Breaking News – Cyber Threats (last 6h)
Generated: 2026-01-15 16:00 PST
- Gootloader now uses 1,000-part ZIP archives for stealthy delivery
BleepingComputer • 2026-01-15 14:54 • www.bleepingcomputer.com
The Gootloader malware, typically used for initial access, is now using a malformed ZIP archive designed to evade detection by concatenating up to 1,000 archives. […]
https://www.bleepingcomputer.com/news/security/gootloader-now-uses-1-000-part-zip-archives-for-stealthy-delivery/ - Grubhub confirms hackers stole data in recent security breach
BleepingComputer • 2026-01-15 13:38 • www.bleepingcomputer.com
Food delivery platform Grubhub has confirmed a recent data breach after hackers accessed its systems, with sources telling BleepingComputer the company is now facing extortion demands. […]
https://www.bleepingcomputer.com/news/security/grubhub-confirms-hackers-stole-data-in-recent-security-breach/ - Hackers exploit Modular DS WordPress plugin flaw for admin access
BleepingComputer • 2026-01-15 12:49 • www.bleepingcomputer.com
Hackers are actively exploiting a maximum severity flaw in the Modular DS WordPress plugin that allows them to bypass authentication remotely and access the vulnerable sites with admin-level privileges. […]
https://www.bleepingcomputer.com/news/security/hackers-exploit-modular-ds-wordpress-plugin-flaw-for-admin-access/ - Verizon blames nationwide outage on a "software issue"
BleepingComputer • 2026-01-15 12:13 • www.bleepingcomputer.com
Verizon has confirmed that yesterday’s nationwide wireless outage was caused by a software issue, though the company has not shared additional details about what went wrong. […]
https://www.bleepingcomputer.com/news/mobile/verizon-blames-nationwide-outage-on-a-software-issue/ - AWS CodeBuild Misconfiguration Exposed GitHub Repos to Potential Supply Chain Attacks
The Hacker News • 2026-01-15 11:31 • thehackernews.com
A critical misconfiguration in Amazon Web Services (AWS) CodeBuild could have allowed complete takeover of the cloud service provider’s own GitHub repositories, including its AWS JavaScript SDK, putting every AWS environment at risk.
The vulnerability has been codenamed CodeBreach by cloud security company Wiz. The issue was fixed by AWS in September 2025 following responsible disclosure on
https://thehackernews.com/2026/01/aws-codebuild-misconfiguration-exposed.html - Microsoft Copilot Studio extension for VS Code now publicly available
BleepingComputer • 2026-01-15 11:08 • www.bleepingcomputer.com
Microsoft announced that the Copilot Studio extension for the Visual Studio Code (VS Code) integrated development environment is now available to all users. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-copilot-studio-extension-for-vs-code-now-publicly-available/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
