NCSA Webboard
    • ล่าสุด
    • แท็ก
    • ฮิต
      • ติดต่อสำนักงาน
    • ลงทะเบียน
    • เข้าสู่ระบบ

    Cyber Threat Intelligence 19 June 2026

    Cyber Security News
    1
    1
    11
    โหลดโพสเพิ่มเติม
    • เก่าสุดไปยังใหม่สุด
    • ใหม่สุดไปยังเก่าสุด
    • Most Votes
    ตอบ
    • ตอบโดยตั้งกระทู้ใหม่
    เข้าสู่ระบบเพื่อตอบกลับ
    Topic นี้ถูกลบไปแล้ว เฉพาะผู้ใช้งานที่มีสิทธิ์ในการจัดการ Topic เท่านั้นที่จะมีสิทธิ์ในการเข้าชม
    • NCSA_THAICERTN
      NCSA_THAICERT
      แก้ไขล่าสุดโดย

      Healthcare Sector

      • Apollo Pharmacy Blood Glucose Monitoring System APG-01 BT
        "Successful exploitation of these vulnerabilities could allow an attacker to obtain sensitive health-related information and prevent legitimate users from establishing a connection with the device."
        https://www.cisa.gov/news-events/ics-medical-advisories/icsma-26-169-01

      Industrial Sector

      • AVer PTC Cameras
        "Successful exploitation of this vulnerability could allow arbitrary code execution."
        https://www.cisa.gov/news-events/ics-advisories/icsa-26-169-01
      • AzeoTech DAQFactory
        "Successful exploitation of this vulnerability could allow an attacker to upload malicious .ctl files that may lead to arbitrary code execution."
        https://www.cisa.gov/news-events/ics-advisories/icsa-26-169-02
      • Rockwell Automation FactoryTalk Historian Site Edition
        "Successful exploitation of these vulnerabilities could allow an attacker to obtain a valid authentication token, perform a denial of service, or crash the system."
        https://www.cisa.gov/news-events/ics-advisories/icsa-26-169-03
      • Schneider Electric EasyLogic T150 And Saitel DP
        "Successful exploitation this vulnerability could allow an attacker to gain unauthorized access to sensitive files"
        https://www.cisa.gov/news-events/ics-advisories/icsa-26-169-04
      • Mitsubishi Electric MELSEC iQ-F Series
        "Successful exploitation of this vulnerability could allow a remote attacker to cause a denial-of-service (DoS) condition in the affected product by rapidly establishing a large number of TCP connections to it, resulting in an inconsistency in the product's internal connection management process and triggering improper memory access."
        https://www.cisa.gov/news-events/ics-advisories/icsa-26-169-05
      • Mitsubishi Electric Co.'s MELSEC iQ-F Series FX5-ENET/IP Ethernet Module
        "Successful exploitation of this vulnerability could allow a remote attacker to cause a denial-of-service (DoS) condition in the affected product by continuously sending a large number of communication packets to the Ethernet port of the product in a short period of time, increasing the processing load of the product, preventing the internal anomaly-detection processing from being performed, and causing the communication function to stop."
        https://www.cisa.gov/news-events/ics-advisories/icsa-26-169-06
      • Schneider Electric Easergy, EcoStruxture, PowerLogic, And Saitel Products
        "Schneider Electric is aware of vulnerabilities in its PowerChute™ Serial Shutdown product. The PowerChute Serial Shutdown product is a UPS management software enabling graceful system shutdown and energy management capabilities for desktop, servers and workstations. Failure to apply the remediation provided below may risk improper input validation which could result in disruption of operations and access to system data."
        https://www.cisa.gov/news-events/ics-advisories/icsa-26-169-07
      • CISA Urges OT Resilience In Dark Remarks About Cyberattacks
        "Critical U.S. infrastructure like water, power and even banking systems will be successfully hacked by enemy cyber warriors in the event of a military confrontation with a peer adversary like Russia or China, officials from the nation's civilian cyber defense agency said. That means utilities must learn to operate at some level, for some time without reliable internet connectivity or the technology it enables, they said."
        https://www.bankinfosecurity.com/cisa-urges-ot-resilience-in-dark-remarks-about-cyberattacks-a-32014
      • A Brief Overview Of The Main Incidents In Industrial Cybersecurity. Q1 2026
        "In Q1 2026, 131 incidents were publicly confirmed by victims. All of these incidents are included in the table at the end of the overview, with select incidents described in detail. Several significant incidents were unveiled this quarter from the perspective of the threat landscape. Reports of attacks on Poland’s critical infrastructure – including traditional and renewable energy , in an attempt to gain access to automated control systems, as well as loud statements about attacks on nuclear power facilities, allegedly “avoided” any potential negative consequences for the facility’s operation, clearly indicate that the Overton window is shifting in a dangerous direction for society."
        https://ics-cert.kaspersky.com/publications/reports/2026/06/18/a-brief-overview-of-the-main-incidents-in-industrial-cybersecurity-q1-2026/

      Vulnerabilities

      • PSA: Supply Chain Compromise Targets ShapedPlugin, Backdoored Pro Plugins Distributed Via Official Channels
        "The Wordfence Threat Intelligence Team was notified on June 11th, 2026 of a potential supply chain compromise affecting ShapedPlugin, a WordPress plugin vendor with over 400,000 active free plugin installations. Fortunately, Wordfence customers have already had malware signature detection for the particular backdoor used in this attack. During our investigation, we discovered that attackers compromised the vendor’s build and distribution pipeline, injecting backdoor code into Pro plugin releases distributed through official licensed update channels. As with all supply chain compromises, this attack is particularly insidious because affected site owners followed security best practices: they purchased legitimate licenses and installed updates directly from the vendor’s official update system. Supply chain compromises are becoming significantly more common in all software, including WordPress software."
        https://www.wordfence.com/blog/2026/06/psa-supply-chain-compromise-targets-shapedplugin-backdoored-pro-plugins-distributed-via-official-channels/
        https://www.bleepingcomputer.com/news/security/shapedplugin-update-flow-hacked-to-infect-wordpress-sites/
      • F5 Issues Out-Of-Band Patches For Critical NGINX Vulnerabilities
        "Cybersecurity company F5 has released out-of-band security updates to address multiple NGINX web server vulnerabilities, including two critical-severity flaws that could allow attackers to execute code on vulnerable systems. The two critical vulnerabilities were found in the ngx_http_v3_module (CVE-2026-42530) and the ngx_http_proxy_v2_module and ngx_http_grpc_module (CVE-2026-42055), and can be exploited by unauthenticated remote attackers to trigger a denial-of-service (DoS) attack or code execution on NGINX systems with non-default configurations."
        https://www.bleepingcomputer.com/news/security/f5-issues-out-of-band-patches-for-critical-nginx-vulnerabilities/
        https://thehackernews.com/2026/06/f5-patches-two-critical-nginx-open.html
        https://www.securityweek.com/f5-patches-critical-high-severity-nginx-vulnerabilities/
        https://securityaffairs.com/193842/security/f5-patches-critical-nginx-vulnerabilities-enabling-unauthenticated-code-execution.html
      • Atlassian, Splunk Patch Critical Vulnerabilities
        "Atlassian and Splunk on Wednesday announced patches for multiple vulnerabilities in their products, including critical-severity flaws. Splunk resolved a critical issue in AI Toolkit that could allow authenticated attackers with admin roles to execute arbitrary OS commands on the host the Splunk Enterprise instance runs on. “The vulnerability is possible because of an unsafe shell execution pattern in the btool configuration helper, which constructs OS command strings from dynamic parameters without disabling shell interpretation,” Splunk explains."
        https://www.securityweek.com/atlassian-splunk-patch-critical-vulnerabilities/
      • Critical Command Execution Vulnerability Patched In Cisco ISE
        "Cisco has released fixes for a critical-severity command execution vulnerability in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC). Tracked as CVE-2026-20181 (CVSS score of 9.1), the issue exists because user-supplied input is improperly validated, allowing an attacker to send a crafted HTTP request and obtain user-level access to the underlying operating system. The attacker could then elevate their privileges to root."
        https://www.securityweek.com/critical-command-execution-vulnerability-patched-in-cisco-ise/
        https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-G5WP8vv
        https://securityaffairs.com/193849/uncategorized/cisco-fixed-a-critical-ise-vulnerability-that-lets-attackers-to-gain-root-access.html
      • CISA Adds One Known Exploited Vulnerability To Catalog
        "CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
        CVE-2026-20253 Splunk Enterprise Missing Authentication for Critical Function Vulnerability"
        https://www.cisa.gov/news-events/alerts/2026/06/18/cisa-adds-one-known-exploited-vulnerability-catalog
      • Apple Fixes Beats Studio Buds Flaw That Let Hackers Spy On Conversations
        "Apple has released security updates to patch a high-severity flaw affecting the Beats Studio Buds wireless earbuds that could allow attackers in Bluetooth range to spy on users' conversations. "An attacker within Bluetooth range may be able to listen through the microphone of a device which is not yet paired and actively seeking pair requests," Apple explained in a Tuesday advisory. "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party.""
        https://www.bleepingcomputer.com/news/security/apple-fixes-beats-studio-buds-flaw-that-let-hackers-spy-on-conversations/
        https://support.apple.com/en-us/127557
      • FIFA Bug Exposes World Cup Streams To Remote Takeover
        "An egregious access control vulnerability in FIFA's Microsoft Entra environment allowed an ethical hacker to gain direct control over global World Cup television streams, match management systems, and more. Not since 1962, when USSR vice admiral Vasily Arkhipov saved the human race by refusing to consent to a nuclear missile launch, has humanity been spared such a potentially horrific fate as it was just a few days ago."
        https://www.darkreading.com/application-security/fifa-bug-world-cup-streams-remote-takeover
      • Google Told Researcher 'Nice Catch!' Then Denied Bug Bounty For Flaw It Still Hasn't Fixed
        "Google has a security hole in a Kubernetes operator that could allow attackers to bypass Google Cloud Platform (GCP) identity and access protections and gain full control over any organization's cloud environment. Or it has a serious communication and transparency problem when it comes to its bug bounty programs. Maybe both. Researcher and frequent cloud bug hunter Justin O'Leary told us that he found and reported to Google a major flaw that allows any Kubernetes namespace user to bypass GCP's Identity and Access Management (IAM) controls and therefore gain root access to managing an organization's cloud resources."
        https://www.theregister.com/security/2026/06/18/google-told-researcher-nice-catch-then-denied-bug-bounty-for-flaw-it-still-hasnt-fixed/5258076
        https://olearysec.com/research/config-connector-authorization-bypass/
      • PeopleSoft PeopleTools Pre-Authentication RCE: A PSIGW SSRF Chain That Executes Inside The JVM
        "Enterprise resource planning systems handle some of the most sensitive data an organization holds, but they are also deeply connected to internal infrastructure. When a pre-authentication remote code execution (RCE) chain surfaces in one of the most widely deployed ERP platforms and is already being exploited in the wild, it warrants close attention. In this blog entry, TrendAI™ Research details a technical analysis of an active pre-authentication exploitation chain in Oracle PeopleSoft PeopleTools, the development platform used to build and maintain PeopleSoft applications. PeopleSoft PeopleTools versions 8.61, and 8.62 are affected, per Oracle’s advisory."
        https://www.trendmicro.com/en_us/research/26/f/PeopleTools.html
      • Attackers Actively Exploiting Sensitive Information Exposure Vulnerability In Gravity SMTP Plugin
        "On March 30th, 2026, we publicly disclosed a Sensitive Information Exposure vulnerability in Gravity SMTP, a WordPress plugin with an estimated 100,000 active installations. This vulnerability can be leveraged by unauthenticated attackers to retrieve detailed system configuration data and, critically, any API keys, secrets, and OAuth tokens configured for the plugin’s email integrations. The vendor released the fully patched version on March 17th, 2026, and we originally disclosed this vulnerability in the Wordfence Intelligence vulnerability database on March 30th, 2026. The Wordfence Firewall has already blocked over 17 million exploit attempts targeting this vulnerability."
        https://www.wordfence.com/blog/2026/06/attackers-actively-exploiting-sensitive-information-exposure-vulnerability-in-gravity-smtp-plugin/

      Malware

      • Crypto Clipper Uses Tor And Worm-Like Propagation For Persistence And Control
        "Microsoft Threat Intelligence and Microsoft Defender Experts identified a Windows-based cryptocurrency clipper that has affected users since February of 2026. Clipper malware relies on stealing clipboard data and parsing it for valuable assets. The clipper in this campaign relies on Windows Script Host and ActiveX-driven logic to launch a bundled Tor proxy and poll a hidden-service C2 server. It carries out high-frequency clipboard theft, screenshot exfiltration, and wallet-address substitution."
        https://www.microsoft.com/en-us/security/blog/2026/06/17/crypto-clipper-uses-tor-worm-like-propagation-for-persistence-control/
        https://www.bleepingcomputer.com/news/security/usb-worm-spreads-crypto-stealing-malware-via-windows-shortcut-files/
        https://thehackernews.com/2026/06/microsoft-details-windows-clipper.html
        https://securityaffairs.com/193860/uncategorized/tor-based-clipper-malware-targets-wallet-seed-phrases.html
      • Klue Integration Abused In Salesforce Data Theft
        "In June 2026, ReliaQuest observed a compromised integration for Klue, a competitive-intelligence platform that syncs battlecard and win/loss data with Salesforce, being used to exfiltrate customer relationship management (CRM) data from enterprise environments. The activity follows the same third-party OAuth-abuse playbook behind the Salesloft Drift and Gainsight compromises that rattled Salesforce ecosystems throughout 2025 and 2026, reinforcing that trusted software-as-a-service (SaaS) integrations remain a high-value yet little-monitored route to reach sensitive data."
        https://reliaquest.com/blog/threat-spotlight-integration-abused-in-crm-data-theft
        https://www.bleepingcomputer.com/news/security/klue-oauth-breach-linked-to-icarus-salesforce-data-theft-attacks/
        https://www.darkreading.com/cyberattacks-data-breaches/salesforce-data-thefts-klue-app-compromise
        https://www.bankinfosecurity.com/attackers-steal-salesforce-data-from-klue-battlecards-users-a-32011
      • Killing Me Gently: Inside Gentlemen’s EDR Killer Framework
        "ESET researchers analyzed the robust EDR-killing toolset of the ransomware-as-a-service gang Gentlemen. Since the beginning of 2026, Gentlemen has emerged as one of the most active gangs in the ransomware ecosystem. The group distinguishes itself through a mature, operator-maintained set of endpoint detection and response (EDR) killers, i.e., tools for disrupting security software. Additionally, unlike most top-tier gangs, Gentlemen does not exhibit a strong US-centric victimology, instead targeting victims across Southeast Asia, South America, and Western Europe."
        https://www.welivesecurity.com/en/eset-research/killing-me-gently-inside-gentlemens-edr-killer-framework/
        https://www.bleepingcomputer.com/news/security/gentlemen-ransomware-uses-multiple-edr-killers-to-disable-defenses/
        https://www.bankinfosecurity.com/gentlemen-ransomware-gang-standardizes-edr-killing-a-32007
        https://www.helpnetsecurity.com/2026/06/18/eset-gentlemen-edr-killers/
      • Operation FanTrap: Inside The FIFA 2026 Fraud Ecosystem
        "The FIFA World Cup 2026 has become more than a global sporting event. It has evolved into a large-scale cybercrime opportunity exploited by threat actors through a coordinated ecosystem of fraudulent domains, social media channels, messaging platforms, pirated streaming services, and dark web activity. Since May 2026, Cyble Research and Intelligence Labs (CRIL) has identified nearly 4,000 domains impersonating FIFA-related brands, ticketing platforms, streaming services, and fan-facing resources."
        https://cyble.com/blog/operation-fantrap-fifa-2026-fraud-ecosystem/
        Operation Escaneo: Infrastructure Exposure, TTP Analysis, And Attribution Assessment Of An Advanced Intrusion * Campaign Against Mexican Federal Agencies And Financial Institutions
        "This report documents a coordinated, multi-stage campaign run by a threat actor targeting critical infrastructure across Latin America. Artifacts from the threat actor's staging server reveal a sophisticated operational toolchain spanning all phases of the MITRE ATT&CK framework, from automated reconnaissance through data exfiltration. The campaign is characterised by a proprietary distributed reconnaissance engine (Kimera), a curated exploit armory targeting enterprise perimeter devices (Fortinet, Ivanti, Cisco), portable lateral movement toolkits, and layered command-and-control infrastructure using Neo-reGeorg webshells, Chisel reverse tunnels, and compromised Cisco routers with persistent GRE tunnels."
        https://www.cloudsek.com/blog/operation-escaneo-mexican-government-financial-institutions-cyberattack
        https://www.darkreading.com/cybersecurity-operations/operation-escaneo-signals-shift-latam-threat-landscape
        https://www.infosecurity-magazine.com/news/operation-escaneo-cloudsek-latam/
      • Retro Gaming Fans Are The New Target For Fake GitHub Malware
        "Retro gaming fans should be careful with GitHub projects that claim to be tools or plugins for their consoles. Attackers can disguise ordinary computer malware as homebrew software, and the technique works against any retro platform with an active modding scene, not just one console. We recently looked at one example aimed at PlayStation Vita owners: a fake project that pretends to be a free audio tool but actually runs Windows malware on your computer."
        https://www.malwarebytes.com/blog/threat-intel/2026/06/retro-gaming-fans-are-the-new-target-for-fake-github-malware
      • SmartApeSG Launches Okendo Reviews Supply Chain Attack
        "On May 14, 2026, the Zscaler ThreatLabz team identified unusually high activity associated with the threat actor SmartApeSG to deploy malware. During our examination, we discovered malicious JavaScript code embedded in a legitimate reviews widget found on numerous websites. Our analysis revealed that the affected component was the Okendo Reviews widget, a popular customer review platform used by more than 18,000 brands. Because the Okendo Reviews widget is widely deployed, this compromise enabled downstream exposure across any website that utilized the widget. The widget is typically deployed on high-visibility e-commerce pages, including: storefront homepages, product information pages, and review submissions."
        https://www.zscaler.com/blogs/security-research/smartapesg-launches-okendo-reviews-supply-chain-attack
      • Threat Actors Abuse Claude.ai Shared Chat For ClickFix Malvertising Campaign
        "TrendAI™ Research tracked a sustained malvertising campaign that abused Google Ads to deliver ClickFix social engineering attacks disguised as popular AI developer tools. The campaign impersonated at least six legitimate brand names, including ChatGPT Codex, Perplexity, Cursor IDE, JetBrains, Claude AI, and claude.ai, and simultaneously ran Mac utility scam lures."
        https://www.trendmicro.com/en_us/research/26/f/claudeai-shared-chat-abused-in-malvertising.html
      • World Cup-Themed Phishing Campaign Delivers Voidrift Malware With Highly Personalized Lures
        "Cofense Intelligence has identified an active phishing campaign exploiting excitement around the FIFA World Cup 2026 to deliver a sophisticated malware family known as Voidrift. The campaign is notable for its high degree of personalization. Each email is tailored with the recipient's name, their company's name, and even the company's logo embedded directly into the image of the free t-shirt, indicating that threat actors invested meaningful reconnaissance effort before launching attacks."
        https://cofense.com/blog/world-cup-themed-phishing-campaign-delivers-voidrift-malware-with-highly-personalized-lures

      Breaches/Hacks/Leaks

      • Nintendo Confirms Data Stolen In WebMD Subsidiary Cyberattack
        "Nintendo of America has confirmed to BleepingComputer that threat actors stole survey data from the third-party TinyPulse service used internally, but its systems were not compromised. The company’s statement comes after claims from the Shadowbyt3$ “extortion-as-a-service” threat group that they exfiltrated sensitive data related to Nintendo of America employees. “We are aware of an issue involving TinyPulse, a third-party service used for internal employee surveys at Nintendo of America,” stated Nintendo."
        https://www.bleepingcomputer.com/news/security/nintendo-confirms-data-stolen-in-webmd-subsidiary-cyberattack/

      General News

      • May 2026 Infostealer Trend Report
        "This report summarizes the distribution channels, number of infostealers, number of detections, target companies, and execution types of new infostealers collected during the month of May 2026. The collected samples were analyzed based on data from AhnLab SEcurity intelligence Center (ASEC)’s automated data collection system, Email Honeypot system, automated malware C2 analysis system, and AhnLab product diagnostic logs."
        https://asec.ahnlab.com/en/94172/
      • International Law Enforcement Initiate Hunt On Malware Group SocGholish
        "In Operation Endgame, a major operation this week disrupted a key infection chain used by cybercriminals. Within an international cooperation, 14.971 websites infected with SocGholish malware were remediated. This malware is used by a criminal group that plays a pivotal role in international cybercrime, namely: Evil Corp."
        https://www.politie.nl/en/news/2026/juni/18/11-international-law-enforcement-initiate-hunt-on-malware-group-socgholish.html
        https://www.proofpoint.com/us/blog/threat-insight/sayonara-socgholish-operation-endgame-disrupts-major-cybercrime-operation
        https://www.bleepingcomputer.com/news/security/law-enforcement-nukes-socgholish-malware-from-nearly-15-000-sites/
        https://cyberscoop.com/socgholish-malware-botnet-takedown-evilcorp/
        https://hackread.com/operation-endgame-disrupts-socgholish-malware/
        https://www.helpnetsecurity.com/2026/06/18/law-enforcement-socgholish-operation-endgame/
      • AI Inherits People's Permissions But Not Judgment
        "Most enterprise security programs carry a quiet assumption: Whoever sits on the other side of a control is a person. Someone who can be trained, who pauses before acting and who, even with wide-ranging access, brings instinct to bear about what's worth opening, what's safe to share and what to leave untouched."
        https://www.bankinfosecurity.com/blogs/ai-inherits-peoples-permissions-but-judgment-p-4133
        https://mind.io/content/research-report-impact-of-data-trust-on-ai-success
      • 5 Key Takeaways From Inside The Shape-Shifting Inbox: A Modern Playbook For Security Leaders
        "Artificial intelligence is accelerating one of the most significant shifts the cybersecurity industry has seen in years. During Cofense’s webinar, Inside the Shape-Shifting Inbox: A Modern Playbook for Security Leaders, CEO Marc Olsen and Board Advisor George Gerchow explored how AI is transforming phishing from a high-effort, tactical attack into a highly scalable, adaptive business risk."
        https://cofense.com/blog/5-key-takeaways-from-inside-the-shape-shifting-inbox-a-modern-playbook-for-security-leaders
      • How Software Development’s Speed Obsession Enabled TeamPCP’s Chaos Crusade
        "TeamPCP is on a rampage through open-source software. In less than four months, the threat actor has compromised and injected malicious code into more than 1,000 software packages. The extraordinary spree has transformed how software developers and maintainers distribute and manage their code, as their dependencies and repositories have become one of the most effective and prevalent attack vectors this year."
        https://cyberscoop.com/teampcp-breaks-open-source-software-trust-model/
      • Get Out Of Security Debt By Tackling The Exposure Problem
        "Security teams already know they have too many vulnerabilities. What they often underestimate is how much of that risk remains exposed. Right now, 82% of organizations carry security debt. These are vulnerabilities that have been open for more than a year. At the same time, flaws that are both severe and likely to be exploited are increasing. That combination is what turns a backlog into real risk. Vulnerabilities are not just being discovered. They are persisting in production systems long enough to be found and used."
        https://www.darkreading.com/cyber-risk/security-debt-tackle-exposure-problem
      • Securing Digital Keys When Your Phone Unlocks The Car
        "In this interview with Help Net Security, Alysia Johnson, President of the Car Connectivity Consortium (CCC), explains how the CCC Digital Key has grown from a single-brand feature into a standard meant to work across phones, automakers, and suppliers. She talks through what changed with Version 4, why the team focused on interoperability and testing instead of one new threat, and how NFC fallback access stays protected. She also covers fast credential revocation when a phone is lost or stolen, and how crypto agility prepares the standard for post-quantum demands over a car’s long life."
        https://www.helpnetsecurity.com/2026/06/18/alysia-johnson-car-connectivity-consortium-securing-digital-keys/
      • What Happens To Oversight When AI Agents Write a Lab’s Own Code
        "Inside the labs building frontier AI, a growing share of the coding gets done by the AI itself. These agents write, edit, and run software with light human oversight between steps, and they reach into production infrastructure, research pipelines, and potentially the systems that train and evaluate future models. A new analysis from researchers at the University of Oxford and SaferAI digs into the security risks that live in everything around those agents: the people reviewing their code, the pipelines watching them, and the policies that set the rules, along with the models themselves."
        https://www.helpnetsecurity.com/2026/06/18/research-ai-coding-agent-oversight/
        https://arxiv.org/pdf/2606.13474
      • Most Agentic AI Projects In Production Have Stalled Over Data Problems
        "Enterprises are connecting AI agents to live data feeds and putting them to work on tasks that once required human review, from IT operations to software development. The number doing this in production reached 32 percent in 2026, up from 29 percent the year before, according to Confluent’s annual Data Streaming Report, which surveyed 4,625 IT leaders across 14 countries."
        https://www.helpnetsecurity.com/2026/06/18/report-agentic-ai-in-production/
      • AI In The Underground: Curiosity, Claims, And Concerns
        "Counter Threat Unit™ (CTU) researchers have observed artificial intelligence (AI) emerging into a prominent topic in underground communities, with threat actors discussing its potential, claiming its use for malware and tool development, and expressing concerns. Many claims have not been validated, but the posts reveal perceptions about generative AI and examples of how it may be used in cybercriminal activity. In some respect, threat actors are facing the same challenge as everyone else — seeking to preserve economic viability during a technological transition while trying to identify how and when to embrace AI."
        https://www.sophos.com/en-us/blog/ai-in-the-underground-curiosity-claims-and-concerns
        https://www.infosecurity-magazine.com/news/cybercriminals-worried-ai-take/
      • Hostile States Behind 75% Of Cyber-Attacks On UK Critical Infrastructure, NCSC Warns
        "Three-quarter of cyber incidents affecting UK critical infrastructure organizations over the past year originated from nation-state actors or were linked to hostile states such as Russia, China and Iran, according to Richard Horne, CEO of the UK’s National Cyber Security Centre (NCSC). Speaking at the Royal United Services Institute (RUSI) Annual Security Lecture 2026 on June 17, Horne said the agency dealt with 200 cyber incidents affecting critical nation infrastructure (CNI) between June 2025 and May 2026."
        https://www.infosecurity-magazine.com/news/hostile-states-cni-75-percent-ncsc/
      • Cybercrime Surges In APAC As Digitalization Takes Hold
        "Cybercrime is taking hold in Asia and the South Pacific just as it has elsewhere in the world, with organized crime gangs exploiting the adoption of new technologies, according to Interpol. The policing network said that cybercrime now accounts for 30% of crime in over half of the countries covered by its 2025/2026 Asia and South Pacific Cyberthreat Assessment Report. The study, which is sponsored by the UK government, assessed cybercrime trends across 18 Southeast Asian countries and Pacific Island states."
        https://www.infosecurity-magazine.com/news/cybercrime-surges-apac-digitization/
        https://www.theregister.com/cyber-crime/2026/06/18/cyber-offenses-now-account-for-around-a-third-of-all-crime-across-asia-and-south-pacific/5257716
      • No Exploits Required
        "Well hey y’all. I just got hooked up with this space to somewhat-routinely write about vulnerabilities, cybersecurity, and infosec history. I’m currently at runZero, where I’m the vice president of security research, which basically means that I spend most of my time hanging around with some incredibly bright and devoted people who are also cunning and shrewd. We’re all dedicated to the notion that it is, in fact, possible to secure networks by being smart and creative with your approaches to exposure management."
        https://www.securityweek.com/no-exploits-required/

      อ้างอิง
      Electronic Transactions Development Agency (ETDA) 60bad516-cdeb-47dc-b885-4111426bfd5e-image.png

      1 การตอบกลับ คำตอบล่าสุด ตอบ คำอ้างอิง 0
      • First post
        Last post