Below I’ve curated cyber security news from the world-wide-web – the lefthand column is from “The Hacker News” website and on the right is news from “Security Week”. Both are top cyber security news sites. In the very least this shows that threats are daily and they are very real.
Hacker News
- OttoKit WordPress Plugin Admin Creation...by info@thehackernews.com (The Hacker News) on April 11, 2025 at 4:58 am
A newly disclosed high-severity security flaw impacting OttoKit (formerly SureTriggers) has come under active exploitation within a few hours of public disclosure. The vulnerability, tracked as CVE-2025-3102 (CVSS score: 8.1), is an authorization bypass bug that could permit an attacker to create […]
- Incomplete Patch in NVIDIA Toolkit Leaves...by info@thehackernews.com (The Hacker News) on April 10, 2025 at 2:13 pm
Cybersecurity researchers have detailed a case of an incomplete patch for a previously addressed security flaw impacting the NVIDIA Container Toolkit that, if successfully exploited, could put sensitive data at risk. The original vulnerability CVE-2024-0132 (CVSS score: 9.0) is a Time-of-Check […]
- Malicious npm Package Targets Atomic Wallet,...by info@thehackernews.com (The Hacker News) on April 10, 2025 at 12:58 pm
Threat actors are continuing to upload malicious packages to the npm registry so as to tamper with already-installed local versions of legitimate libraries and execute malicious code in what's seen as a sneakier attempt to stage a software supply chain attack. The newly discovered package, named […]
- PlayPraetor Reloaded: CTM360 Uncovers a Play...by info@thehackernews.com (The Hacker News) on April 10, 2025 at 11:25 am
Overview of the PlayPraetor Masquerading Party Variants CTM360 has now identified a much larger extent of the ongoing Play Praetor campaign. What started with 6000+ URLs of a very specific banking attack has now grown to 16,000+ with multiple variants. This research is ongoing, and much more is […]
- The Identities Behind AI Agents: A Deep Dive Into...by info@thehackernews.com (The Hacker News) on April 10, 2025 at 11:00 am
AI agents have rapidly evolved from experimental technology to essential business tools. The OWASP framework explicitly recognizes that Non-Human Identities play a key role in agentic AI security. Their analysis highlights how these autonomous software entities can make decisions, chain complex […]
- Gamaredon Uses Infected Removable Drives to...by info@thehackernews.com (The Hacker News) on April 10, 2025 at 10:53 am
The Russia-linked threat actor known as Gamaredon (aka Shuckworm) has been attributed to a cyber attack targeting a foreign military mission based in Ukraine with an aim to deliver an updated version of a known malware called GammaSteel. The group targeted the military mission of a Western country, […]
- Europol Arrests Five SmokeLoader Clients Linked...by info@thehackernews.com (The Hacker News) on April 10, 2025 at 9:55 am
Law enforcement authorities have announced that they tracked down the customers of the SmokeLoader malware and detained at least five individuals. "In a coordinated series of actions, customers of the Smokeloader pay-per-install botnet, operated by the actor known as 'Superstar,' faced consequences […]
- AkiraBot Targets 420,000 Sites with...by info@thehackernews.com (The Hacker News) on April 10, 2025 at 7:15 am
Cybersecurity researchers have disclosed details of an artificial intelligence (AI) powered platform called AkiraBot that's used to spam website chats, comment sections, and contact forms to promote dubious search engine optimization (SEO) services such as Akira and ServicewrapGO. "AkiraBot has […]
- Lovable AI Found Most Vulnerable to VibeScamming...by info@thehackernews.com (The Hacker News) on April 9, 2025 at 2:28 pm
Lovable, a generative artificial intelligence (AI) powered platform that allows for creating full-stack web applications using text-based prompts, has been found to be the most susceptible to jailbreak attacks, allowing novice and aspiring cybercrooks to set up lookalike credential harvesting […]
- New TCESB Malware Found in Active Attacks...by info@thehackernews.com (The Hacker News) on April 9, 2025 at 11:38 am
A Chinese-affiliated threat actor known for its cyber-attacks in Asia has been observed exploiting a security flaw in security software from ESET to deliver a previously undocumented malware codenamed TCESB. "Previously unseen in ToddyCat attacks, [TCESB] is designed to stealthily execute payloads […]
WordPress News
- WordPress 6.8 Release Candidate 3by Jeffrey Paul on April 8, 2025 at 3:54 pm
WordPress 6.8 RC 3 is ready for download and testing! The scheduled final release date for WordPress 6.8 is April 15, 2025. Your help testing over the next week is vital to ensuring the final release is everything it should be: stable, powerful, and intuitive.
- WordPress 6.8 Release Candidate 2by Jonathan Desrosiers on April 1, 2025 at 3:53 pm
The second Release Candidate (“RC2”) for WordPress 6.8 is ready for download and testing! This version of the WordPress software is under development. Please do not install, run, or test this version of WordPress on production or mission-critical websites. Instead, it’s recommended that you […]
- WordPress 6.8 Release Candidate 1by Jeffrey Paul on March 25, 2025 at 4:19 pm
WordPress 6.8 RC 1 is ready for download and testing! The scheduled final release date for WordPress 6.8 is April 15, 2025. Your help testing over the next three weeks is vital to ensuring the final release is everything it should be: stable, powerful, and intuitive.
- WordPress 6.8 Beta 3by Jeffrey Paul on March 18, 2025 at 3:35 pm
WordPress 6.8 Beta 3 is ready for download and testing! The scheduled final release date for WordPress 6.8 is April 15, 2025. Your help testing Beta and RC versions over the next four weeks is vital to ensuring the final release is everything it should be: stable, powerful, and intuitive.
- WordPress 6.8 Beta 2by Jeffrey Paul on March 11, 2025 at 3:46 pm
WordPress 6.8 Beta 2 is ready for download and testing! The scheduled final release date for WordPress 6.8 is April 15, 2025. Your help testing Beta and RC versions over the next five weeks is vital to ensuring the final release is everything it should be: stable, powerful, and intuitive.
- WordPress 6.8 Beta 1by Jeffrey Paul on March 4, 2025 at 5:09 pm
WordPress 6.8 Beta 1 is ready for download and testing! The scheduled final release date for WordPress 6.8 is April 15, 2025. Your help testing Beta and RC versions over the next six weeks is vital to ensuring the final release is everything it should be: stable, powerful, and intuitive.
- Shaping Tomorrow at WordCamp Asia 2025by Nicholas Garofalo on February 22, 2025 at 3:04 pm
Over 1,400 attendees from 71 countries gathered at the Philippine International Convention Center in Manila, and nearly 15,000 more joined online, for WordCamp Asia 2025. It’s the people. It’s the friendships and the stories. Matt Mullenweg, WordPress Cofounder The flagship WordPress event […]
- Report: WordPress in 2025by Noel Tock on February 15, 2025 at 3:19 am
This year is set to be transformative for WordPress, yet many decision-makers risk overlooking the immense opportunities ahead. Our new “WordPress in 2025” report highlights why WordPress should be a cornerstone of your long-term strategy. Stay ahead of the curve—read the report now to see […]
- WordCamp Asia 2025: Manila Magicby Bernard Meyer on February 14, 2025 at 4:04 pm
The first major WordCamp of the year is here! WordCamp Asia 2025 lands in Manila, Philippines, from February 20-22, bringing together open source enthusiasts, developers, and WordPress professionals from across the region—and the world. With three packed days of learning, networking, and […]
- WordPress 6.7.2 Maintenance Releaseby Aaron Jorbin on February 11, 2025 at 4:52 pm
WordPress 6.7.2 is now available! This minor release includes 35 bug fixes, addressing issues affecting multiple components including the block editor, HTML API, and Customize. WordPress 6.7.2 is a short-cycle release. The next major release will be version 6.8 planned for April 15, 2025. If you […]