Italy’s La Sapienza University Goes Offline Following Cyberattack

77/69 Monday, February 9, 2026 La Sapienza University in Rome, Italy, remains unable to fully restore its IT services after suffering a cyberattack on February 2, causing widespread operational disruptions. Students have been unable to book exams, verify tuition payments, or access faculty contact information. The university has primarily communicated updates through social media and […]

sittisak mintaboon

February 9, 2026

Shadow Campaigns: APT Espionage Operation Targets 155 Countries Worldwide

76/69 Monday, February 9, 2026 Unit 42 from Palo Alto Networks has revealed the discovery of a state-sponsored threat group tracked as TGR-STA-1030 (also known as UNC6619), believed to be operating from Asia. The group is responsible for a large-scale cyber espionage initiative dubbed “Shadow Campaigns,” primarily aimed at stealing strategic, economic, and political intelligence […]

sittisak mintaboon

February 9, 2026

Microsoft Warns Infostealer Malware Is Spreading to macOS, Using Python and Malvertising to Steal iCloud Keychain Data

75/69 Friday, February 6, 2026 Microsoft Defender security researchers have warned of a growing trend in infostealer malware targeting the macOS operating system. Attackers are leveraging Python to develop cross-platform malware and employing social engineering techniques such as ClickFix, along with malvertising campaigns on Google Ads, to trick users into downloading fake installers. Once installed, […]

sittisak mintaboon

February 6, 2026

CISA Warns VMware ESXi Vulnerability Is Being Exploited in Ransomware Campaigns

74/69 Friday, February 6, 2026 CISA has disclosed that ransomware groups have begun exploiting a VMware ESXi vulnerability related to virtual machine sandbox escape. The flaw, tracked as CVE-2025-22225, was previously used in zero-day attacks and is classified as an arbitrary write vulnerability that could allow attackers with privileges inside the VMX process to write […]

sittisak mintaboon

February 6, 2026

Cyberattack Campaign Targets NGINX Servers, Aiming at Government and Educational Websites Across Asia

73/69 Friday, February 6, 2026 Researchers from DataDog Security Labs have discovered a cyberattack campaign targeting NGINX servers, a widely used web traffic management software. Threat actors modify configuration files to secretly install redirect commands, routing user data through hacker-controlled infrastructure before forwarding it to the legitimate destination. The campaign primarily targets websites using Asian […]

sittisak mintaboon

February 6, 2026

Docker Users Urged to Update Immediately: DockerDash Vulnerability in AI Assistant “Ask Gordon” Risks Code Execution via Image Metadata

72/69 Thursday, February 5, 2026 Cybersecurity researchers from Noma Labs have disclosed a critical vulnerability named DockerDash affecting Ask Gordon, the AI assistant integrated into Docker Desktop and Docker CLI. The flaw allows attackers to perform Remote Code Execution (RCE) and secretly exfiltrate sensitive data by exploiting how the assistant reads and processes metadata attached […]

ThaiCERT

February 5, 2026

React Native Vulnerability Actively Exploited in the Wild

71/69 Thursday, February 5, 2026 Researchers from vulnerability intelligence firm VulnCheck have revealed that a critical vulnerability in the React Native platform has been actively exploited since late December. The flaw, tracked as CVE-2025-11953, carries a CVSS score of 9.8 (Critical) and affects the widely used @react-native-community/cli package, a key tool for developing React Native […]

ThaiCERT

February 5, 2026

Critical Zero-Day Vulnerabilities in Ivanti EPMM Actively Exploited – Immediate Patching Urged

70/69 Thursday, February 5, 2026 Cybersecurity experts have issued a warning after discovering two newly identified critical vulnerabilities (CVE-2026-1281 and CVE-2026-1340) in Ivanti Endpoint Manager Mobile (EPMM), a platform widely used by large organizations to manage employee mobile devices. These flaws carry a severity score of 9.8 out of 10, as they allow attackers to […]

ThaiCERT

February 5, 2026

Researchers Discover Over 200 Malicious Skills on OpenClaw Distributing Password-Stealing Malware

69/69 Wednesday, February 4, 2026 Security researchers have identified a large number of malicious add-on packages, or “Skills,” targeting OpenClaw-an open-source personal AI assistant formerly known as Moltbot and ClawdBot. These threats were discovered on the official registry (ClawHub) and GitHub between January 27 and February 1. More than 230 harmful Skills were found impersonating […]

ThaiCERT

February 4, 2026

Panera Bread Data Breach Impacts 5.1 Million Accounts, Confirmed by HIBP

68/69 Wednesday, February 4, 2026 Have I Been Pwned (HIBP) has confirmed that the Panera Bread data breach affected approximately 5.1 million user accounts, a figure significantly lower than the 14 million accounts previously claimed by the cybercriminal group ShinyHunters. The group alleged that it had gained access to Panera Bread’s systems and stolen a […]

ThaiCERT

February 4, 2026
1 2 3 73