When War Headlines Become a Cyber Weapon
Cyber threats no longer arrive in the same familiar forms. They do not always begin with a poorly written email, a suspicious attachment, or a file name that looks obviously malicious from the start. Sometimes, they arrive disguised as breaking news. News that feels urgent. News that appears relevant. News people are likely to open […]
New Android Malware Uses AI to Click Hidden Browser Ads
📌 What Is It? A newly spotted family of Android malware is using artificial intelligence (AI) to perform click-fraud — i.e., automatically generating fake ad clicks to make money for attackers. Unlike older malware that used scripted rules, this one leverages machine learning to visually identify ads and interact with them, mimicking real user behavior. […]
Microsoft Confirms Windows 11 Lock Screen Password Option Bug in Recent Updates
Microsoft has issued a warning to Windows 11 users regarding a user interface bug introduced by updates released since August 2025, which may cause the password sign-in option to disappear from the lock screen. Although the option is not visibly displayed, Microsoft confirmed that the password sign-in feature remains functional. How Sign-In Options Normally Work […]
New Android Malware ‘DroidLock’ Can Hijack Phones in Real TimeHackers exploit newly patched Fortinet auth bypass flaws
📌 What DroidLock Is DroidLock is a newly identified type of Android malware that behaves like ransomware but is even more dangerous because it gives attackers near-total control over infected phones. Rather than encrypting files like traditional ransomware, DroidLock aggressively abuses Android system permissions and overlays to lock the device and extort victims. 🛠️ How […]
Hackers exploit newly patched Fortinet auth bypass flaws
Critical Fortinet Vulnerabilities Actively Exploited CVE-2025-59718 & CVE-2025-59719 Executive Summary Threat actors are actively exploiting two critical-severity authentication bypass vulnerabilities affecting multiple Fortinet products. These flaws allow attackers to gain unauthenticated administrative access via FortiCloud Single Sign-On (SSO) and exfiltrate system configuration files, potentially enabling further compromise of enterprise networks. Fortinet disclosed these vulnerabilities on […]
5 Surprising Truths About Web Security I Learned From a National Standard
We use websites for everything. From checking our bank balance and paying bills to connecting with friends and reading the daily news, these digital platforms are woven into the fabric of our lives. We trust them with our personal data, financial details, and private communications, yet we rarely consider the immense, multi-layered effort required to […]
Thailand’s Website Security Standards 1.0: A Comprehensive Guide
This official publication in the Royal Thai Government Gazette presents the “Standards for Website Security Version 1.0,” issued by the National Cyber Security Agency (NCSA) pursuant to the Cybersecurity Act B.E. 2562 (2019). The standards establish minimum security requirements for all websites connected to the internet, encompassing government agencies, critical information infrastructure entities, and private-sector […]
Google Patches Sixth Chrome Zero-Day Exploited in 2025 Attacks
Google has released an emergency security update to fix a new zero-day vulnerability in its Chrome web browser, marking the sixth actively exploited flaw patched this year. The Vulnerability Security Update Zero-Days in 2025 This latest fix adds to a growing list of Chrome zero-days exploited this year: In 2024, Google patched 10 additional zero-day […]
The Great Firewall Data Leak: A Global Wake-Up Call for Cybersecurity Governance
In a striking development that underscores the fragility of digital sovereignty, over 500 gigabytes of internal data from Geedge Networks—a key contractor behind China’s Great Firewall (GFW)—was recently leaked online. This breach has revealed not only the technical architecture of one of the world’s most sophisticated internet censorship systems, but also the broader geopolitical implications […]
CVE-2025-43300 vulnerability :Understanding Apple’s ImageIO Framework
Introduction Apple’s ecosystem is well-known for its seamless user experience. One of the unsung heroes behind this smooth interaction with digital images is the ImageIO Framework. This framework provides developers with a standardized way to read, write, and process image files across iOS and macOS. While ImageIO makes handling images efficient and reliable, it is […]
