Claude Code bypasses security controls by acting locally before monitoring, exposing data risks and audit gaps.

Interlock exploits CVE-2026-20131 zero-day since Jan 26, enabling root access on Cisco FMC, increasing ransomware risks.

ThreatsDay roundup covering stealthy attacks, phishing trends, exploit chains, and rising security risks across the threat landscape.

Perseus Android malware uses accessibility abuse via phishing apps to enable device takeover and financial fraud across multiple countries.

DarkSword exploit targets iOS 18.4–18.7 using 6 flaws and 3 zero-days, enabling rapid data theft from iPhones across multiple countries.

OFAC sanctions DPRK IT fraud network using fake jobs and AI tactics, exposing funding links to WMD programs and insider threats.

CVE-2026-32746 exposes telnetd via pre-auth flaw (CVSS 9.8), enabling root RCE through port 23, risking full system takeover.

CSMA links siloed security tools into attack paths to crown jewels, exposing hidden risks and enabling faster remediation.

Ubuntu CVE-2026-3888 flaw exploits cleanup timing in snap-confine to gain root access, risking full system compromise.

Apple fixes WebKit CVE-2026-20643 in iOS 26.3.1, macOS 26.3.2 using background patches, reducing exploit risk.

DNS flaw in Amazon Bedrock and critical AI vulnerabilities expose data and enable RCE, risking breaches and infrastructure ...

LeakNet uses ClickFix via compromised sites to gain access, enabling stealth attacks and scalable ransomware operations.