NCSA Webboard
    • ล่าสุด
    • แท็ก
    • ฮิต
      • ติดต่อสำนักงาน
    • ลงทะเบียน
    • เข้าสู่ระบบ

    Cyber Threat Intelligence 17 June 2026

    Cyber Security News
    1
    1
    8
    โหลดโพสเพิ่มเติม
    • เก่าสุดไปยังใหม่สุด
    • ใหม่สุดไปยังเก่าสุด
    • Most Votes
    ตอบ
    • ตอบโดยตั้งกระทู้ใหม่
    เข้าสู่ระบบเพื่อตอบกลับ
    Topic นี้ถูกลบไปแล้ว เฉพาะผู้ใช้งานที่มีสิทธิ์ในการจัดการ Topic เท่านั้นที่จะมีสิทธิ์ในการเข้าชม
    • NCSA_THAICERTN
      NCSA_THAICERT
      แก้ไขล่าสุดโดย

      Industrial Sector

      • Rockwell Automation FLEX I/O EtherNet/IP Adapters
        "Successful exploitation of these vulnerabilities could allow an attacker to gain unauthorized access, account takeover, and cause loss of availability."
        https://www.cisa.gov/news-events/ics-advisories/icsa-26-167-05
      • Rockwell Automation FactoryTalk Analytics PavilionX
        "Successful exploitation of this vulnerability could result in an attacker executing privileged operations."
        https://www.cisa.gov/news-events/ics-advisories/icsa-26-167-01
      • Rockwell Automation RSLinx
        "Successful exploitation of this vulnerability can lead to a denial of service, where the application will become unresponsive and will not recover on its own."
        https://www.cisa.gov/news-events/ics-advisories/icsa-26-167-02
      • Rockwell Automation Logix 5370 & 5570 Controllers Vulnerable To Denial Of Service Via CIP
        "Successful exploitation of this vulnerability could cause a denial-of-service condition that may result in a major nonrecoverable fault (MNRF)."
        https://www.cisa.gov/news-events/ics-advisories/icsa-26-167-03
      • Rockwell Automation CompactLogix
        "Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition."
        https://www.cisa.gov/news-events/ics-advisories/icsa-26-167-04
      • Implementing Zero Trust In Operational Technology: A Practical Case Study
        "While zero trust guidance for enterprise information technology (EIT) systems is well established, its direct application to operational technology (OT) environments is problematic due to fundamental differences in system architecture and operational priorities. Zero trust frameworks tailored to the unique requirements of OT systems are just beginning to emerge. The Software Engineering Institute (SEI) is pioneering research into the application of zero trust principles within weapon system environments with embedded OT. In this blog post, we explore a specific case study and examine how findings from our research on weapon systems driven by embedded OT translate to the broader OT landscape."
        https://www.sei.cmu.edu/blog/implementing-zero-trust-in-operational-technology-a-practical-case-study/

      Vulnerabilities

      • Critical Fortinet FortiSandbox Flaws Now Exploited In Attacks
        "Attackers are now exploiting several critical vulnerabilities in Fortinet's FortiSandbox cyber threat detection platform, according to threat intelligence company Defused. Fortinet released security updates for these three critical-severity security flaws (tracked as CVE-2026-39813, CVE-2026-39808, and CVE-2026-25089) on April 14. These flaws allow unauthenticated threat actors to escalate privileges and execute unauthorized code remotely through low-complexity command injection attacks that require no user interaction. To resolve these issues and block incoming attacks, admins must upgrade affected deployments to the latest released versions."
        https://www.bleepingcomputer.com/news/security/critical-fortinet-fortisandbox-flaws-now-exploited-in-attacks/
        https://thehackernews.com/2026/06/attackers-exploit-three-fortinet.html
        https://securityaffairs.com/193709/ai/fortinet-warned-as-three-critical-fortisandbox-bugs-come-under-attack.html
        https://www.theregister.com/security/2026/06/16/three-critical-fortinet-sandbox-bugs-splattered-by-unknown-attackers/5256461
        https://www.helpnetsecurity.com/2026/06/16/fortisandbox-vulnerabilities-cve-2026-39813-cve-2026-39808-cve-2026-25089/
      • CISA Adds One Known Exploited Vulnerability To Catalog
        "CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
        CVE-2026-48907 Widget Factory Joomla Content Editor Improper Access Control Vulnerability"
        https://www.cisa.gov/news-events/alerts/2026/06/16/cisa-adds-one-known-exploited-vulnerability-catalog
      • Emerging Threat: (CVE-2026-49975) Apache HTTP Server Denial Of Service Via HTTP/2 Memory Exhaustion
        "CVE-2026-49975 is a memory exhaustion vulnerability in the mod_http2 module of Apache HTTP Server that allows a remote attacker to cause a denial of service through maliciously crafted HTTP/2 requests. It is classified as CWE-789, Memory Allocation with Excessive Size Value, and was publicly disclosed as part of an attack technique nicknamed the “HTTP/2 Bomb.” The vulnerability carries a CVSS v3.1 base score of 7.5 (High). The Apache Software Foundation rated the issue Moderate in its own advisory, while the National Vulnerability Database scores it High. The scoring vector reflects an availability-only impact: no loss of confidentiality or integrity, but full loss of service."
        https://www.cycognito.com/blog/emerging-threat-cve-2026-49975-apache-http-server-denial-of-service-via-http-2-memory-exhaustion/
        https://www.darkreading.com/vulnerabilities-threats/http-2-bomb-attacks-telcos-healthcare

      Malware

      • Multiple JetBrains IDE Plugins Caught Stealing AI Keys
        "We detected a coordinated malware campaign on the JetBrains Marketplace. At least 15 IDE plugins, published under seven vendor accounts, share the same hidden behavior. Each one exfiltrates the AI provider API key that you stored into its settings, and together they have been installed close to 70,000 times. Every plugin poses as an AI coding assistant built on DeepSeek and other large language models, offering chat, commit messages, code review, bug finding, and unit tests. They function exactly as advertised. However, the AI provider API key you enter gets exfiltrated to a server controlled by the attacker."
        https://www.aikido.dev/blog/multiple-jetbrains-ide-plugins-caught-stealing-ai-keys
        https://www.bleepingcomputer.com/news/security/malicious-jetbrains-marketplace-plugins-steal-ai-api-keys-from-developers/
      • Rokarolla : Android Banker With Complete Device Takeover Capabilities
        "The zLabs research team has discovered Rokarolla, a newly identified Android banking trojan named after its Command and Control (C2) infrastructure. Primarily distributed through malicious websites such as hxxps[://]infocontablidades[.]it[.]com/, where it masquerades as popular applications like TikTok or Google Chrome, this highly invasive malware is specifically designed to target and compromise 217 distinct cryptocurrency and banking applications."
        https://zimperium.com/blog/rokarolla-android-banker-with-complete-device-takeover-capabilities
        https://github.com/Zimperium/IOC/blob/master/2026-06-Rokarolla/commands.md
        https://www.bleepingcomputer.com/news/security/new-rokarolla-android-malware-targets-217-banking-crypto-apps/
        https://thehackernews.com/2026/06/new-rokarolla-android-malware-steals.html
        https://www.darkreading.com/endpoint-security/rokarolla-android-trojan
        https://www.bankinfosecurity.com/rokarolla-android-banking-trojan-enables-device-takeover-a-31996
        https://www.infosecurity-magazine.com/news/rokarolla-android-banking-trojan/
        https://hackread.com/rokarolla-android-trojan-crypto-and-banking-apps/
      • Dozens Of Malicious Wallpapers Found On Steam Workshop: Gamers’ Accounts At Risk
        "Since late 2025, malware has been spreading rapidly through the Steam Workshop, the gaming platform’s built-in service for players to create and share custom content. The attackers are primarily targeting gamers in China and Russia, aiming to hijack their accounts. To pull this off, they are exploiting Wallpaper Engine – a popular live wallpaper app available on Steam – specifically leveraging its Workshop sharing feature. The malware is hidden inside the wallpaper packages users share with one another. Running one of these compromised wallpapers can lead to a stolen Steam account or leave the victim’s system infected with backdoors or crypto miners."
        https://securelist.com/dozens-of-malicious-wallpapers-found-on-steam-workshop/120186/
        https://www.bleepingcomputer.com/news/security/steam-workshop-abused-to-spread-malware-via-wallpaper-engine-app/
      • GhostTree Attack Abused Recursive Windows Junctions To Hide Malware
        "Most security teams think of NTFS junctions and symbolic links as niche file system features. They let one directory point to another, like a shortcut that the OS treats as real. They exist for backward compatibility, storage management, things that rarely come up in a SOC. But they have a property that makes them interesting from an offensive perspective: any user can create them. No admin privileges are required, and no special permissions beyond write access to the target folder. We discovered that by pointing a junction back at its own parent directory, an attacker can create recursive loops that generate effectively infinite file paths. Tools that try to scan the directory recursively, including EDR products, could follow the loop and never finish."
        https://www.bleepingcomputer.com/news/security/ghosttree-attack-abused-recursive-windows-junctions-to-hide-malware/
      • Hidden In Teams: DragonForce Attackers Weaponize Microsoft Teams Relays To Stay Hidden
        "Attackers deploying the DragonForce ransomware against a major U.S. services firm hid their command and-control traffic (C&C) inside Microsoft Teams’ own relay infrastructure, using a custom Go-based backdoor that Symantec is tracking as Backdoor.Turn. To network defenders, the only traffic they could see was outbound connections to legitimate Microsoft Teams servers. The attackers were on the victim network for between one and two months. Backdoor.Turn obtains an anonymous Teams visitor token from Microsoft’s Skype-backed identity services, uses a legitimate Microsoft TURN relay to set up the connection, and then runs a QUIC session to the attacker’s real command-and-control (C2) server. To our knowledge this is the first time TURN relay infrastructure has been abused this way in the wild. It is relatively unusual to see ransomware attackers using their own custom tools, and it is particularly unusual to see them using a custom tool as sophisticated as Backdoor.Turn."
        https://www.security.com/threat-intelligence/dragonforce-msteams-backdoor
        https://www.bleepingcomputer.com/news/security/ransomware-gang-abuses-microsoft-teams-relays-to-hide-malicious-traffic/
        https://www.infosecurity-magazine.com/news/dragonforce-ransomware-hidden/
        https://www.theregister.com/cyber-crime/2026/06/16/crooks-found-a-new-way-to-collaborate-using-teams-by-hiding-command-and-control-traffic/5256296
        https://www.helpnetsecurity.com/2026/06/16/dragonforce-microsoft-teams-malware-backdoor-turn/
      • FishMonger’s Arsenal Upgraded: SprySOCKS For Windows
        "ESET researchers have discovered two as-yet undocumented Windows variants of SprySOCKS, a previously Linux-only backdoor reportedly used by FishMonger, the group believed to be operated by a Chinese contractor named I‑SOON. While we initially discovered the malware samples on VirusTotal, ESET telemetry shows real activity between 2023 and 2024, with several victims in Honduras, Taiwan, Thailand, and Pakistan, targeting mostly government organizations."
        https://www.welivesecurity.com/en/eset-research/fishmongers-arsenal-upgraded-sprysocks-windows/
        https://www.bleepingcomputer.com/news/security/windows-version-of-sprysocks-linux-malware-used-to-attack-govt-orgs/
        https://www.darkreading.com/threat-intelligence/sprysocks-windows-variant-kernel-drivers
        https://thehackernews.com/2026/06/china-linked-sprysocks-backdoor-expands.html
        https://www.infosecurity-magazine.com/news/sprysocks-backdoor-windows/
      • Phishing Campaign Targets Banks With Fileless Phantom Stealer Malware
        "Fortra Intelligence and Research Experts (FIRE) have identified an active phishing campaign targeting high-capital organizations, particularly those operating within the banking sector. The campaign uses evasive techniques to distribute Phantom Stealer, a commercially available Malware-as-a-Service (MaaS) infostealer used to steal credentials, financial data, and sensitive information. The tool is sold under a subscription model by a threat actor operating under the alias Oldphantomoftheopera, affiliated with the Phantom Softwares group. The attack begins with phishing emails containing malicious attachments disguised as business documents. Once executed, the malware runs entirely in memory, helping it evade traditional defenses."
        https://www.fortra.com/blog/phishing-campaign-targets-banks-fileless-phantom-stealer-malware
        https://www.darkreading.com/cyberattacks-data-breaches/fileless-phantom-stealer-targets-browser-credentials
        Lorem Ipsum Revisited
        "BlueVoyant Security Operations Center (SOC) and Threat Fusion Cell (TFC) researchers have been tracking an active * ClickFix campaign that manipulates users into believing their web browser requires a security update. If the user complies, the ClickFix lure initiates a multi-stage infection chain that ultimately deploys the Lorem Ipsum Loader, a malware family BlueVoyant first documented in May 2026. The current campaign represents a notable evolution from the previous Lorem Ipsum operation, which distributed trojanized Microsoft Teams installers through SEO-poisoned and malvertised fake download portals. The pivot to ClickFix lures hosted on compromised WordPress (WP) sites significantly broadens the potential victim pool and demonstrates the operators' willingness to rapidly adapt their initial access techniques."
        https://www.bluevoyant.com/blog/orem-ipsum-clickfix-rapid-brigantine
        https://www.darkreading.com/cyberattacks-data-breaches/lorem-ipsum-malware-clickfix-delivery
        https://thehackernews.com/2026/06/clickfix-campaigns-expand-malware.html
      • Inside Amos Stealer: How This Threat Targets MacOS Credentials And Keychains
        "Amos Stealer remains a prominent and highly active malware family specifically engineered to target macOS users and extract sensitive information from compromised systems. Typically distributed via deceptive software downloads, malicious websites, or sophisticated social engineering lures, this info-stealer is designed to harvest user credentials, browser data, cryptocurrency wallet configurations, and other proprietary files. The sustained activity of Amos Stealer underscores a broader cyber threat trend: threat actors are increasingly shifting their focus toward macOS environments to execute financially motivated campaigns."
        https://www.cyberproof.com/blog/inside-amos-stealer-how-this-threat-targets-macos-credentials-and-keychains/
        https://hackread.com/amos-stealer-macos-keychain-files-browser-passwords/
      • Pickle In The Middle – Hijacking Vertex AI Model Uploads For Cross-Tenant RCE
        "We discovered a vulnerability in the Google Cloud Vertex AI software development kit (SDK) for Python, and responsibly disclosed it to Google. Before Google’s fix, the vulnerability would have allowed an attacker operating entirely from their own Google Cloud project to hijack a victim's model upload and poison it. By exploiting this flaw in vulnerable versions of the SDK, an attacker can achieve remote code execution (RCE) within a target’s Vertex AI serving infrastructure, with zero initial access to the victim's project. The root enabler of this attack is a predictable default bucket name, combined with a missing ownership check in the SDK's staging logic. When a Vertex AI user uploads a model without specifying a custom staging bucket, the SDK constructs a bucket name using a deterministic pattern based on the project ID and region."
        https://unit42.paloaltonetworks.com/hijacking-vertex-ai-model/
        https://thehackernews.com/2026/06/google-vertex-ai-sdk-flaw-let-attackers.html
      • Analysis Of APT37 NarwhalRAT Leveraging MS-Themed Phishing And Dead-Drop C2
        "Genians Security Center recently confirmed the continued distribution of compiled Python-based malware. This threat shows strong similarities to the attack scenario and TTPs identified in the report "Python Backdoor Threat Analysis Following an AI Deepfake Impersonation Campaign", published on May 11, 2026. This attack was carried out through a spear phishing email titled "[Urgent] Security Check Notice Regarding Repeated One-Time Password (OTP) Generation". The sender was displayed as "Microsoft Account Team", making the email appear as though it had been sent by an official account security team. However, the actual sender domain was confirmed to be unrelated to Microsoft’s official domains."
        https://www.genians.co.kr/en/blog/threat_intelligence/narwhalrat
        https://thehackernews.com/2026/06/fake-microsoft-alerts-used-to-deploy.html
      • EvilTokens: A Phishing Attack That Doesn’t Steal Your Password
        "Much has been written about how the days of phishing emails laden with broken grammar and crude design are numbered, largely thanks to AI. Meanwhile, EvilTokens offers a somewhat different example of how far the phishing craft has moved. EvilTokens is a phishing-as-a-service (PhaaS) kit built to compromise Microsoft 365 accounts by abusing the OAuth 2.0 device authorization grant flow. As attacks that use the kit rely on device code phishing, they sidestep the need for convincing replicas of genuine login pages where the victims would hand over their passwords. Instead, attackers get the victim to complete a legitimate authentication process – including two-factor authentication (2FA) – on a real Microsoft login page."
        https://www.welivesecurity.com/en/cybercrime/eviltokens-phishing-doesnt-steal-password/

      Breaches/Hacks/Leaks

      • iRhythm Discloses Data Breach, Says Hackers Stole Patient Info
        "Digital healthcare company iRhythm Holdings has disclosed a data breach after hackers stole patients' personal and health information stored on third-party-hosted business applications. The company says its cardiac monitoring service has been used to analyze more than 2 billion hours of curated heartbeat data from over 12 million patients. In a filing with the U.S. Securities and Exchange Commission (SEC) on Monday, iRhythm said it discovered the incident one day earlier, prompting it to launch an investigation with external cybersecurity experts and activate its cybersecurity response plan to contain the breach."
        https://www.bleepingcomputer.com/news/security/irhythm-discloses-data-breach-says-hackers-stole-patient-info/
        https://www.malwarebytes.com/blog/news/2026/06/cardiac-patients-medical-data-stolen-and-held-to-ransom
        https://securityaffairs.com/193721/data-breach/irhythm-hit-by-cyberattack-patient-data-stolen-and-ransom-demanded.html
        https://www.securityweek.com/irhythm-confirms-data-stolen-in-hack/
        https://www.theregister.com/cyber-crime/2026/06/16/cardiac-monitor-makers-security-skips-a-beat-as-data-thieves-go-for-the-jugular/5256038
      • Scoop: FulcrumSec Leaks Novo Nordisk Data After $25M Demand Goes Unpaid (2)
        "Danish pharma giant Novo Nordisk disclosed a cybersecurity incident last week, and although the firm’s name may not be familiar to everyone, they are a major producer of insulin and semaglutide. Semaglutide is marketed as Wegovy for weight loss and Ozempic for Type 2 diabetes. In its June 11 update, the firm stated that the incident affected a limited amount of information related to patients participating in some of its clinical trials. As they described it, the information was pseudoanonymized, i.e., the information was not directly linked to any patients by name or other direct identifiers:"
        https://databreaches.net/2026/06/15/scoop-fulcrumsec-leaks-novo-nordisk-data-after-25m-demand-goes-unpaid/
        https://www.securityweek.com/cybercrime-group-claims-novo-nordisk-hack/

      General News

      • May 2026 Threat Trend Report On APT Group
        "The May 2026 APT Trends report identified supply chain attacks, developer environment attacks, automated Initial Breach, and exploitation of runtime environments as key developments. Lazarus, Famous Chollima, Gamaredon, MuddyWater, and Nimbus Manticore are of particular concern."
        https://asec.ahnlab.com/en/94145/
      • FTC Data Show People Reported Losing $3.5 Billion To Imposter Scams In 2025
        "New data from the Federal Trade Commission reveal that people reported losing a staggering $3.5 billion to imposter scams in 2025, with reported losses increasing nearly three times since 2020. FTC data also show that people reported imposter scams more than any other fraud category in 2025—nearly one in three fraud reports were about imposter scams. These scams lured consumers through text, phone, email, social media, search engine results and other means. Some of the costliest impersonation scams start with a fake security alert, often from a bank. People are convinced to move money to “protect” it, with their losses often limited only by their available funds."
        https://www.ftc.gov/news-events/news/press-releases/2026/06/ftc-data-show-people-reported-losing-3-point-5-billion-imposter-scams-2025
        https://www.bleepingcomputer.com/news/security/ftc-warns-of-record-35-billion-losses-to-imposter-scams-in-2025/
      • Phishing No Longer Looks Wrong: What Security Leaders Should Do Next
        "Traditional defenses were built around prevention. Block malicious email before delivery. Train users to recognize suspicious messages. Investigate what slips through. That model still has value, but it is under pressure from a new class of attacks that are:"
        https://cofense.com/blog/phishing-no-longer-looks-wrong-what-security-leaders-should-do-next
      • Most CISOs Report Pressure To Bury Bad Security News
        "CISOs contend with increasingly advanced attacks, evolving compliance and regulation standards, and constant worry about what will happen to the company and themselves if a breach occurs. Stress, blame, and panic have become synonymous with the role. Now comes another burden. According to a recent Checkmarx report, "The Future of Application Security in the Era of AI," 95% of CISOs "feel pressured to suppress or delay compliance-related security findings.""
        https://www.darkreading.com/cyber-risk/most-cisos-report-pressure-to-bury-bad-security-news
      • Reachability Makes AI Threat Modeling Worth The Trust
        "In this interview with Help Net Security, Oscar Andersson, CTO at Oplane, explains why most scanning tools fail. They cry wolf, flagging threats that cannot run in real code. The argument centers on reachability. A finding counts only when someone walks the path to impact on a working build. He shows how a chain of small design choices led to account takeover in a popular open-source project, then covers how to test a vendor’s claims, handle attacks aimed at the AI itself, and why reviewing every code change beats one yearly audit."
        https://www.helpnetsecurity.com/2026/06/16/oscar-andersson-oplane-ai-threat-modeling/
      • EU Cybersecurity Act 2.0: When Good Regulation Goes Bad
        "Over recent years we’ve witnessed the EU becoming increasingly serious about cybersecurity. After years of watching high profile breaches, many resulting from supply chain attacks targeting our critical infrastructure, that seriousness is welcome. But good intentions and good policy are not the same thing, and the proposed EU Cybersecurity Act 2.0 is starting to look a lot more like the former than the latter."
        https://www.helpnetsecurity.com/2026/06/16/eu-cybersecurity-act-2-0-regulation/
      • Over Two-Thirds Of Security Pros Say Cyber Is Getting Harder
        "Cybersecurity professionals say their job is harder than ever, with 68% reporting it has become more difficult over the past two years, according to a new report. The study, The Life and Times of Cybersecurity Professionals, Volume VIII, from industry body ISSA and analyst Omdia, surveyed 380 practitioners. It found that over 70% of respondents are facing workplace challenges linked to being locked out of key technology decisions."
        https://www.infosecurity-magazine.com/news/security-pros-cyber-cyber-harder/
        https://issa.org/life-and-times-of-cybersecurity-professionals-volume-viii/
      • Hacker Conversations: Isira Adithya, The Evolution Of An Ethical Hacker
        "Like many hackers, Sri Lankan-born Isira Adithya was a child prodigy, building LED bulbs and selling them to his teachers when he was just 11 years old. But he has never used his skills for nefarious purposes. “Hackers,” says Adithya, “are people who refuse to take technology at face value. They probe, test, and dismantle to understand what’s inside and how it behaves. This can be used for security research, building better systems, or, in the wrong hands, for malicious gain.”"
        https://www.securityweek.com/hacker-conversations-isira-adithya-the-evolution-of-an-ethical-hacker/
      • AI And Cybersecurity – Everything You Wanted To Know, But Were Afraid To Ask
        "To better understand the current state of artificial intelligence (AI) in cybersecurity, SecurityWeek spoke with dozens of security practitioners, researchers, vendors, analysts, and AI experts. The result is a comprehensive snapshot of how AI is being used across the security landscape today."
        https://www.securityweek.com/ai-and-cybersecurity-everything-you-wanted-to-know-but-were-afraid-to-ask/
      • Tech Coalition ‘Athena’ Targets OSS Vulnerabilities Ahead Of Disclosure
        "Over two dozen fintech and technology organizations have formed a coalition to secure open source software (OSS) from accelerated, AI-driven exploitation. Named Athena, it has gathered industry leaders such as BNY, Chainguard, Cisco, Cloudflare, Corridor, DepthFirst, Docker, JPMorganChase, Kyndryl, LTM, PwC, and more, under a shared goal: to find vulnerabilities in OSS and to triage, fix, and protect against their exploitation even before patches arrive.
        https://www.securityweek.com/tech-coalition-athena-targets-oss-vulnerabilities-ahead-of-disclosure/
      • Survey: 94% Of Incidents Involve Anonymized Infrastructure. Teams Are Still Reactive
        "Security teams have never had more IP data at their disposal. Every day, analysts ingest enrichment feeds, geolocation data, reputation scores, telemetry, and threat intelligence from a growing ecosystem of vendors and platforms. Yet despite this abundance of information, many organizations continue to face a fundamental challenge: sifting through the noise to understand who is behind an IP and what action should follow."
        https://thehackernews.com/2026/06/survey-94-of-incidents-involve.html

      อ้างอิง
      Electronic Transactions Development Agency (ETDA) c09890c1-9e1b-4cb6-b920-9b96f36529a0-image.png

      1 การตอบกลับ คำตอบล่าสุด ตอบ คำอ้างอิง 0
      • First post
        Last post