ThreatsDay Bulletin: OpenSSL RCE, Foxit 0-Days, Copilot Leak, AI Password Flaws & 20+ Stories

The cyber threat space doesn’t pause, and this week makes that clear. New risks, new tactics, and new security gaps are showing up across platforms, tools, and industries — often all at the same time. Some developments are headline-level. Others sit in the background but carry long-term impact. Together, they shape how defenders need to…

Fake IPTV Apps Spread Massiv Android Malware Targeting Mobile Banking Users

Cybersecurity researchers have disclosed details of a new Android trojan called Massiv that’s designed to facilitate device takeover (DTO) attacks for financial theft. The malware, according to ThreatFabric, masquerades as seemingly harmless IPTV apps to deceive victims, indicating that the activity is primarily singling out users looking for the online TV applications. “This new threat,…

CRESCENTHARVEST Campaign Targets Iran Protest Supporters With RAT Malware

Cybersecurity researchers have disclosed details of a new campaign dubbed CRESCENTHARVEST, likely targeting supporters of Iran’s ongoing protests to conduct information theft and long-term espionage. The Acronis Threat Research Unit (TRU) said it observed the activity after January 9, with the attacks designed to deliver a malicious payload that serves as a remote access trojan…

Dell RecoverPoint for Virtual Machines Zero Day Attack

What is the Attack? The attack involves the threat cluster UNC6201 (a suspected China-nexus Advanced Persistent Threat (APT)) actively exploiting a critical zero-day vulnerability in Dell’s RecoverPoint for Virtual Machines platform. The flaw (CVE-2026-22769) stems from hard-coded credentials embedded within the appliance, allowing unauthenticated remote attackers to gain administrative access. Because RecoverPoint is a disaster…