ThreatsDay Bulletin: OpenSSL RCE, Foxit 0-Days, Copilot Leak, AI Password Flaws & 20+ Stories
infonews
This bulletin covers multiple cybersecurity threats across platforms, including Android 17's privacy enhancements to block unencrypted traffic, LockBit 5.0 ransomware gaining the ability to attack Proxmox virtualization systems with advanced evasion techniques, and several ClickFix social engineering campaigns (using fake websites and nested obfuscation) targeting macOS users to steal credentials or deploy malware like Matanbuchus 3.0 loader and AstarionRAT.
For Android 17 and higher: Google states that apps should "migrate to Network Security Configuration files for granular control" to avoid relying on cleartext traffic. Apps targeting Android 17 or higher will default to disallowing cleartext traffic if they use usesCleartextTraffic='true' without a corresponding Network Security Configuration.
Tech Giants Invest $12.5 Million in Open Source Security
Vance, Bessent questioned tech giants on AI security before Anthropic's Mythos release
Microsoft’s new AI system finds 16 Windows flaws, including four critical RCEs
OpenAI touts Amazon alliance in memo, says Microsoft has 'limited our ability' to reach clients
OpenAI shakes up partnership with Microsoft, capping revenue share payments
Original source: https://thehackernews.com/2026/02/threatsday-bulletin-openssl-rce-foxit-0.html
First tracked: February 19, 2026 at 11:00 AM
Classified by LLM (prompt v3) · confidence: 65%