrastructures connected to OpenAI, between October 2025 and January 2026. Honeypots simulating AI servers recorded a total of 91,403 attack sessions. Analysts assess that the primary objective of […]

29/69 Friday, January 16, 2026 Kyowon Group, a major South Korean conglomerate, has confirmed that it detected a cyberattack that disrupted its operations and resulted in data being stolen from its systems. The company stated that the incident, identified as a ransomware attack, was discovered in early January, during which threat actors were able to […]

28/69 Friday, January 16, 2026 Cybersecurity researchers have issued a warning about the rapid spread of a new botnet known as Kimwolf, which has branched off from the Aisuru group. The botnet has already taken control of more than 2 million non-certified Android TV boxes within a short period of time. A notable aspect of […]

27/69 Thursday, January 15, 2026 Researchers from cybersecurity firm Black Duck have identified a vulnerability in Broadcom Wi-Fi chipsets, which are widely used in both enterprise-grade and consumer routers. The issue was initially discovered during testing of ASUS routers and was later confirmed in coordination with manufacturers to stem from software flaws within the Broadcom […]

26/69 Thursday, January 15, 2026 AZ Monica Hospital in Belgium, a general hospital providing inpatient, outpatient, and specialized medical services in the cities of Antwerp and Deurne, has disclosed that it was impacted by a cyberattack. As a result, the hospital was forced to temporarily shut down all servers, cancel scheduled procedures and surgeries, and […]

25/69 Thursday, January 15, 2026 ServiceNow, a large-scale IT service management platform used by 85% of Fortune 500 companies, has been found to contain what security researchers describe as “the most severe AI-driven vulnerability ever discovered.” The issue stems from ServiceNow’s integration of a new agentic AI system with its legacy Virtual Agent chatbot, which […]

24/69 Wednesday, January 14, 2026 The AhnLab Security Intelligence Center (ASEC) has identified a cyberattack campaign leveraging social engineering techniques to create psychological pressure through phishing emails. The emails use subject lines related to monthly performance evaluation reports and reference potential employee layoffs, aiming to induce panic and prompt recipients to urgently open the attached […]

23/69 Wednesday, January 14, 2026 The Everest ransomware group has claimed that it breached the systems of Nissan Motor Corporation and exfiltrated approximately 900 GB of internal data. According to the attackers, the stolen data includes internal documents and screenshots from various corporate systems. The group published these claims on its dark web leak site […]