Healthcare Sector
- Digital Risk Is Now a Clinical Challenge
"The recent breach of New Zealand's ManageMyHealth patient portal exposed sensitive information from roughly 120,000 people, making it one of the country's most significant healthcare privacy incidents. For affected patients, the consequences are deeply personal and potentially lifelong. Unlike a stolen credit card, you can't reset your medical history."
https://www.bankinfosecurity.com/blogs/digital-risk-now-clinical-challenge-p-4051
Industrial Sector
- Bring The Fight To The Edge: Turning Time Into An Advantage In OT Security
"Industrial organizations are facing a growing paradox in cybersecurity. While operational technology (OT) environments are increasingly connected, most security strategies still assume threats will only materialize once attackers reach the plant floor. In reality, attacks that disrupt industrial operations rarely begin in OT environments. They originate upstream, progress over time and frequently exploit the persistent assumption of isolation. This shift fundamentally changes how defenders must think about visibility, detection and response across Information Technology (IT) and OT domains."
https://unit42.paloaltonetworks.com/ot-edge-security/
https://www.paloaltonetworks.com/resources/whitepapers/securing-ot-environments
New Tooling
- Explore, Analyse And Correlate Malware At Scale With Azul
"The Australian Signals Directorate (ASD) has publicly released its open‑source malware analysis tool called Azul. Azul enables government and private sector partners to collaborate on threat understanding, quickly identify common malware behaviours, and improve the speed and precision of response activities."
https://www.cyber.gov.au/about-us/view-all-content/news/explore-analyse-and-correlate-malware-at-scale-with-azul
https://www.cyber.gov.au/business-government/detecting-responding-to-threats/cyber-security-incident-response/azul-malware-analysis-tool
https://github.com/AustralianCyberSecurityCentre/azul
Vulnerabilities
- Critical SolarWinds Serv-U Flaws Offer Root Access To Servers
"SolarWinds has released security updates to patch four critical Serv-U remote code execution vulnerabilities that could grant attackers root access to unpatched servers. Serv-U is the company's self-hosted Windows and Linux file transfer software that comes with both Managed File Transfer (MFT) and FTP server capabilities, enabling organizations to securely exchange files via FTP, FTPS, SFTP, and HTTP/S. The most severe of the four security flaws patched by SolarWinds today in Serv-U 15.5.4 is tracked as CVE-2025-40538, and it allows attackers with high privileges to gain root or admin permissions on vulnerable servers."
https://www.bleepingcomputer.com/news/security/critical-solarwinds-serv-u-flaws-offer-root-access-to-servers/
https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-5-4_release_notes.htm
https://securityaffairs.com/188454/hacking/solarwinds-patches-four-critical-serv-u-flaws-enabling-root-access.html
https://www.theregister.com/2026/02/24/patch_these_4_critical_makemeroot/ - CISA Adds One Known Exploited Vulnerability To Catalog
"CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
CVE-2026-25108 Soliton Systems K.K. FileZen OS Command Injection Vulnerability"
https://www.cisa.gov/news-events/alerts/2026/02/24/cisa-adds-one-known-exploited-vulnerability-catalog - VMware Aria Operations Vulnerability Could Allow Remote Code Execution
"Broadcom has released patches for several vulnerabilities affecting VMware Aria Operations, including high-severity flaws. The most important of the newly patched vulnerabilities based on CVSS score (8.1) is CVE-2026-22719, a command injection issue that can be exploited by an unauthenticated attacker. “A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations while support-assisted product migration is in progress,” Broadcom explained in its advisory."
https://www.securityweek.com/vmware-aria-operations-vulnerability-could-allow-remote-code-execution/
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947
https://securityaffairs.com/188445/security/vmware-aria-operations-flaws-could-enable-remote-attacks.html - Astro Full-Read SSRF Via Host Header Injection
"Astro is a JavaScript frontend and backend framework in use by many large organizations for making website development much easier. Recently, one of the agents in our Aikido Attack product identified a medium-severity vulnerability in the server-side implementation of this framework. It made any servers directly accessible by the attacker vulnerable to Server-Side Request Forgery (SSRF)."
https://www.aikido.dev/blog/astro-full-read-ssrf-via-host-header-injection
Malware
- SURXRAT: Android RAT Downloads Large LLM Module From Hugging Face To Impact Device Performance
"SURXRAT is an actively developed Android Remote Access Trojan (RAT) commercially distributed through a Telegram-based malware-as-a-service (MaaS) ecosystem under the SURXRAT V5 branding. The malware is marketed using structured reseller and partner licensing tiers, allowing affiliates to generate and distribute customized builds while the operator maintains centralized infrastructure and operational control. This distribution model reflects the increasing professionalization of the Android threat landscape, where malware developers focus on scalability and monetization through affiliate-driven campaigns."
https://cyble.com/blog/surxrat-downloads-large-llm-module-from-hugging-face/ - Refund Scam Impersonates Avast To Harvest Credit Card Details
"A fraudulent website dressed in Avast’s brand is tricking French-speaking users into handing over their full credit card details—card number, expiry date, and three-digit security code—under the cover story of processing a €499.99 refund that was never owed to them. The operation combines live chat “support,” a hardcoded alarming transaction amount, and a convincing replica of Avast’s visual identity to create urgency and harvest payment data at scale."
https://www.malwarebytes.com/blog/threat-intel/2026/02/refund-scam-impersonates-avast-to-harvest-credit-card-details - 1Campaign: A New Cloaking Platform Helping Attackers Abuse Google Ads
"Varonis Threat Labs uncovered 1Campaign, a full-service cloaking platform built to help threat actors run malicious Google Ads at scale. The tool passes Google's screening, filters out security researchers, and keeps phishing and crypto drainer pages online for as long as possible, funneling real users to attacker-controlled sites. The developer behind it, operating under the handle DuppyMeister, has been maintaining the platform for over three years with dedicated Telegram channels for support. It combines real-time visitor filtering, fraud scoring, geographic targeting, and a bot guard script generator into a single dashboard."
https://www.varonis.com/blog/1campaign
https://www.bleepingcomputer.com/news/security/1campaign-platform-helps-malicious-google-ads-evade-detection/ - North Korean Lazarus Group Now Working With Medusa Ransomware
"North Korean state-backed attackers are now using the Medusa ransomware and are continuing to mount extortion attacks on the U.S. healthcare sector. North Korea has long been involved in ransomware attacks and has been previously associated with the Maui and Play ransomware families. However, the Symantec and Carbon Black Threat Hunter Team has uncovered evidence North Korean actors using Medusa in an attack on a target in the Middle East. The same attackers also mounted an unsuccessful attack against a healthcare organization in the U.S."
https://www.security.com/threat-intelligence/lazarus-medusa-ransomware
https://www.bleepingcomputer.com/news/security/north-korean-lazarus-group-linked-to-medusa-ransomware-attacks/
https://thehackernews.com/2026/02/lazarus-group-uses-medusa-ransomware-in.html
https://www.darkreading.com/cyberattacks-data-breaches/lazarus-group-new-position-medusa-ransomware
https://therecord.media/north-korean-hackers-using-medusa-ransomware
https://www.bankinfosecurity.com/north-korean-hackers-continue-to-target-us-healthcare-a-30832
https://www.infosecurity-magazine.com/news/north-korean-lazarus-group-medusa/
https://www.theregister.com/2026/02/24/north_koreas_lazarus_group_healthcare_medusa_ransomware/ - Diesel Vortex: Inside The Russian Cybercrime Group Targeting US & EU Freight
"In February 2026, Have I Been Squatted, in joint collaboration with Ctrl-Alt-Intel, uncovered a sophisticated criminal phishing operation run by a Russian threat actor group we are designating Diesel Vortex. The group spent at least five months systematically targeting freight and logistics companies across the United States and Europe, stealing over 1,600 unique login credentials from users of major logistics platforms including DAT Truckstop, Penske Logistics, Electronic Funds Source (EFS), and Timocom. Telegram webhook logs recovered from the platform show Armenian-language coordination among operators, indicating an Armenian-speaking component alongside the Russian infrastructure ties."
https://haveibeensquatted.com/blog/diesel-vortex-inside-the-russian-cybercrime-group-targeting-us-eu-freight
https://www.bleepingcomputer.com/news/security/phishing-campaign-targets-freight-and-logistics-orgs-in-the-us-europe/
https://therecord.media/phishing-operation-russia-armenia-targeting-us-european-cargo - Punchbowl Phishing Attack Explained: How Digital Invites Are Used To Steal Credentials
"In today's digital age, receiving online invitations to events has become commonplace. Sending and receiving invites has never been more convenient. However, not all electronic invitations are as trustworthy as they may appear. Punchbowl and Paperless Post are two of the largest digital invitation platforms, enabling individuals and organizations to create customized invitations, track RSVPs, and send event updates. Unfortunately, these trusted platforms also provide threat actors with an opportunity to exploit brand familiarity, particularly during certain seasons when digital invitations surge."
https://cofense.com/blog/punchbowl-phishing-attack-explained-how-digital-invites-are-used-to-steal-credentials - ZeroDayRAT: A Next-Generation Mobile Espionage And Financial Theft Platform
"The MaaS (Malware as a Service) model continues to evolve in the world of cybercrime. This new mobile spyware platform, dubbed “ZeroDayRAT” and examined by Cyberthint researchers, allows anyone without technical expertise to become an advanced cyber spy. Actively marketed through Telegram channels since February 2, 2026, this platform targets Android and iOS devices, combining real-time surveillance with direct financial theft within a single browser panel."
https://cyberthint.io/zerodayrat-a-next-generation-mobile-espionage-and-financial-theft-platform/
https://hackread.com/zerodayrat-malware-monitoring-android-ios-devices/ - Fake Zoom Meeting “update” Silently Installs Surveillance Software
"A fake Zoom meeting website is silently pushing surveillance software onto Windows machines. Visitors land on a convincing imitation of a Zoom video call. Moments later, an automatic “Update Available” countdown downloads a malicious installer—without asking for permission. The software being installed is a covert build of Teramind, a commercial monitoring tool companies use to record what employees do on work computers. In this campaign, it is being quietly dropped onto the machines of ordinary people who thought they were joining a meeting."
https://www.malwarebytes.com/blog/scams/2026/02/fake-zoom-meeting-update-silently-installs-surveillance-software - RoguePilot: Exploiting GitHub Copilot For a Repository Takeover
"We forced GitHub to prompt-inject itself. It allowed us to control Copilot’s responses and exfiltrate Codespaces’ GITHUB_TOKEN secret. The end result was a repository takeover. This vulnerability is a type of Passive Prompt Injection, where malicious instructions are embedded in data, content, or environments that the model later processes automatically, without any direct interaction from the attacker."
https://orca.security/resources/blog/roguepilot-github-copilot-vulnerability/
https://thehackernews.com/2026/02/roguepilot-flaw-in-github-codespaces.html
https://www.securityweek.com/github-issues-abused-in-copilot-attack-leading-to-repository-takeover/ - Mercenary Akula Hits Ukraine-Supporting Financial Institution
"BlueVoyant’s Security Operations Center (BVSOC) recently identified and responded to a targeted social engineering attack on a European financial institution involved in regional development and reconstruction initiatives. The attack exhibits hallmarks of activity attributed to the Russia-aligned Mercenary Akula (tracked by CERT UA as UAC-0050), a financially motivated mercenary entity also linked to cyber espionage and psychological operations. The attack spoofed a Ukrainian judicial domain to deliver an email containing a link to a remote access payload. The target was a senior legal and policy advisor involved in procurement, a role with privileged insight into institutional operations and financial mechanisms."
https://www.bluevoyant.com/blog/mercenary-akula-hits-financial-institution
https://thehackernews.com/2026/02/uac-0050-targets-european-financial.html - UnsolicitedBooker Targets Central Asian Telecoms With LuciDoor And MarsSnake Backdoors
"The threat activity cluster known as UnsolicitedBooker has been observed targeting telecommunications companies in Kyrgyzstan and Tajikistan, marking a shift from prior attacks aimed at Saudi Arabian entities. The attacks involve the deployment of two distinct backdoors codenamed LuciDoor and MarsSnake, according to a report published by Positive Technologies last week. "The group used several unique and rare instruments of Chinese origin," researchers Alexander Badaev and Maxim Shamanov said."
https://thehackernews.com/2026/02/unsolicitedbooker-targets-central-asian.html - UAE Claims It Stopped ‘terrorist’ Ransomware Attack
"The United Arab Emirates said it stopped a ransomware attack this weekend that allegedly targeted the country’s digital infrastructure. The country’s Cyber Security Council published a statement on Saturday that said they “successfully thwarted organized cyberattacks of a terrorist nature that targeted the country’s digital infrastructure and vital sectors in an attempt to destabilize the nation and disrupt essential services.”"
https://therecord.media/uae-claims-it-stopped-terrorist-ransomware-attack - Fake Homebrew Typosquats Used To Deliver Cuckoo Stealer Via ClickFix
"ClickFix has become a reliable trick for attackers who don't want to fight the operating system. Instead of exploiting software, they exploit habits. A fake web page shows what looks like a normal installation command. The user clicks "Copy," pastes it into Terminal, and the attack runs with the victim's own hands. In this case, the lure was Homebrew. We started with a single typosquatted domain and pivoted outward using Hunt.io. What looked like one fake install page turned out to be a coordinated infrastructure cluster delivering a credential-harvesting loader and a second-stage macOS infostealer we've designated Cuckoo Stealer."
https://hunt.io/blog/fake-homebrew-clickfix-cuckoo-stealer-macos - 2025: The Untold Stories Of Check Point Research
"Check Point Research (CPR) continuously tracks threats, following the clues that lead to major players and incidents in the threat landscape. Whether it’s high-end financially-motivated campaigns or state-sponsored activity, our focus is to figure out what the threat is, report our findings to the relevant parties, and make sure Check Point customers stay protected. Some of our work naturally makes it into the spotlight through public reports and deep blog posts. However, a large portion of what we uncover remains in the shadows but is used on a day-to-day basis to improve protections, connect the dots between incidents, and keep a watchful eye on known threat actors and infrastructure."
https://research.checkpoint.com/2026/2025-the-untold-stories-of-check-point-research/
Breaches/Hacks/Leaks
- Wynn Resorts Confirms Employee Data Breach After Extortion Threat
"Wynn Resorts has confirmed that a hacker stole employee data from its systems after the company was listed on the ShinyHunters extortion gang's data leak site. In a statement shared today, the company said it activated its incident response procedures and launched an investigation, with assistance from external cybersecurity experts, after discovering the breach. "We have learned that an unauthorized third party acquired certain employee data," reads a statement shared with BleepingComputer."
https://www.bleepingcomputer.com/news/security/wynn-resorts-confirms-employee-data-breach-after-extortion-threat/ - ShinyHunters Extortion Gang Claims Odido Breach Affecting Millions
"The ShinyHunters extortion gang has claimed responsibility for breaching Dutch telecommunications provider Odido and stealing millions of user records from its compromised systems. Odido is one of the largest telecommunications companies in the Netherlands and offers mobile, broadband, and television services to millions of customers nationwide. The company disclosed the breach on February 12, revealing that attackers downloaded the personal data of many of its users after gaining access to its customer contact system on February 7. However, Odido added that no Mijn Odido passwords, call details, location, data, billing data, or scans of identity documents were exposed during the incident."
https://www.bleepingcomputer.com/news/security/shinyhunters-extortion-gang-claims-odido-breach-affecting-millions/
General News
- Security And Complexity Slow The Next Phase Of Enterprise AI Agent Adoption
"Enterprise AI agents are embedded in routine business processes, particularly inside engineering and IT operations. Many organizations report active production deployments, and agent development ranks high on strategic agendas. A new study from Docker, The State of Agentic AI Report, examines how enterprises are deploying agentic systems and the challenges emerging as deployments scale. The data shows that 60% of organizations run AI agents in production environments. Nearly all describe building agents as a strategic priority."
https://www.helpnetsecurity.com/2026/02/24/ai-agents-business-processes-security-complexity/ - Faking It On The Phone: How To Tell If a Voice Call Is AI Or Not
"There was a time when we could believe everything we saw and heard. Unfortunately, those days are probably long gone. Generative AI (GenAI) has democratized the creation of deepfake audio and video, to the point where generating a fabricated clip is as easy as pushing a button or two. This is bad news for everyone, including businesses. Deepfakes are helping scammers bypass Know Your Customer and account authentication checks. They can even enable malicious state actors to masquerade as job candidates. But arguably the biggest threat they pose is financial/wire transfer fraud and the hijacking of executive accounts."
https://www.welivesecurity.com/en/business-security/faking-it-phone-how-tell-voice-call-ai/ - CrowdStrike Says Attackers Are Moving Through Networks In Under 30 Minutes
"Cyberattacks reached victims faster and came from a wider range of threat groups than ever last year, CrowdStrike said in its annual global threat report released Tuesday, adding that cybercriminals and nation-states increasingly relied on predictable tactics to evade detection by exploiting trusted systems. The average breakout time — how long it took financially-motivated attackers to move from initial intrusion to other network systems — dropped to 29 minutes in 2025, a 65% increase in speed from the year prior. “The fastest breakout time a year ago was 51 seconds. This year it’s 27 seconds,” Adam Meyers, head of counter adversary operations at CrowdStrike, told CyberScoop."
https://cyberscoop.com/crowdstrike-annual-global-threat-report-attack-breakout-time/
https://www.crowdstrike.com/explore/2026-global-threat-report
https://www.darkreading.com/cyber-risk/attackers-now-need-just-29-minutes-to-own-a-network
https://www.infosecurity-magazine.com/news/ai-powered-cyberattacks-up/ - Why SOCs Are Moving Toward Autonomous Security Operations In 2026
"The modern security operations center faces a crisis of scale that human effort cannot fix. With alert volumes exponentially growing and threat actors automating their attacks, organizations must pivot to autonomous SOC strategies. This shift to AI-driven defense is the only way to survive the operational realities of 2026."
https://www.helpnetsecurity.com/2026/02/24/socs-autonomous-security-operations-strategies/ - AI Is Becoming Part Of Everyday Criminal Workflows
"Underground forums include long threads about chatbots drafting phishing emails, generating code snippets, and coaching social engineering calls. A new study examined conversations captured between January 1, 2025 and July 31, 2025 across dozens of cybercrime forums to map how AI tools are entering day to day criminal operations."
https://www.helpnetsecurity.com/2026/02/24/ai-in-cybercrime-research/
https://arxiv.org/pdf/2602.14783 - January 2026 Threat Trend Report On APT Attacks (South Korea)
"Ahnlabs is monitoring APT (Advanced Persistent Threat) attacks in South Korea by utilizing their own infrastructure. This report covers the classification, statistics, and features of APT attacks in South Korea that were identified in January 2026."
https://asec.ahnlab.com/en/92685/ - Nowhere, Man: The 2026 Active Adversary Report
"In a world where so much changes rapidly, it can be interesting and informative to identify when things stay the same. Throughout 2025 many people claimed — as they have for a couple of years now — that this was going to be the year in which AI was going to make a meaningful difference in the threat landscape. Aside from some provable uses of AI to supercharge phishing and other social scams, and a fair number of overdramatic headlines, it just didn't happen. This year’s Active Adversary Report details what happened instead — including a change that does demand your attention."
https://www.sophos.com/en-us/blog/2026-sophos-active-adversary-report
https://www.bankinfosecurity.com/hackers-gain-speed-major-new-tradecraft-using-ai-tools-a-30838 - As Cybersecurity Firms Chase AI, VC Market Skyrockets
"The cybersecurity venture capital market experienced unprecedented activity in 2025, driven primarily by the rush to AI-native security solutions and a massive surge in mergers and acquisitions that reached record levels. In 2025, VC firms invested $119 billion in cybersecurity businesses, with 400 M&A transactions accounting for the majority of funding and another 820 financing deals totaling nearly $21 billion, according to data from Momentum Cyber, a cybersecurity investment bank. The total value of M&A, financing, and IPO activity in 2025 nearly tripled that of deals in the previous year."
https://www.darkreading.com/cybersecurity-analytics/cybersecurity-firms-chase-ai-vc-market-skyrockets - More Than Dashboards: AI Decisions Must Be Provable
"Enterprise leaders are asking a blunt question about artificial intelligence (AI) systems: What did it actually do? Not what it was designed to do. Not what the dashboard says it usually does. But what actually happened at the moment the system acted. As AI systems are deployed into regulated and high-risk environments, that question stops being theoretical. Boards, auditors, and regulators increasingly expect organizations to account for specific AI decisions, not just overall performance or intent."
https://www.darkreading.com/cyber-risk/more-dashboards-ai-decisions-provable - Cost Of Insider Incidents Surges 20% To Nearly $20m
"Employee negligence driven by shadow AI cost organizations more than any other type of insider risk last year, accounting for 53% of the $19.5m lost on average per business, according to DTEX. The security vendor’s Cost of Insider Risks 2026 report was produced by the Ponemon Institute and based on interviews with 8750 IT and security practitioners in 354 global organizations. Malicious incidents such as sabotage, data theft, fraud and unauthorized disclosure accounted for 27% ($4.7m) of the total lost to insider risks last year, DTEX claimed."
https://www.infosecurity-magazine.com/news/cost-of-insider-incidents-surges/ - AI Accelerates Attacker Breakout Time To Just Four Minutes
"AI is helping threat actors to accelerate attacks, but it can also empower incident responders to quickly contain threats, ReliaQuest has claimed in a new report. The firm's Annual Cyber-Threat Report 2026 is based on an analysis of customer incidents. It found that breakout time last year took on average just 34 minutes; 29% quicker than in 2024. The fastest ever recorded time taken from access to lateral movement was just four minutes – 85% faster than the year before. The fastest recorded exfiltration time was just six minutes; down from 4 hours 29 minutes in 2024."
https://www.infosecurity-magazine.com/news/ai-accelerates-attack-breakout/
https://reliaquest.com/campaigns/annual-threat-report-2026/ - US ‘committed’ To Fighting Transnational Gangs Behind Southeast Asian Scam Compounds: FBI
"The U.S. is “fully committed to leading the global fight” against the transnational criminal networks that have set up scamming compounds throughout Southeast Asia, a senior FBI official said Tuesday. Scott Schelble, the deputy assistant director of the FBI’s International Operations Division, told reporters that he recently met with law enforcement officials in Thailand, Cambodia and Vietnam to discuss the region’s scam operations."
https://therecord.media/us-committed-to-fighting-southeast-asia-scam-compounds - Turn Dependabot Off
"Dependabot is a noise machine. It makes you feel like you’re doing work, but you’re actually discouraging more useful work. This is especially true for security alerts in the Go ecosystem. I recommend turning it off and replacing it with a pair of scheduled GitHub Actions, one running govulncheck, and the other running your test suite against the latest version of your dependencies."
https://words.filippo.io/dependabot/
https://www.theregister.com/2026/02/24/github_dependabot_noise_machine/ - 2026 GreyNoise State Of The Edge Report: Where Attacks Concentrate And Defenses Fall Short
"GreyNoise analyzed 2.97 billion sessions over 162 days in H2 2025, and the patterns reveal where edge defenses hold up — and where they fall short. The data exposes specific concentration points in VPN targeting, infrastructure sourcing, and exploitation behavior that challenge conventional defensive assumptions."
https://www.greynoise.io/blog/2026-greynoise-state-of-the-edge-report-where-attacks-concentrate-defenses-fall-short
อ้างอิง
Electronic Transactions Development Agency (ETDA) 
Research observed an evolution in how Atomic Stealer (AMOS) is being distributed. Historically spread via “cracked” macOS software, a trend we documented in September 2025, we found the malware being delivered under the guise of OpenClaw skills. This campaign represents a critical evolution in supply chain attacks: the attacker has shifted from deceiving humans into manipulating AI agentic workflows into installing the first stage of the malware. This is an old malware trying to use “social engineering” on AI agents, marking a shift from prompt injection to using the AI itself as a trusted intermediary to trick humans."
ด่วน! Microsoft ได้ออกการอัปเดตแก้ไขช่องโหว่ใน Windows Admin Center 
️ ThaiCERT ได้ติดตามสถานการณ์ภัยคุกคามทางไซเบอร์ และพบประกาศด้านความมั่นคงปลอดภัย Microsoft ได้ออกการอัปเดตเพื่อแก้ไขช่องโหว่ใน Windows Admin Center (WAC) ซึ่งทำให้ผู้โจมตี ยกระดับสิทธิ์ (Privilege Escalation) ผ่านเครือข่ายได้ แนะนำให้องค์กรที่ใช้งาน WAC ตรวจสอบและอัปเดตโดยเร็ว
เตือนภัยผู้ใช้งาน OpenClaw พบความเสี่ยงช่องโหว่และการตั้งค่าระบบที่ไม่เหมาะสม อาจถูกเข้าควบคุมระบบจากระยะไกล ขอให้ผู้ใช้งานเฝ้าระวังอย่างใกล้ชิด
รายละเอียดภัยคุกคาม
ข้อมูลและระบบที่อาจตกเป็นเป้าหมาย
แหล่งอ้างอิง:
