PromptSpy Android malware abuses Google Gemini to analyze screens, automate persistence, block removal, and enable VNC-based ...

Massiv Android trojan hides in fake IPTV apps, enabling remote device control, credential theft, and fraudulent banking ...

CRESCENTHARVEST uses protest lures and malicious LNK files to deploy RAT malware targeting Iran protest supporters for ...

The initiative, codenamed Operation Red Card 2.0, took place between December 8, 2025 and January 30, 2026, according to INTERPOL. It targeted infrastructure and actors behind high-yield investment ...

Microsoft fixes CVE-2026-26119, an 8.8 CVSS privilege escalation bug in Windows Admin Center that could allow network-based user rights takeover.

ThreatsDay Bulletin tracks active exploits, phishing waves, AI risks, major flaws, and cybercrime crackdowns shaping this week’s threat landscape.

AI compresses cyberattack timelines—32% of flaws exploited day-zero, phishing up 1,265%, forcing shift to CTEM defense models.

Critical vulnerabilities in four widely used VS Code extensions could enable file theft and remote code execution across 125M installs.

Critical CVE-2026-2329 flaw in Grandstream GXP1600 VoIP phones enables unauthenticated RCE, call interception, and credential ...

Notepad++ 8.9.2 fixes update hijack exploited to deliver malware, patches RCE flaw, and hardens WinGUp security.

Dell RecoverPoint zero-day CVE-2026-22769 exploited since 2024 to gain root access and deploy GRIMBOLT, BRICKSTORM backdoors in targeted attacks.

Researchers show AI assistants can act as stealth C2 proxies, enabling malware communication, evasion, and runtime attack ...