Below I’ve curated cyber security news from the world-wide-web – the lefthand column is from “The Hacker News” website and on the right is news from “Security Week”. Both are top cyber security news sites. In the very least this shows that threats are daily and they are very real.
Hacker News
- Three Microsoft Defender Zero-Days Actively...
by info@thehackernews.com (The Hacker News) on April 17, 2026 at 1:21 pmHuntress is warning that threat actors are exploiting three recently disclosed security flaws in Microsoft Defender to gain elevated privileges in compromised systems. The activity involves the exploitation of three vulnerabilities that are codenamed BlueHammer (requires GitHub sign-in), RedSun, […]
- Google Blocks 8.3B Policy-Violating Ads in 2025,...
by info@thehackernews.com (The Hacker News) on April 17, 2026 at 10:47 amGoogle this week announced a new set of Play policy updates to strengthen user privacy and protect businesses against fraud, even as it revealed it blocked or removed over 8.3 billion ads globally and suspended 24.9 million accounts in 2025. The new policy updates relate to contact and location […]
- NIST Limits CVE Enrichment After 263% Surge in...
by info@thehackernews.com (The Hacker News) on April 17, 2026 at 7:14 amThe National Institute of Standards and Technology (NIST) has announced changes to the way it handles cybersecurity vulnerabilities and exposures (CVEs) listed in its National Vulnerability Database (NVD), stating it will only enrich those that fulfil certain conditions owing to an explosion in CVE […]
- Operation PowerOFF Seizes 53 DDoS Domains,...
by info@thehackernews.com (The Hacker News) on April 17, 2026 at 5:46 amAn international law enforcement operation has taken down 53 domains and arrested four people in connection with commercial distributed denial-of-service (DDoS) operations that were used by more than 75,000 cybercriminals. The ongoing effort, dubbed Operation PowerOFF, disrupted access to the […]
- Apache ActiveMQ CVE-2026-34197 Added to CISA KEV...
by info@thehackernews.com (The Hacker News) on April 17, 2026 at 3:22 amA recently disclosed high-severity security flaw in Apache ActiveMQ Classic has come under active exploitation in the wild, per the U.S. Cybersecurity and Infrastructure Security Agency (CISA). To that end, the agency has added the vulnerability, tracked as CVE-2026-34197 (CVSS score: 8.8), to […]
- Newly Discovered PowMix Botnet Hits Czech Workers...
by info@thehackernews.com (The Hacker News) on April 16, 2026 at 5:52 pmCybersecurity researchers have warned of an active malicious campaign that's targeting the workforce in the Czech Republic with a previously undocumented botnet dubbed PowMix since at least December 2025. "PowMix employs randomized command-and-control (C2) beaconing intervals, rather than […]
- ThreatsDay Bulletin: Defender 0-Day, SonicWall...
by info@thehackernews.com (The Hacker News) on April 16, 2026 at 1:05 pmYou know that feeling when you open your feed on a Thursday morning and it's just... a lot? Yeah. This week delivered. We've got hackers getting creative in ways that are almost impressive if you ignore the whole "crime" part, ancient vulnerabilities somehow still ruining people's days, and […]
- [Webinar] Find and Eliminate Orphaned Non-Human...
by info@thehackernews.com (The Hacker News) on April 16, 2026 at 11:55 amIn 2024, compromised service accounts and forgotten API keys were behind 68% of cloud breaches. Not phishing. Not weak passwords. Unmanaged non-human identities that nobody was watching. For every employee in your org, there are 40 to 50 automated credentials: service accounts, API tokens, AI […]
- Cisco Patches Four Critical Identity Services,...
by info@thehackernews.com (The Hacker News) on April 16, 2026 at 11:27 amCisco has announced patches to address four critical security flaws impacting Identity Services and Webex Services that could result in arbitrary code execution and allow an attacker to impersonate any user within the service. The details of the vulnerabilities are below - CVE-2026-20184 (CVSS […]
- Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT...
by info@thehackernews.com (The Hacker News) on April 16, 2026 at 10:20 amA "novel" social engineering campaign has been observed abusing Obsidian, a cross-platform note-taking application, as an initial access vector to distribute a previously undocumented Windows remote access trojan called PHANTOMPULSE in attacks targeting individuals in the financial and […]
WordPress News
- Celebrating Community at WordCamp Asia 2026
by Brett McSherry on April 11, 2026 at 6:21 pmWordCamp Asia 2026 brought the global WordPress community to Mumbai, India, from April 9–11, gathering contributors, organizers, sponsors, speakers, and attendees at the Jio World Convention Centre for three days of learning, collaboration, and community. With 2,281 attendees, the event reflected […]
- How to Watch WordCamp Asia 2026 Live
by Brett McSherry on April 7, 2026 at 1:57 pmWordCamp Asia 2026 will be available to watch live across three days of streaming, making it easy for the global WordPress community to follow along from anywhere. This year’s live streamed programming begins with a special Contributor Day broadcast, followed by two full conference days of […]
- From AI to Open Source at WordCamp Asia 2026
by Brett McSherry on April 2, 2026 at 4:10 pmApril 9-11, 2026 | Jio World Convention Centre, Mumbai, India WordCamp Asia 2026 brings the WordPress community to Mumbai, India, from April 9 to 11, with a schedule shaped around artificial intelligence, enterprise WordPress, developer workflows, product strategy, and open source collaboration. […]
- WordPress 7.0 Release Candidate 2
by Mary Hubbard on March 26, 2026 at 6:37 pmThe second Release Candidate (“RC2”) for WordPress 7.0 is ready for download and testing! This version of the WordPress software is under development. Please do not install, run, or test this version of WordPress on production or mission-critical websites. Instead, it’s recommended that you […]
- WP Packages is Working the Way Open Source Shouldby Jonathan Bossenger on March 25, 2026 at 3:27 pm
When WP Engine acquired WPackagist on March 12, the WordPress developer community faced a familiar question: what happens when critical open source infrastructure ends up under corporate control? The community already had an answer in progress. Four days later, WP Packages (formerly WP Composer) […]
- WordPress 7.0 Release Candidate 1by Amy Kamala on March 24, 2026 at 7:32 pm
The first Release Candidate (“RC1”) for WordPress 7.0 is ready for download and testing! This version of the WordPress software is still under development. Please do not install, run, or test this version of WordPress on production or mission-critical websites. Instead, it’s recommended to […]
- WordPress 7.0 Beta 5by Ahmed Kabir Chaion on March 12, 2026 at 3:49 pm
WordPress 7.0 Beta 5 is ready for download and testing! This version of the WordPress software is still under development. Please do not install, run, or test this version of WordPress on production or mission-critical websites. Instead, it’s recommended to test Beta 5 on a test server and […]
- WordPress 6.9.4 Releaseby John Blackbourn on March 11, 2026 at 3:34 pm
WordPress 6.9.4 is now available WordPress 6.9.2 and WordPress 6.9.3 were released yesterday, addressing 10 security issues and a bug that affected template file loading on a limited number of sites. The WordPress Security Team has discovered that not all of the security fixes were fully applied, […]
- Your Browser Becomes Your WordPress
by Brandon Payton on March 11, 2026 at 1:00 pmFor nearly two decades, WordPress has been known for a simple, powerful idea: that anyone should be able to get online and start creating with minimal friction. The famous five-minute install captured that spirit for an earlier era of the web. Today, we’re introducing my.WordPress.net, a new take […]
- WordPress 6.9.3 and 7.0 beta 4by John Blackbourn on March 10, 2026 at 11:41 pm
WordPress 6.9.2 was released earlier today and addressed 10 security issues. A few users have subsequently reported an issue where the front end of their site was appearing blank after updating to 6.9.2. The issue has been narrowed down to some themes using an unusual approach to loading template […]