![Cybersecurity News | Daily Recap [17 Jan 2026]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [17 Jan 2026]")
Daily Recap, Gootloader now uses 1,000-part ZIP archives to evade detection and deliver payloads, while the Kimwolf botnet has infected roughly 2 million devices. Daily Recap, DeadLock leverages Polygon smart contracts to rotate proxies and obscure infrastructure, with further coverage on Modular DS WordPress exploits, AWS CodeBuild misconfigurations, StackWarp on AMD processors, Reprompt attacks against Microsoft Copilot, RedVDS seizures, Grubhub breach, and leadership shifts around the RSA Conference. #Gootloader #DeadLock
Malware & Botnets
- Stealthy loader Gootloader now uses 1,000-part ZIP archives to evade detection and deliver payloads β Gootloader ZIP
- Fast-growing Kimwolf botnet has infected roughly 2M devices, alarming security researchers about its rapid spread β Kimwolf Rise
- Ransomware DeadLock leverages Polygon smart contracts for proxy rotation to obscure infrastructure and evade takedown β DeadLock Polygon
Vulnerabilities & Exploits
- Critical WordPress Modular DS plugin flaw is being actively exploited to gain admin access β Modular DS, Modular DS
- Misconfigured AWS CodeBuild pipelines exposed private GitHub repositories, opening risks for supply-chain attacks β AWS CodeBuild
- New βStackWarpβ attack threatens confidentiality of VMs on AMD processors, raising cloud isolation concerns β StackWarp AMD
AI Risks & Defenses
- Researchers reveal a βRepromptβ attack that enables single-click exfiltration from Microsoft Copilot, silently siphoning data β Reprompt Attack, Reprompt Attack
- AI agents easily execute SQLi but fail on security controls in testing, underscoring automation risk tradeoffs β Vibe Coding
- Startup isVerified emerges with voice deepfake detection apps to combat synthetic audio threats β isVerified Launch
Incidents & Enforcement
- Microsoft seized infrastructure linked to the cybercrime marketplace RedVDS, disrupting a fast-growing criminal service β RedVDS Seizure
- Food delivery firm Grubhub confirms hackers stole customer data in a recent security breach β Grubhub Breach
- Anchorage Police Department took servers offline after a cyberattack on a third-party service provider, impacting operations β Anchorage Attack
Policy, Partnerships & Leadership
- Germany and Israel deepen cybersecurity ties with a new pact to boost cooperation, knowledge exchange, and joint cyber-defense development β Germany-Israel
- Sources say DHS is finalizing a replacement for the disbanded critical-infrastructure security council to reshape oversight and stakeholder coordination β DHS Replacement
- Chinese hackers are targeting βhigh valueβ North American critical infrastructure, per Cisco Talos reporting β China Targeting
- NSA/Cyber Command nominee defended his record during a Senate hearing amid scrutiny over cyber policy and readiness β NSA Nominee
- Jen Easterly will lead ambitious expansion plans for the RSA Conference, signaling strategic shifts for the event β Jen Easterly
Industry & Market
- Depthfirst raised $40 Million to scale its vulnerability-management platform and services β Depthfirst Raise
- Google rolls out the option to change your @gmail.com address, adding account-name flexibility for users β Gmail Change
- Security leaders stress practical priorities over predictions for 2026, focusing on resilience, supply-chain security, and automation controls β 2026 Priorities