Below I’ve curated cyber security news from the world-wide-web – the lefthand column is from “The Hacker News” website and on the right is news from “Security Week”. Both are top cyber security news sites. In the very least this shows that threats are daily and they are very real.
Hacker News
- New SparkCat Variant in iOS, Android Apps Steals...
by info@thehackernews.com (The Hacker News) on April 3, 2026 at 9:10 amCybersecurity researchers have discovered a new version of the SparkCat malware on the Apple App Store and Google Play Store, more than a year after the trojan was discovered targeting both the mobile operating systems. The malware has been found to conceal itself within seemingly benign […]
- Drift Loses $285 Million in Durable Nonce Social...
by info@thehackernews.com (The Hacker News) on April 3, 2026 at 8:35 amSolana-based decentralized exchange Drift has confirmed that attackers drained about $285 million from the platform during a security incident that took place on April 1, 2026. "Earlier today, a malicious actor gained unauthorized access to Drift Protocol through a novel attack involving durable […]
- Hackers Exploit CVE-2025-55182 to Breach 766...
by info@thehackernews.com (The Hacker News) on April 2, 2026 at 7:30 pmA large-scale credential harvesting operation has been observed exploiting the React2Shell vulnerability as an initial infection vector to steal database credentials, SSH private keys, Amazon Web Services (AWS) secrets, shell command history, Stripe API keys, and GitHub tokens at scale. […]
- Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing...
by info@thehackernews.com (The Hacker News) on April 2, 2026 at 3:21 pmCisco has released updates to address a critical security flaw in the Integrated Management Controller (IMC) that, if successfully exploited, could allow an unauthenticated, remote attacker to bypass authentication and gain access to the system with elevated privileges. The vulnerability, tracked […]
- ThreatsDay Bulletin: Pre-Auth Chains, Android...
by info@thehackernews.com (The Hacker News) on April 2, 2026 at 12:45 pmThe latest ThreatsDay Bulletin is basically a cheat sheet for everything breaking on the internet right now. No corporate fluff or boring lectures here, just a quick and honest look at the messy reality of keeping systems safe this week. Things are moving fast. The list includes researchers […]
- Researchers Uncover Mining Operation Using ISO...
by info@thehackernews.com (The Hacker News) on April 2, 2026 at 11:42 amA financially motivated operation codenamed REF1695 has been observed leveraging fake installers to deploy remote access trojans (RATs) and cryptocurrency miners since November 2023. "Beyond cryptomining, the threat actor monetizes infections through CPA (Cost Per Action) fraud, directing […]
- The State of Trusted Open Source Report
by info@thehackernews.com (The Hacker News) on April 2, 2026 at 11:30 amIn December 2025, we shared the first-ever The State of Trusted Open Source report, featuring insights from our product data and customer base on open source consumption across our catalog of container image projects, versions, images, language libraries, and builds. These insights shed light on […]
- WhatsApp Alerts 200 Users After Fake iOS App...
by info@thehackernews.com (The Hacker News) on April 2, 2026 at 9:51 amMeta-owned messaging platform WhatsApp said it alerted about 200 users who were tricked into installing a bogus version of its iOS app that was infected with spyware. According to reports from Italian newspaper La Repubblica and news agency ANSA, the vast majority of the targets are located in […]
- Apple Expands iOS 18.7.7 Update to More Devices...
by info@thehackernews.com (The Hacker News) on April 2, 2026 at 7:09 amApple on Wednesday expanded the availability of iOS 18.7.7 and iPadOS 18.7.7 to a broader range of devices to protect users from the risk posed by a recently disclosed exploit kit known as DarkSword. "We enabled the availability of iOS 18.7.7 for more devices on April 1, 2026, so users with […]
- CERT-UA Impersonation Campaign Spread AGEWHEEZE...
by info@thehackernews.com (The Hacker News) on April 1, 2026 at 4:10 pmThe Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed details of a new phishing campaign in which the cybersecurity agency itself was impersonated to distribute a remote administration tool known as AGEWHEEZE. As part of the attacks, the threat actors, tracked as UAC-0255, sent […]
WordPress News
- From AI to Open Source at WordCamp Asia 2026
by Brett McSherry on April 2, 2026 at 4:10 pmApril 9-11, 2026 | Jio World Convention Centre, Mumbai, India WordCamp Asia 2026 brings the WordPress community to Mumbai, India, from April 9 to 11, with a schedule shaped around artificial intelligence, enterprise WordPress, developer workflows, product strategy, and open source collaboration. […]
- WordPress 7.0 Release Candidate 2
by Mary Hubbard on March 26, 2026 at 6:37 pmThe second Release Candidate (“RC2”) for WordPress 7.0 is ready for download and testing! This version of the WordPress software is under development. Please do not install, run, or test this version of WordPress on production or mission-critical websites. Instead, it’s recommended that you […]
- WP Packages is Working the Way Open Source Shouldby Jonathan Bossenger on March 25, 2026 at 3:27 pm
When WP Engine acquired WPackagist on March 12, the WordPress developer community faced a familiar question: what happens when critical open source infrastructure ends up under corporate control? The community already had an answer in progress. Four days later, WP Packages (formerly WP Composer) […]
- WordPress 7.0 Release Candidate 1by Amy Kamala on March 24, 2026 at 7:32 pm
The first Release Candidate (“RC1”) for WordPress 7.0 is ready for download and testing! This version of the WordPress software is still under development. Please do not install, run, or test this version of WordPress on production or mission-critical websites. Instead, it’s recommended to […]
- WordPress 7.0 Beta 5by Ahmed Kabir Chaion on March 12, 2026 at 3:49 pm
WordPress 7.0 Beta 5 is ready for download and testing! This version of the WordPress software is still under development. Please do not install, run, or test this version of WordPress on production or mission-critical websites. Instead, it’s recommended to test Beta 5 on a test server and […]
- WordPress 6.9.4 Releaseby John Blackbourn on March 11, 2026 at 3:34 pm
WordPress 6.9.4 is now available WordPress 6.9.2 and WordPress 6.9.3 were released yesterday, addressing 10 security issues and a bug that affected template file loading on a limited number of sites. The WordPress Security Team has discovered that not all of the security fixes were fully applied, […]
- Your Browser Becomes Your WordPress
by Brandon Payton on March 11, 2026 at 1:00 pmFor nearly two decades, WordPress has been known for a simple, powerful idea: that anyone should be able to get online and start creating with minimal friction. The famous five-minute install captured that spirit for an earlier era of the web. Today, we’re introducing my.WordPress.net, a new take […]
- WordPress 6.9.3 and 7.0 beta 4by John Blackbourn on March 10, 2026 at 11:41 pm
WordPress 6.9.2 was released earlier today and addressed 10 security issues. A few users have subsequently reported an issue where the front end of their site was appearing blank after updating to 6.9.2. The issue has been narrowed down to some themes using an unusual approach to loading template […]
- WordPress 6.9.2 Releaseby John Blackbourn on March 10, 2026 at 3:43 pm
WordPress 6.9.2 is now available This is a security release that features several fixes. Because this is a security release, it is recommended that you update your sites immediately. You can download WordPress 6.9.2 from WordPress.org, or visit your WordPress Dashboard, click “Updates”, and […]
- WordPress 7.0 Beta 3by Amy Kamala on March 5, 2026 at 2:47 pm
WordPress 7.0 Beta 3 is available for download and testing! This beta version of the WordPress software is still under development. Please do not install, run, or test this version of WordPress on production or mission-critical websites. Instead, you should evaluate Beta 3 on a test server and […]