Cybersecurity News from Across the Internet
A supply chain vulnerability in AWS CodeBuild recently put the entire AWS Console at risk. Learn how Wiz Research found the flaw and how Amazon responded to prevent a global security crisis. – Read More – Hackread – Cybersecurity News, Data Breaches, AI, and More
The JavaScript (aka JScript) malware loader called GootLoader has been observed using a malformed ZIP archive that’s designed to sidestep detection efforts by concatenating anywhere from 500 to 1,000 archives. “The actor creates a malformed archive as an anti-analysis technique,” Expel security researcher Aaron Walton said in a report shared with The Hacker News. “That … Read More “GootLoader Malware Uses 500–1,000 Concatenated ZIP Archives to Evade Detection – The Hacker News” »
Cybersecurity researchers have discovered five new malicious Google Chrome web browser extensions that masquerade as human resources (HR) and enterprise resource planning (ERP) platforms like Workday, NetSuite, and SuccessFactors to take control of victim accounts. “The extensions work in concert to steal authentication tokens, block incident response capabilities, and enable complete account – Read More … Read More “Five Malicious Chrome Extensions Impersonate Workday and NetSuite to Hijack Accounts – The Hacker News” »
A federal court has thrown out a lawsuit brought by the Trump administration attempting to force the state of California to turn over sensitive voter data. The decision, issued by the U.S. Central District Court of Southern California, is a major setback to the federal government’s massive data collection effort on American voters, and its … Read More “Federal court dismisses Trump DOJ lawsuit seeking California voter data – CyberScoop” »
Cybersecurity researchers have discovered five new malicious Google Chrome web browser extensions that masquerade as human resources (HR) and enterprise resource planning (ERP) platforms like Workday, NetSuite, and SuccessFactors to take control of victim accounts. “The extensions work in concert to steal authentication tokens, block incident response capabilities, and enable complete account – Read More … Read More “Five Malicious Chrome Extensions Impersonate Workday and NetSuite to Hijack Accounts – The Hacker News” »
TamperedChef creates backdoors and steals user credentials – particularly in organizations reliant on technical equipment – Read More –
Dutch police arrest the alleged AVCheck operator at Schiphol as part of Operation Endgame, a global effort targeting malware services and cybercrime. – Read More – Hackread – Cybersecurity News, Data Breaches, AI, and More
An eSentire report showed credential theft accounted for 74% of all observed cyber threats in 2025 – Read More –
Security experts have disclosed details of a new campaign that has targeted U.S. government and policy entities using politically themed lures to deliver a backdoor known as LOTUSLITE. The targeted malware campaign leverages decoys related to the recent geopolitical developments between the U.S. and Venezuela to distribute a ZIP archive (“US now deciding what’s next … Read More “LOTUSLITE Backdoor Targets U.S. Policy Entities Using Venezuela-Themed Spear Phishing – The Hacker News” »
You lock your doors at night. You avoid sketchy phone calls. You’re careful about what you post on social media. But what about the information about you that’s already out there—without your permission? Your name. Home address. Phone number. Past jobs. Family members. Old usernames. It’s all still online, and it’s a lot easier to … Read More “Your Digital Footprint Can Lead Right to Your Front Door – The Hacker News” »
Check Point Research has reported a surge in attacks on a vulnerability in HPE OneView, driven by the Linux-based RondoDox botnet – Read More –
A threat actor likely aligned with China has been observed targeting critical infrastructure sectors in North America since at least last year. Cisco Talos, which is tracking the activity under the name UAT-8837, assessed it to be a China-nexus advanced persistent threat (APT) actor with medium confidence based on tactical overlaps with other campaigns mounted … Read More “China-Linked APT Exploits Sitecore Zero-Day in Attacks on American Critical Infrastructure – The Hacker News” »
Cisco on Thursday released security updates for a maximum-severity security flaw impacting Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager, nearly a month after the company disclosed that it had been exploited as a zero-day by a China-nexus advanced persistent threat (APT) actor codenamed UAT-9686. The vulnerability, tracked … Read More “Cisco Patches Zero-Day RCE Exploited by China-Linked APT in Secure Email Gateways – The Hacker News” »
A Cybersecurity and Infrastructure Security Agency tool dedicated to helping government agencies buy secure software turned out to have a cybersecurity vulnerability of its own. Jeff Williams, the former leader of the Open Worldwide Application Security Project (OWASP), told CyberScoop that he discovered a cross-site scripting vulnerability in CISA’s “Software Acquisition Guide: Supplier Response Web … Read More “CISA’s secure-software buying tool had a simple XSS vulnerability of its own – CyberScoop” »
The post Trump’s cyber chief pick tells lawmakers he’ll assess efficacy of Cybercom-NSA dual-hat role, if confirmed appeared first on CyberScoop. – Read More – CyberScoop
Hackread.com exclusive: Scammers are using verified PayPal invoices to launch callback phishing attacks. Learn how the “Alexzander” invoice bypasses Google filters. – Read More – Hackread – Cybersecurity News, Data Breaches, AI, and More
A critical misconfiguration in Amazon Web Services (AWS) CodeBuild could have allowed complete takeover of the cloud service provider’s own GitHub repositories, including its AWS JavaScript SDK, putting every AWS environment at risk. The vulnerability has been codenamed CodeBreach by cloud security company Wiz. The issue was fixed by AWS in September 2025 following responsible … Read More “AWS CodeBuild Misconfiguration Exposed GitHub Repos to Potential Supply Chain Attacks – The Hacker News” »
A critical misconfiguration in Amazon Web Services (AWS) CodeBuild could have allowed complete takeover of the cloud service provider’s own GitHub repositories, including its AWS JavaScript SDK, putting every AWS environment at risk. The vulnerability has been codenamed CodeBreach by cloud security company Wiz. The issue was fixed by AWS in September 2025 following responsible … Read More “AWS CodeBuild Misconfiguration Exposed GitHub Repos to Potential Supply Chain Attacks – The Hacker News” »
Researchers uncover a 5-year malware campaign using browser extensions on Chrome, Firefox and Edge, relying on hidden payloads and shared infrastructure. – Read More – Hackread – Cybersecurity News, Data Breaches, AI, and More
We can no longer say that artificial intelligence is a “future risk”, lurking somewhere on a speculative threat horizon. The truth is that it is a fast-growing cybersecurity risk that organizations are facing today. That’s not just my opinion, that’s also the message that comes loud and clear from the World Economic Forum’s newly-published “Global … Read More “WEF: AI overtakes ransomware as fastest-growing cyber risk – GRAHAM CLULEY” »
McLean, Virginia, United States, 15th January 2026, CyberNewsWire – Read More – Hackread – Cybersecurity News, Data Breaches, AI, and More
Cybersecurity researchers have disclosed details of a new attack method dubbed Reprompt that could allow bad actors to exfiltrate sensitive data from artificial intelligence (AI) chatbots like Microsoft Copilot in a single click, while bypassing enterprise security controls entirely. “Only a single click on a legitimate Microsoft link is required to compromise victims,” Varonis security … Read More “Researchers Reveal Reprompt Attack Allowing Single-Click Data Exfiltration From Microsoft Copilot – The Hacker News” »
A maximum-severity security flaw in a WordPress plugin called Modular DS has come under active exploitation in the wild, according to Patchstack. The vulnerability, tracked as CVE-2026-23550 (CVSS score: 10.0), has been described as a case of unauthenticated privilege escalation impacting all versions of the plugin prior to and including 2.5.1. It has been patched … Read More “Critical WordPress Modular DS Plugin Flaw Actively Exploited to Gain Admin Access – The Hacker News” »
New York, United States, 15th January 2026, CyberNewsWire – Read More – Hackread – Cybersecurity News, Data Breaches, AI, and More
While ‘traditional’ ransomware attacks remain stable, some gangs are shifting towards exploiting zero-days and supply chains to go straight to stealing data – Read More –
CISA, NCSC and the FBI have released a new security guide to enhance protection for OT environments – Read More –
Hacktivists and cybercriminals have intensified their efforts to exploit vulnerabilities in industrial systems, according to a Cyble report – Read More –
A critical AWS CodeBuild misconfiguration has exposed core repositories to potential attack – Read More –
The internet never stays quiet. Every week, new hacks, scams, and security problems show up somewhere. This week’s stories show how fast attackers change their tricks, how small mistakes turn into big risks, and how the same old tools keep finding new ways to break in. Read on to catch up before the next wave … Read More “ThreatsDay Bulletin: AI Voice Cloning Exploit, Wi-Fi Kill Switch, PLC Vulns, and 14 More Stories – The Hacker News” »
Americans are being taught to trust propaganda. Often, it’s not intentional. A classic bit of advice for separating propaganda from real research is “Check the citations.” If the sources support the analysis, the material can be trusted. But AI is changing the rules of the game. In December, the White House announced new guidance to … Read More “The quiet way AI normalizes foreign influence – CyberScoop” »
Confusion reigns after claims that data linked to 17.5 million Instagram accounts is up for sale – sparked by a vague post, contradictory statements, and a flood of password reset emails nobody asked for. And we dig into Grok, Elon Musk’s AI chatbot, after it started generating sexualised images of women and children – raising … Read More “Smashing Security podcast #450: From Instagram panic to Grok gone wild – GRAHAM CLULEY” »
IANS Research reveals a growth in executive-level CISO titles, amid resource challenges – Read More –
Over 387,000 users downloaded vulnerable Apache Struts versions this week. Exclusive Sonatype research reveals a high-risk flaw found by AI. Is your system at risk? – Read More – Hackread – Cybersecurity News, Data Breaches, AI, and More
As AI copilots and assistants become embedded in daily work, security teams are still focused on protecting the models themselves. But recent incidents suggest the bigger risk lies elsewhere: in the workflows that surround those models. Two Chrome extensions posing as AI helpers were recently caught stealing ChatGPT and DeepSeek chat data from over 900,000 … Read More “Model Security Is the Wrong Frame – The Real Risk Is Workflow Security – The Hacker News” »
Silver Spring, Maryland, 15th January 2026, CyberNewsWire – Read More – Hackread – Cybersecurity News, Data Breaches, AI, and More
ANY.RUN report reveals how the new CastleLoader malware targets US government agencies using stealthy ClickFix tricks and memory-based attacks to bypass security. – Read More – Hackread – Cybersecurity News, Data Breaches, AI, and More
The Black Lotus Labs team at Lumen Technologies said it null-routed traffic to more than 550 command-and-control (C2) nodes associated with the AISURU/Kimwolf botnet since early October 2025. AISURU and its Android counterpart, Kimwolf, have emerged as some of the biggest botnets in recent times, capable of directing enslaved devices to participate in distributed denial-of-service … Read More “Researchers Null-Route Over 550 Kimwolf and Aisuru Botnet Command Servers – The Hacker News” »
It’s 2026, yet many SOCs are still operating the way they did years ago, using tools and processes designed for a very different threat landscape. Given the growth in volumes and complexity of cyber threats, outdated practices no longer fully support analysts’ needs, staggering investigations and incident response. Below are four limiting habits that may … Read More “4 Outdated Habits Destroying Your SOC’s MTTR in 2026 – The Hacker News” »
ISACA’s State of Privacy 2026 report reveals that data privacy teams remain understaffed and underfunded, despite growing regulatory demands and rising technical privacy challenges – Read More –
DDoS-ers are striking a website linked to a data breach at the Department of Homeland Security – Read More –
Palo Alto Networks has released security updates for a high-severity security flaw impacting GlobalProtect Gateway and Portal, for which it said there exists a proof-of-concept (PoC) exploit. The vulnerability, tracked as CVE-2026-0227 (CVSS score: 7.7), has been described as a denial-of-service (DoS) condition impacting GlobalProtect PAN-OS software arising as a result of an improper check … Read More “Palo Alto Fixes GlobalProtect DoS Flaw That Can Crash Firewalls Without Login – The Hacker News” »
Microsoft on Wednesday announced that it has taken a “coordinated legal action” in the U.S. and the U.K. to disrupt a cybercrime subscription service called RedVDS that has allegedly fueled millions in fraud losses. The effort, per the tech giant, is part of a broader law enforcement effort in collaboration with law enforcement authorities that … Read More “Microsoft Legal Action Disrupts RedVDS Cybercrime Infrastructure Used for Online Fraud – The Hacker News” »
Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Adobe Bridge is a creative asset manager that lets you preview, organize, edit, and publish multiple creative assets quickly and easily. Adobe Dreamweaver is a web design integrated development environment (IDE) that is used to develop … Read More “Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution – Cyber Security Advisories – MS-ISAC” »
One only has to read the daily newsfeeds to see how drastic digital financial crime is around the world. South Africa is particularly vulnerable. It’s been reported that around 70% of South Africans have been victims of some form of cybercrime as compared to the global rate of 50%. South Africa has not only maintained … Read More “South Africa Facing Continued Financial Fraud Crime Wave – Da Vinci Cybersecurity: Leading Cyber Security Services in South Africa.” »
Posted by Matteo Beccati on Jan 14 ======================================================================== Revive Adserver Security Advisory REVIVE-SA-2026-001 ———————————————————————— https://www.revive-adserver.com/security/revive-sa-2026-001 ———————————————————————— Date: 2026-01-14 Risk Level: High Applications affected: Revive… – Read More – Full Disclosure
In modern enterprises, data is not a fixed resource that can be assigned to a particular system or department…. The post Understanding the enterprise data lifecycle appeared first on JISA Softech Pvt Ltd. – Read More – JISA Softech Pvt Ltd
The Kimwolf botnet, which splintered off from the record-setting Aisuru DDoS botnet in August, gained the widespread attention of security researchers when it temporarily claimed the top spot in Cloudflare’s global domain rankings in late October 2025. Within weeks it spread like a wildfire, eventually taking over more than 2 million unofficial Android TV devices, … Read More “Kimwolf botnet’s swift rise to 2M infected devices agitates security researchers – CyberScoop” »
The Department of Homeland Security is finalizing plans for a new body that would replace the functions of the Critical Infrastructure Partnership Advisory Council (CIPAC) and serve as a communications hub between industry and government to discuss ongoing threats to U.S. critical infrastructure, including from cyber attacks. Under previous administrations, CIPAC served as a nerve … Read More “Sources: DHS finalizing replacement for disbanded critical infrastructure security council – CyberScoop” »
The Department of Homeland Security is finalizing plans for a new body that would replace the functions of the Critical Infrastructure Partnership Advisory Council (CIPAC) and serve as a communications hub between industry and government to discuss ongoing threats to U.S. critical infrastructure, including from cyber attacks. Under previous administrations, CIPAC served as a nerve … Read More “Sources: DHS finalizing replacement for disbanded critical infrastructure security council – CyberScoop” »
A successful e-commerce platform requires more than just a good-looking design. Security, stability, speed, and scalability are key… – Read More – Hackread – Cybersecurity News, Data Breaches, AI, and More
![[REVIVE-SA-2026-001] Revive Adserver Vulnerabilities – Full Disclosure](https://attackfeed.com/wp-content/uploads/2026/01/fulldisclosure-img-PLFPMy.webp)
