ThreatsDay Bulletin: Exploring GhostAd Drain, Rising macOS Attacks, Proxy Botnet Activity, Cloud Exploits, and More Insights from 12+ Security Stories

The first ThreatsDay Bulletin of 2026 arrives with a clear message: as the new year unfolds, so do new cyber threats and tactics. Recent trends indicate that hackers are continuously refining their methods, highlighting an evolution in cybercrime that is more about subtlety rather than grand breaches.

This past year has taught defenders that threat actors do not rest. Instead, they only adapt, utilizing more sophisticated techniques. This week’s roundup underlines a shift in strategy; rather than focusing on a single major breach, attackers now exploit multiple, smaller vulnerabilities with precision.

The ongoing threats demonstrate that the lines between regular operations and exploitations are increasingly blurred. As this new year begins, here’s an overview of the critical issues currently affecting the cybersecurity landscape.

1. KMSAuto Malware Scam: A Lithuanian citizen was arrested for distributing malware disguised as a Windows activation tool, infecting 2.8 million systems worldwide and stealing approximately $1.2 million in virtual assets.

2. Holiday ColdFusion Exploits: A coordinated attack targeting Adobe ColdFusion was noted over Christmas, exploiting multiple vulnerabilities to conduct widespread attacks across several countries.

3. Backdoored Android Tablets: Kaspersky reported discovering pre-installed malware called Keenadu on certain Android tablets, allowing remote access for data exfiltration.

4. AI Jailbreak Community Banned: Reddit shut down the r/ChatGPTJailbreak subreddit, a hub for users attempting to bypass safety filters on AI models, due to violations of platform rules.

5. MacOS Malware: The reemergence of the GlassWorm campaign targeting Apple devices signifies growing interest in exploiting vulnerabilities in the burgeoning cryptocurrency sector.

6. Meta’s Response to Scammers: Internal documents revealed that Meta created strategies to mislead regulators about scam ads on its platforms, reflecting ongoing scrutiny regarding its handling of fraudulent content.

7. Unleash Protocol Breach: Unauthorized access through a smart contract led to a loss of $3.9 million in user funds due to a governance flaw.

8. FTC Settlement with Disney: Disney agreed to a $10 million penalty for violating children’s privacy laws in its YouTube content, following the FTC’s findings.

9. ErrTraffic ClickFix Toolkit: A new automation tool was discovered that allows attackers to execute click fraud campaigns through fake website glitches.

10. Evolution of Magecart Campaigns: Recent Magecart activities have shifted towards identity theft techniques, highlighting the changing nature of online theft operations.

11. Hacktivism and Denial: Analysis points to hacktivist proxy operations as tools for geopolitical advantages without direct state sponsorship, demonstrating a complex interplay of global cyber operations.

12. OceanLotus Group Targeting Xinchuang: A Chinese cyber threat actor is exploiting initiatives aimed at technological self-sufficiency to distribute malware via phishing attacks.

13. AWS IAM Vulnerability: Security researchers noted that a flaw in AWS allows attackers to exploit a delay in credential deletion, potentially maintaining access even after deletion.

14. Emergence of New Proxy Networks: The IPCola proxy network claims to offer a vast pool of IP addresses for malicious use, raising concerns about compromised devices globally.

15. GhostAd and SkyWalk: New Android adware campaigns have been identified, leveraging deceptive practices to drain device resources while masquerading as legitimate applications.

As 2026 opens, it’s clear that the tactics of cybercriminals are evolving, becoming more intricate and stealthy. The implication is that the cybersecurity community must remain vigilant and adaptable to tackle these nuanced threats effectively.

Welcome to DediRock, your trusted partner in high-performance hosting solutions. At DediRock, we specialize in providing dedicated servers, VPS hosting, and cloud services tailored to meet the unique needs of businesses and individuals alike. Our mission is to deliver reliable, scalable, and secure hosting solutions that empower our clients to achieve their digital goals. With a commitment to exceptional customer support, cutting-edge technology, and robust infrastructure, DediRock stands out as a leader in the hosting industry. Join us and experience the difference that dedicated service and unwavering reliability can make for your online presence. Launch our website.