NCSA Webboard
    • ล่าสุด
    • แท็ก
    • ฮิต
      • ติดต่อสำนักงาน
    • ลงทะเบียน
    • เข้าสู่ระบบ

    Cyber Threat Intelligence 23 April 2026

    Cyber Security News
    1
    1
    6
    โหลดโพสเพิ่มเติม
    • เก่าสุดไปยังใหม่สุด
    • ใหม่สุดไปยังเก่าสุด
    • Most Votes
    ตอบ
    • ตอบโดยตั้งกระทู้ใหม่
    เข้าสู่ระบบเพื่อตอบกลับ
    Topic นี้ถูกลบไปแล้ว เฉพาะผู้ใช้งานที่มีสิทธิ์ในการจัดการ Topic เท่านั้นที่จะมีสิทธิ์ในการเข้าชม
    • NCSA_THAICERTN
      NCSA_THAICERT
      แก้ไขล่าสุดโดย

      Financial Sector

      • Shadow AI, Deepfakes, And Supply Chain Compromise Are Rewriting The Financial Sector Threat Playbook
        "Financially motivated attacks continued to drive the bulk of cyber incidents against banks, insurers, and payment processors in 2025. Approximately 90% of breaches affecting financial institutions carried a financial motive, with data breaches accounting for roughly 64% of incidents and ransomware making up the remaining 36%. The average cost of a data breach in the sector reached $5.56 million per incident, placing finance second among all industries by breach cost. Personal data was the most frequently compromised category, appearing in 54% of cases. Internal organizational data accounted for 35% of compromised data, and credentials for 22%. Attackers used that access to enable downstream fraud, credential resale, and persistent network presence."
        https://www.helpnetsecurity.com/2026/04/22/financial-sector-cyber-threats-report/

      Industrial Sector

      • Silex Technology SD-330AC And AMC Manager
        "Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code, cause a denial-of-service, or configuration information may be altered without authentication."
        https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-10
      • SenseLive X3050
        "Successful exploitation of these vulnerabilities could allow an attacker to take complete control of the device."
        https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-12
      • Siemens RUGGEDCOM CROSSBOW Secure Access Manager Primary
        "RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P) contains a vulnerability that could allow an attacker to escalate their own privileges. Siemens has released a new version for RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P) and recommends to update to the latest version."
        https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-02
      • Siemens SCALANCE
        "SCALANCE W-700 IEEE 802.11n family before V6.6.0 are affected by multiple vulnerabilities. Siemens has released a new version for SCALANCE W-700 IEEE 802.11n family and recommends to update to the latest version."
        https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-07
      • Siemens SINEC NMS
        "SINEC NMS before V4.0 SP3 contains an Authorization Bypass vulnerability that could allow an attacker to bypass authorization checks, leading to the ability to reset the password of any arbitrary user account. Siemens has released a new version for SINEC NMS and recommends to update to the latest version."
        https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-09
      • Siemens TPM 2.0
        "The products listed below contain a vulnerability that could allow an attacker to perform an out-of-bound read, potentially leading to information disclosure or denial of service of the TPM. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends countermeasures for products where fixes are not, or not yet available."
        https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-01
      • Siemens SINEC NMS
        "Siemens SINEC NMS when used with User Management Component (UMC) contains an authentication bypass vulnerability due to insufficient validation of user identity. This could allow an unauthenticated remote attacker to bypass authentication and gain unauthorized access to the application. Siemens has released a new version for SINEC NMS and recommends to update to the latest version."
        https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-03
      • Siemens Analytics Toolkit
        "Multiple Siemens applications are affected by improper certificate validation in Siemens Analytics Toolkit. This could allow an unauthenticated remote attacker to perform man in the middle attacks. Siemens has released new versions for the affected products and recommends to update to the latest versions."
        https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-04
      • Hardy Barth Salia EV Charge Controller
        "Successful exploitation of these vulnerabilities could crash the device being accessed; a buffer overflow condition may allow remote code execution."
        https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-05
      • Zero Motorcycles Firmware
        "Successful exploitation of this vulnerability could allow an attacker to pair via Bluetooth with a motorcycle, gaining unauthorized access to all Bluetooth functions, including changing the firmware."
        https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-06
      • Siemens RUGGEDCOM CROSSBOW Station Access Controller (SAC)
        "RUGGEDCOM CROSSBOW Station Access Controller (SAC) contains a vulnerability that could allow an attacker to achieve arbitrary code execution and to create a denial of service condition. Siemens has released a new version for RUGGEDCOM CROSSBOW Station Access Controller (SAC) and recommends to update to the latest version."
        https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-08
      • Siemens Industrial Edge Management
        "Industrial Edge Management contains an authorization bypass vulnerability that could be exploited by an unauthenticated remote attacker to circumvent authentication and to access connected Industrial Edge Devices through the remote connection feature. Siemens has released new versions for the affected products and recommends to update to the latest versions."
        https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-11

      New Tooling

      • PentAGI: Open-Source Autonomous AI Penetration Testing System
        "Penetration testers have long relied on collections of specialized tools, manual coordination, and documented runbooks to work through a target assessment. PentAGI, an open-source project from VXControl, attempts to automate that entire workflow using a multi-agent AI system that plans, researches, and executes penetration tests with minimal human direction. PentAGI organizes work into a hierarchy of flows, tasks, subtasks, and actions. An orchestrator agent receives a goal and coordinates three specialist agents: a researcher that gathers information and queries known vulnerability sources, a developer that plans attack strategies, and an executor that runs commands in isolated containers."
        https://www.helpnetsecurity.com/2026/04/22/pentagi-autonomous-ai-penetration-testing/
        https://github.com/vxcontrol/pentagi

      Vulnerabilities

      • Microsoft Releases Emergency Patches For Critical ASP.NET Flaw
        "Microsoft has released out-of-band (OOB) security updates to patch a critical ASP.NET Core privilege escalation vulnerability. The security flaw (tracked as CVE-2026-40372) was found in the ASP.NET Core Data Protection cryptographic APIs, and it could allow unauthenticated attackers to gain SYSTEM privileges on affected devices by forging authentication cookies. Microsoft discovered the flaw following user reports that decryption was failing in their applications after installing the .NET 10.0.6 update release during this month's Patch Tuesday."
        https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-emergency-security-updates-for-critical-aspnet-flaw/
        https://thehackernews.com/2026/04/microsoft-patches-critical-aspnet-core.html
        https://securityaffairs.com/191130/security/microsoft-out-of-band-updates-fixed-critical-asp-net-core-privilege-escalation-flaw.html
      • Oracle Patches 450 Vulnerabilities With April 2026 CPU
        "Oracle on Tuesday announced the release of 481 new security patches as part of its April 2026 Critical Patch Update (CPU). Across the 28 product families that received security updates, more than 300 patches address vulnerabilities that are remotely exploitable without authentication. Roughly three dozen fixes resolve critical-severity security defects. There appear to be approximately 450 unique CVEs listed on the latest Oracle CPU page. Approximately 240 are included in the risk matrix tables, but additional CVEs have been fixed as well, along with third-party issues not exploitable in Oracle’s products."
        https://www.securityweek.com/oracle-patches-450-vulnerabilities-with-april-2026-cpu/
      • Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape
        "A critical security vulnerability has been disclosed in a Python-based sandbox called Terrarium that could result in arbitrary code execution. The vulnerability, tracked as CVE-2026-5752, is rated 9.3 on the CVSS scoring system. "Sandbox escape vulnerability in Terrarium allows arbitrary code execution with root privileges on a host process via JavaScript prototype chain traversal," according to a description of the flaw in CVE.org. Developed by Cohere AI as an open-source project, Terrarium is a Python sandbox that's used as a Docker-deployed container for running untrusted code written by users or generated with assistance from a large language model (LLM)."
        https://thehackernews.com/2026/04/cohere-ai-terrarium-sandbox-flaw.html
      • CISA Adds One Known Exploited Vulnerability To Catalog
        "CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
        CVE-2026-33825 Microsoft Defender Insufficient Granularity of Access Control Vulnerability"
        https://www.cisa.gov/news-events/alerts/2026/04/22/cisa-adds-one-known-exploited-vulnerability-catalog
      • Apple Fixes iOS Bug That Retained Deleted Notification Data
        "Apple has released out-of-band security updates for iPhone and iPad devices to fix a Notification Services flaw that could allow notifications marked for deletion to remain stored on the device. The bug, tracked as CVE-2026-28950, was fixed on April 22, 2026, in iOS 26.4.2 and iPadOS 26.4.2 and in iOS 18.7.8 and iPadOS 18.7.8. "Notifications marked for deletion could be unexpectedly retained on the device," reads the Apple security bulletin."
        https://www.bleepingcomputer.com/news/security/apple-fixes-ios-bug-that-retained-deleted-notification-data/
        https://support.apple.com/en-us/127002
        https://www.helpnetsecurity.com/2026/04/22/apple-intelligence-token-vulnerability-serpent-attack/
      • Over 1,300 Microsoft SharePoint Servers Vulnerable To Spoofing Attacks
        "Over 1,300 Microsoft SharePoint servers exposed online remain unpatched against a spoofing vulnerability that was exploited as a zero-day and is still being abused in ongoing attacks. The security flaw, tracked as CVE-2026-32201, affects SharePoint Enterprise Server 2016, SharePoint Server 2019, and SharePoint Server Subscription Edition (the latest on-premises version, which uses a "continuous update" model). As Microsoft explained when it patched this security issue as part of the April 2026 Patch Tuesday, successful exploitation allows threat actors without privileges to perform network spoofing by taking advantage of an improper input validation weakness in low-complexity attacks that don't require user interaction."
        https://www.bleepingcomputer.com/news/security/over-1-300-microsoft-sharepoint-servers-vulnerable-to-ongoing-attacks/
      • The Zero-Days Are Numbered
        "Since February, the Firefox team has been working around the clock using frontier AI models to find and fix latent security vulnerabilities in the browser. We wrote previously about our collaboration with Anthropic to scan Firefox with Opus 4.6, which led to fixes for 22 security-sensitive bugs in Firefox 148. As part of our continued collaboration with Anthropic, we had the opportunity to apply an early version of Claude Mythos Preview to Firefox. This week’s release of Firefox 150 includes fixes for 271 vulnerabilities identified during this initial evaluation. As these capabilities reach the hands of more defenders, many other teams are now experiencing the same vertigo we did when the findings first came into focus. For a hardened target, just one such bug would have been red-alert in 2025, and so many at once makes you stop to wonder whether it’s even possible to keep up."
        https://blog.mozilla.org/en/privacy-security/ai-security-zero-day-vulnerabilities/
        https://www.securityweek.com/claude-mythos-finds-271-firefox-vulnerabilities/
        https://www.theregister.com/2026/04/22/mozilla_firefox_mythos_future_defenders/

      Malware

      • CVE-2025-29635: Mirai Campaign Targets D-Link Devices
        "The Akamai SIRT discovered active exploitation attempts of the D-Link command injection vulnerability CVE-2025-29635 in our global network of honeypots in early March 2026. This vulnerability exists in D-Link DIR-823X series routers in firmware versions 240126 and 24082, and allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to the /goform/set_prohibiting endpoint via the corresponding function, which can trigger remote command execution."
        https://www.akamai.com/blog/security-research/cve-2025-29635-mirai-campaign-targets-d-link-devices
        https://www.bleepingcomputer.com/news/security/new-mirai-campaign-exploits-rce-flaw-in-eol-d-link-routers/
        https://www.securityweek.com/mirai-botnet-targets-flaw-in-discontinued-d-link-routers/
        https://securityaffairs.com/191135/malware/mirai-botnet-exploits-cve-2025-29635-to-target-legacy-d-link-routers.html
        https://www.helpnetsecurity.com/2026/04/22/new-mirai-variants-target-routers-and-dvrs-via-old-flaws/
      • Kyber Ransomware Double Trouble: Windows And ESXi Attacks Explained
        "For executive leadership, the emergence of Kyber ransomware represents a significant and immediate threat due to its specialized, dual-platform deployment capability targeting mission-critical virtualization infrastructure (VMware ESXi) and core Windows file systems. This cross-platform approach, coupled with effective anti-recovery measures, drastically elevates the risk of a total operational disruption. Organizations should treat Kyber not merely as another ransomware strain, but as a specialized tool capable of causing a complete operational blackout. Recent real-world incidents have demonstrated that this approach can result in large-scale operational impact across enterprise environments."
        https://www.rapid7.com/blog/post/tr-kyber-ransomware-double-trouble-windows-esxi-attacks-explained/
        https://www.bleepingcomputer.com/news/security/kyber-ransomware-gang-toys-with-post-quantum-encryption-on-windows/
      • Namastex.ai Npm Packages Hit With TeamPCP-Style CanisterWorm Malware
        "Last month, we responded to CanisterWorm, a worm-enabled npm supply chain campaign that compromised legitimate publisher space, replaced package contents with install-time malware, used stolen publishing access to republish malicious versions, and relied on an Internet Computer Protocol (ICP) canister as a dead-drop command and control (C2) channel. This campaign was attributed to a set of TeamPCP supply chain attacks. In this newly discovered npm incident, the malware uses the same core adversarial methods: install-time execution, credential theft from developer environments, off-host exfiltration, canister-backed infrastructure, and self-propagation logic intended to compromise additional packages. The overlap is notable enough on its own, and malicious packages included an explicit code reference to a TeamPCP/LiteLLM method inside the malicious payload."
        https://socket.dev/blog/namastex-npm-packages-compromised-canisterworm
        https://www.stepsecurity.io/blog/pgserve-compromised-on-npm-malicious-versions-harvest-credentials
        https://thehackernews.com/2026/04/self-propagating-supply-chain-worm.html
        https://www.bleepingcomputer.com/news/security/new-npm-supply-chain-attack-self-spreads-to-steal-auth-tokens/
        https://www.theregister.com/2026/04/22/another_npm_supply_chain_attack/
      • Harvester: APT Group Expands Toolset With New GoGra Linux Backdoor
        "The Harvester APT group has developed a new, highly-evasive, Linux version of its GoGra backdoor. The malware uses the legitimate Microsoft Graph API and Outlook mailboxes as a covert command-and-control (C2) channel, allowing it to bypass traditional perimeter network defenses. The Symantec and Carbon Black Threat Hunter Team linked this new Linux malware to a previously known Windows espionage campaign by Harvester due to similarities in code, demonstrating that the threat actor is actively expanding its cross-platform capabilities."
        https://www.security.com/blog-post/harvester-new-linux-backdoor-gogra
        https://www.bleepingcomputer.com/news/security/new-gogra-malware-for-linux-uses-microsoft-graph-api-for-comms/
        https://thehackernews.com/2026/04/harvester-deploys-linux-gogra-backdoor.html
      • Weaponizing Apathy: How Threat Actors Exploit Vulnerabilities And Legitimate Software
        "In today’s world, there is an increasingly high focus on malware trends rather than repurposed legitimate tools. Repurposed or legitimate software is often overlooked, even though these have the capability to compromise devices, deliver and execute malicious payloads, and steal information from users. Legitimate websites being abused is very common and often mentioned in media. Yet, the actual programs and software are less often looked at due to the false assumption that there is little that can be done to avoid these. An example of a legitimate program that threat actors have repeatedly repurposed or abused is Microsoft products."
        https://cofense.com/blog/weaponizing-apathy-how-threat-actors-exploit-vulnerabilities-and-legitimate-software
      • Anatomy Of a Fraud Operation: Mule Account Creation On B2B Fintech Platforms In France
        "Fintech platforms such as Revolut, Wise and N26 offer fast, fully remote account opening, streamlined KYC, and business-grade payment infrastructure — SEPA transfers, invoicing, payment processing, and in some cases cryptocurrency integration. These platforms built for freelancers and individual entrepreneurs have become a significant target for organised fraud networks across Europe. For a legitimate freelancer or micro-business owner, this combination of services are exactly what they need. For a fraud operator, it is exactly what they are looking for."
        https://www.group-ib.com/blog/french-fintech-mule-accounts/
      • Silent Lures: The Rise Of Empty Subject Email Attacks
        "Silent Subject Campaigns, also known as Null Subject/Empty Subject campaigns are a lure phishing campaign or scam tactic where emails are sent without a subject line or with an extremely vague subject line. This is designed to encourage users to open the email out of curiosity, confusion, or a false sense of urgency. The primary objective of a Silent Subject Campaign is to gain initial access through social engineering, leading to credential compromise, unauthorized access, and potential lateral movement within targeted environments, especially focusing on high-value or VIP users. Cyberproof Threat Hunting and Managed Detection & Response Teams detected a widespread Null Subject phishing campaign targeting VIP users across multiple organizations from multiple sender domains."
        https://www.cyberproof.com/blog/silent-lures-the-rise-of-empty-subject-email-attacks/
        https://www.infosecurity-magazine.com/news/silent-subject-phishing-campaigns/
      • Malicious Trading Website Drops Malware That Hands Your Browser To Attackers
        "During our threat hunting, we found a campaign using the same malware loader from our previous research to deliver a different threat: Needle Stealer, data-stealing malware designed to quietly harvest sensitive information from infected devices, including browser data, login sessions, and cryptocurrency wallets. In this case, attackers used a website promoting a tool called TradingClaw (tradingclaw[.]pro), which claims to be an AI-powered assistant for TradingView."
        https://www.malwarebytes.com/blog/threat-intel/2026/04/malicious-trading-website-drop-malware-that-hands-over-your-browser-to-attackers
      • Anthropic Secretly Installs Spyware When You Install Claude Desktop
        "I was working on a personal project, debugging a Native Messaging helper I had written for it. In the process I needed to check what Brave Browser had registered on my laptop. What I found was a file I had never put there. It was not mine. I had not installed it. I had not authorised it. I had not even been told about it. It was from Anthropic."
        https://www.thatprivacyguy.com/blog/anthropic-spyware/
        https://www.malwarebytes.com/blog/news/2026/04/researcher-claims-claude-desktop-installs-spyware-on-macos
      • Tropic Trooper Pivots To AdaptixC2 And Custom Beacon Listener
        "On March 12, 2026, Zscaler ThreatLabz discovered a malicious ZIP archive containing military-themed document lures targeting Chinese-speaking individuals. Our analysis of this sample uncovered a campaign leveraging a multi-stage attack chain where a trojanized SumatraPDF reader deploys an AdaptixC2 Beacon agent, ultimately leading to the download and abuse of Visual Studio (VS) Code tunnels for remote access. During our analysis, we observed that the threat actor likely targeted Chinese-speaking individuals in Taiwan, and individuals in South Korea and Japan. Based on the tactics, techniques, and procedures (TTPs) observed in this attack, ThreatLabz attributes this activity to Tropic Trooper (also known as Earth Centaur and Pirate Panda) with high confidence. In this blog post, ThreatLabz covers the Tropic Trooper campaign and the tools that were deployed to conduct intelligence gathering."
        https://www.zscaler.com/blogs/security-research/tropic-trooper-pivots-adaptixc2-and-custom-beacon-listener
      • After Bluesky, Mastodon Targeted In DDoS Attack
        "Following a similar assault on Bluesky just days prior, the decentralized social media platform Mastodon has also been targeted in a major distributed denial-of-service (DDoS) attack. The attack targeted Mastodon.social, the flagship Mastodon server, and caused what the organization classified as a ‘major outage’. According to the Mastodon status page, the DDoS attack started on April 20 at around 1 PM, and by 4 PM mitigations were rolled out and the site became accessible."
        https://www.securityweek.com/after-bluesky-mastodon-targeted-in-ddos-attack/
        https://securityaffairs.com/191144/cyber-crime/ddos-wave-continues-as-mastodon-hit-after-bluesky-incident.html
      • North Korean Hackers Use AppleScript, ClickFix In Fresh MacOS Attacks
        "North Korean hackers have been using various social engineering and evasion techniques in recently observed attacks targeting macOS users within financial organizations. A campaign uncovered by Any.Run has relied on the infamous ClickFix technique to trick macOS users into installing information-stealing malware. The hackers have been mounting the attacks over Telegram, targeting business leaders, often using the compromised accounts of people known to the victim, with fake meeting invitations. The victims have been directed to websites mimicking Zoom, Microsoft Teams, or Google Meet, and prompted to “fix” a fake connection issue by copying and executing a command in the Terminal."
        https://www.securityweek.com/north-korean-hackers-use-applescript-clickfix-in-fresh-macos-attacks/
      • Malicious Checkmarx Artifacts Found In Official KICS Docker Repository And Code Extensions
        "Docker alerted Socket to malicious images pushed to the official checkmarx/kics Docker Hub repository after internal monitoring flagged suspicious new activity around KICS image tags. Our investigation found that attackers appear to have overwritten existing tags, including v2.1.20 and alpine, while also introducing a new v2.1.21 tag that does not correspond to a legitimate upstream release. Analysis of the poisoned image indicates that the bundled KICS binary was modified to include data collection and exfiltration capabilities not present in the legitimate version. Our investigation found evidence that the malware could generate an uncensored scan report, encrypt it, and send it to an external endpoint, creating a serious risk for teams using KICS to scan infrastructure-as-code files that may contain credentials or other sensitive configuration data."
        https://socket.dev/blog/checkmarx-supply-chain-compromise
        https://thehackernews.com/2026/04/malicious-kics-docker-images-and-vs.html
      • Inside Lazarus: How North Korea Uses AI To Industrialize Attacks On Developers
        "Expel is actively tracking an APT group that we assess with high confidence to be North Korean (DPRK) state-sponsored. We suspect that the threat actor is a subgroup or spin-off of a larger organization, potentially starting out as fraudulent IT workers before pivoting to malware. The group is extremely active in targeting Web3 developers and is primarily focused on stealing high-value digital assets such as cryptocurrency and NFTs. As much as $12M worth of cryptocurrency wallets were exfiltrated by the threat actor in 3 months, though hardware security tokens may limit damage."
        https://expel.com/blog/inside-lazarus-how-north-korea-uses-ai-to-industrialize-attacks-on-developers/
        https://therecord.media/north-korean-hackers-siphon-12-million-from-crypto-users
      • TeamPCP Strikes Again: Xinference PyPI Package Compromised
        "The JFrog security research team recently identified a supply chain attack targeting the xinference package on PyPI. Versions 2.6.0, 2.6.1, and 2.6.2 were compromised and yanked by maintainers after users reported suspicious behavior. If you installed or imported these versions, you must assume your environment is compromised. This is the latest hit in an ongoing multi-ecosystem campaign by the threat actor tracked as TeamPCP, who have recently compromised PyPI packages including litellm and telnyx, as well as npm, Go, OpenVSX, and GitHub repositories. The same actor marker, payload structure, and targeting profile tie this incident directly to that campaign."
        https://research.jfrog.com/post/xinference-compromise/

      Breaches/Hacks/Leaks

      • Discord-Linked Group Accessed Anthropic’s Claude Mythos AI In Vendor Breach
        "Two weeks after Anthropic announced Claude Mythos Preview (aka Claude Mythos and Mythos AI) as part of its Project Glasswing initiative, the company is investigating unauthorized access to the model through a third-party vendor environment. Reportedly, a handful of users on a Discord channel gained access to Mythos. Their focus was on gathering intelligence about unreleased AI models and appears to have used a combination of tactics to access the system. Bloomberg News reported on April 21, 2026, that the group made an “educated guess” about the model’s online location based on familiarity with Anthropic’s URL formatting conventions for other models."
        https://hackread.com/discord-access-anthropic-claude-mythos-ai-breach/
        https://www.engadget.com/ai/anthropic-is-investigating-unauthorized-access-of-its-mythos-cybersecurity-tool-091017168.html
        https://www.theregister.com/2026/04/22/anthropic_mythos_hype_nothingburger/

      อ้างอิง
      Electronic Transactions Development Agency (ETDA) 363d901c-a1a9-4e76-b7bc-6e198bd30ae3-image.png

      1 การตอบกลับ คำตอบล่าสุด ตอบ คำอ้างอิง 0
      • First post
        Last post