Below I’ve curated cyber security news from the world-wide-web – the lefthand column is from “The Hacker News” website and on the right is news from “Security Week”. Both are top cyber security news sites. In the very least this shows that threats are daily and they are very real.
Hacker News
- Europol Shuts Down Six DDoS-for-Hire Services...by info@thehackernews.com (The Hacker News) on May 7, 2025 at 1:54 pm
Europol has announced the takedown of distributed denial of service (DDoS)-for-hire services that were used to launch thousands of cyber-attacks across the world. In connection with the operation, Polish authorities have arrested four individuals and the United States has seized nine domains that […]
- OttoKit WordPress Plugin with 100K+ Installs Hit...by info@thehackernews.com (The Hacker News) on May 7, 2025 at 1:44 pm
A second security flaw impacting the OttoKit (formerly SureTriggers) WordPress plugin has come under active exploitation in the wild. The vulnerability, tracked as CVE-2025-27007 (CVSS score: 9.8), is a privilege escalation bug impacting all versions of the plugin prior to and including version […]
- SysAid Patches 4 Critical Flaws Enabling Pre-Auth...by info@thehackernews.com (The Hacker News) on May 7, 2025 at 11:31 am
Cybersecurity researchers have disclosed multiple security flaw in the on-premise version of SysAid IT support software that could be exploited to achieve pre-authenticated remote code execution with elevated privileges. The vulnerabilities, tracked as CVE-2025-2775, CVE-2025-2776, and […]
- Reevaluating SSEs: A Technical Gap Analysis of...by info@thehackernews.com (The Hacker News) on May 7, 2025 at 10:56 am
Security Service Edge (SSE) platforms have become the go-to architecture for securing hybrid work and SaaS access. They promise centralized enforcement, simplified connectivity, and consistent policy control across users and devices. But there's a problem: they stop short of where the most […]
- Play Ransomware Exploited Windows CVE-2025-29824...by info@thehackernews.com (The Hacker News) on May 7, 2025 at 10:44 am
Threat actors with links to the Play ransomware family exploited a recently patched security flaw in Microsoft Windows as a zero-day as part of an attack targeting an unnamed organization in the United States. The attack, per the Symantec Threat Hunter Team, part of Broadcom, leveraged […]
- Researchers Uncover Malware in Fake Discord PyPI...by info@thehackernews.com (The Hacker News) on May 7, 2025 at 7:37 am
Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that masquerades as a seemingly harmless Discord-related utility but incorporates a remote access trojan. The package in question is discordpydebug, which was uploaded to PyPI on March 21, […]
- NSO Group Fined $168M for Targeting 1,400...by info@thehackernews.com (The Hacker News) on May 7, 2025 at 6:22 am
A federal jury on Tuesday decided that NSO Group must pay Meta-owned WhatsApp WhatsApp approximately $168 million in monetary damages, more than four months after a federal judge ruled that the Israeli company violated U.S. laws by exploiting WhatsApp servers to deploy Pegasus spyware, targeting […]
- Hackers Exploit Samsung MagicINFO, GeoVision IoT...by info@thehackernews.com (The Hacker News) on May 6, 2025 at 3:33 pm
Threat actors have been observed actively exploiting security flaws in GeoVision end-of-life (EoL) Internet of Things (IoT) devices to corral them into a Mirai botnet for conducting distributed denial-of-service (DDoS) attacks. The activity, first observed by the Akamai Security Intelligence and […]
- New Investment Scams Use Facebook Ads, RDGA...by info@thehackernews.com (The Hacker News) on May 6, 2025 at 1:36 pm
Cybersecurity researchers have lifted the lid on two threat actors that orchestrate investment scams through spoofed celebrity endorsements and conceal their activity through traffic distribution systems (TDSes). The activity clusters have been codenamed Reckless Rabbit and Ruthless Rabbit by DNS […]
- Third Parties and Machine Credentials: The Silent...by info@thehackernews.com (The Hacker News) on May 6, 2025 at 11:25 am
It wasn't ransomware headlines or zero-day exploits that stood out most in this year's Verizon 2025 Data Breach Investigations Report (DBIR) — it was what fueled them. Quietly, yet consistently, two underlying factors played a role in some of the worst breaches: third-party exposure and machine […]
WordPress News
- WordPress Campus Connect Expandsby Anand Upadhyay on May 7, 2025 at 12:40 pm
WordPress Campus Connect, initially launched in October 2024 as a pilot program, has now been formally established as an official event series due to its resounding success. The inaugural program, spearheaded by myself, Anand Upadhyay, garnered immense enthusiasm from 400 Indian students who were […]
- WordPress 6.8.1 Maintenance Releaseby Aaron Jorbin on April 30, 2025 at 5:17 pm
WordPress 6.8.1 is now available! This minor release includes fixes for 15 bugs throughout Core and the Block Editor addressing issues affecting multiple areas of WordPress including the block editor, multisite, and REST API. For a full list of bug fixes, please refer to the release candidate […]
- WordPress Jubileeby Matt Mullenweg on April 22, 2025 at 2:07 am
As I said, we’re dropping all the human blocks. Community guidelines, directory guidelines, and such will need to be followed going forward, but whatever blocks were in place before are now cleared. It may take a few days, but any pre-existing blocks are considered bugs to be fixed.
- WordPress 6.8 “Cecil”by Jeffrey Paul on April 15, 2025 at 5:00 pm
WordPress 6.8, code-named “Cecil,” refines your creative workflow with a streamlined Style Book, now available in select Classic themes. Enjoy faster navigation via speculative loading, stronger security with bcrypt password hashing, and over 100 accessibility improvements. With thoughtful […]
- WordCamp Europe 2025: Sali, Basel!by Brett McSherry on April 14, 2025 at 7:16 pm
WordCamp Europe 2025 will be held in gorgeous Basel, Switzerland, from June 5 to 7. It will bring together open source enthusiasts, developers, and WordPress professionals from across the region—and the world! This year’s event offers fresh perspectives, engaging conversations, and countless […]
- WordPress 6.8 Release Candidate 3by Jeffrey Paul on April 8, 2025 at 3:54 pm
WordPress 6.8 RC 3 is ready for download and testing! The scheduled final release date for WordPress 6.8 is April 15, 2025. Your help testing over the next week is vital to ensuring the final release is everything it should be: stable, powerful, and intuitive.
- WordPress 6.8 Release Candidate 2by Jonathan Desrosiers on April 1, 2025 at 3:53 pm
The second Release Candidate (“RC2”) for WordPress 6.8 is ready for download and testing! This version of the WordPress software is under development. Please do not install, run, or test this version of WordPress on production or mission-critical websites. Instead, it’s recommended that you […]
- WordPress 6.8 Release Candidate 1by Jeffrey Paul on March 25, 2025 at 4:19 pm
WordPress 6.8 RC 1 is ready for download and testing! The scheduled final release date for WordPress 6.8 is April 15, 2025. Your help testing over the next three weeks is vital to ensuring the final release is everything it should be: stable, powerful, and intuitive.
- WordPress 6.8 Beta 3by Jeffrey Paul on March 18, 2025 at 3:35 pm
WordPress 6.8 Beta 3 is ready for download and testing! The scheduled final release date for WordPress 6.8 is April 15, 2025. Your help testing Beta and RC versions over the next four weeks is vital to ensuring the final release is everything it should be: stable, powerful, and intuitive.
- WordPress 6.8 Beta 2by Jeffrey Paul on March 11, 2025 at 3:46 pm
WordPress 6.8 Beta 2 is ready for download and testing! The scheduled final release date for WordPress 6.8 is April 15, 2025. Your help testing Beta and RC versions over the next five weeks is vital to ensuring the final release is everything it should be: stable, powerful, and intuitive.