Massiv Android trojan hides in fake IPTV apps, enabling remote device control, credential theft, and fraudulent banking ...

PromptSpy Android malware abuses Google Gemini to analyze screens, automate persistence, block removal, and enable VNC-based ...

ThreatsDay Bulletin tracks active exploits, phishing waves, AI risks, major flaws, and cybercrime crackdowns shaping this week’s threat landscape.

CRESCENTHARVEST uses protest lures and malicious LNK files to deploy RAT malware targeting Iran protest supporters for espionage and data theft.

Microsoft fixes CVE-2026-26119, an 8.8 CVSS privilege escalation bug in Windows Admin Center that could allow network-based user rights takeover.

The initiative, codenamed Operation Red Card 2.0, took place between December 8, 2025 and January 30, 2026, according to INTERPOL. It targeted infrastructure and actors behind high-yield investment ...

AI compresses cyberattack timelines—32% of flaws exploited day-zero, phishing up 1,265%, forcing shift to CTEM defense models.

Critical CVE-2026-2329 flaw in Grandstream GXP1600 VoIP phones enables unauthenticated RCE, call interception, and credential ...

CISA adds four actively exploited vulnerabilities to its KEV catalog, including Chrome RCE, Zimbra SSRF, Windows ActiveX, and ...

Notepad++ 8.9.2 fixes update hijack exploited to deliver malware, patches RCE flaw, and hardens WinGUp security.

Researchers show AI assistants can act as stealth C2 proxies, enabling malware communication, evasion, and runtime attack ...

Critical vulnerabilities in four widely used VS Code extensions could enable file theft and remote code execution across 125M ...