Below I’ve curated cyber security news from the world-wide-web – the lefthand column is from “The Hacker News” website and on the right is news from “Security Week”. Both are top cyber security news sites. In the very least this shows that threats are daily and they are very real.
Hacker News
- Microsoft Secures MSA Signing with Azure...by info@thehackernews.com (The Hacker News) on April 22, 2025 at 7:38 am
Microsoft on Monday announced that it has moved the Microsoft Account (MSA) signing service to Azure confidential virtual machines (VMs) and that it's also in the process of migrating the Entra ID signing service as well. The disclosure comes about seven months after the tech giant said it […]
- Lotus Panda Hacks SE Asian Governments With...by info@thehackernews.com (The Hacker News) on April 22, 2025 at 4:29 am
The China-linked cyber espionage group tracked as Lotus Panda has been attributed to a campaign that compromised multiple organizations in an unnamed Southeast Asian country between August 2024 and February 2025. "Targets included a government ministry, an air traffic control organization, a […]
- Kimsuky Exploits BlueKeep RDP Vulnerability to...by info@thehackernews.com (The Hacker News) on April 21, 2025 at 4:42 pm
Cybersecurity researchers have flagged a new malicious campaign related to the North Korean state-sponsored threat actor known as Kimsuky that exploits a now-patched vulnerability impacting Microsoft Remote Desktop Services to gain initial access. The activity has been named Larva-24005 by the […]
- SuperCard X Android Malware Enables Contactless...by info@thehackernews.com (The Hacker News) on April 21, 2025 at 3:13 pm
A new Android malware-as-a-service (MaaS) platform named SuperCard X can facilitate near-field communication (NFC) relay attacks, enabling cybercriminals to conduct fraudulent cashouts. The active campaign is targeting customers of banking institutions and card issuers in Italy with an aim to […]
- 5 Reasons Device Management Isn't Device Trustby info@thehackernews.com (The Hacker News) on April 21, 2025 at 11:25 am
The problem is simple: all breaches start with initial access, and initial access comes down to two primary attack vectors – credentials and devices. This is not news; every report you can find on the threat landscape depicts the same picture. The solution is more complex. For this article, […]
- ⚡ THN Weekly Recap: iOS Zero-Days, 4Chan...by info@thehackernews.com (The Hacker News) on April 21, 2025 at 10:10 am
Can a harmless click really lead to a full-blown cyberattack? Surprisingly, yes — and that’s exactly what we saw in last week’s activity. Hackers are getting better at hiding inside everyday actions: opening a file, running a project, or logging in like normal. No loud alerts. No obvious red […]
- Hackers Abuse Russian Bulletproof Host Proton66...by info@thehackernews.com (The Hacker News) on April 21, 2025 at 7:01 am
Cybersecurity researchers have disclosed a surge in "mass scanning, credential brute-forcing, and exploitation attempts" originating from IP addresses associated with a Russian bulletproof hosting service provider named Proton66. The activity, detected since January 8, 2025, targeted organizations […]
- APT29 Deploys GRAPELOADER Malware Targeting...by info@thehackernews.com (The Hacker News) on April 20, 2025 at 4:58 am
The Russian state-sponsored threat actor known as APT29 has been linked to an advanced phishing campaign that's targeting diplomatic entities across Europe with a new variant of WINELOADER and a previously unreported malware loader codenamed GRAPELOADER. "While the improved WINELOADER variant is […]
- Rogue npm Packages Mimic Telegram Bot API to...by info@thehackernews.com (The Hacker News) on April 19, 2025 at 3:11 pm
Cybersecurity researchers have uncovered three malicious packages in the npm registry that masquerade as a popular Telegram bot library but harbor SSH backdoors and data exfiltration capabilities. The packages in question are listed below - node-telegram-utils (132 downloads) […]
- ASUS Confirms Critical Flaw in AiCloud Routers;...by info@thehackernews.com (The Hacker News) on April 19, 2025 at 8:52 am
ASUS has disclosed a critical security flaw impacting routers with AiCloud enabled that could permit remote attackers to perform unauthorized execution of functions on susceptible devices. The vulnerability, tracked as CVE-2025-2492, has a CVSS score of 9.2 out of a maximum of 10.0. "An improper […]
WordPress News
- WordPress Jubileeby Matt Mullenweg on April 22, 2025 at 2:07 am
As I said, we’re dropping all the human blocks. Community guidelines, directory guidelines, and such will need to be followed going forward, but whatever blocks were in place before are now cleared. It may take a few days, but any pre-existing blocks are considered bugs to be fixed.
- WordPress 6.8 “Cecil”by Jeffrey Paul on April 15, 2025 at 5:00 pm
WordPress 6.8, code-named “Cecil,” refines your creative workflow with a streamlined Style Book, now available in select Classic themes. Enjoy faster navigation via speculative loading, stronger security with bcrypt password hashing, and over 100 accessibility improvements. With thoughtful […]
- WordCamp Europe 2025: Sali, Basel!by Brett McSherry on April 14, 2025 at 7:16 pm
WordCamp Europe 2025 will be held in gorgeous Basel, Switzerland, from June 5 to 7. It will bring together open source enthusiasts, developers, and WordPress professionals from across the region—and the world! This year’s event offers fresh perspectives, engaging conversations, and countless […]
- WordPress 6.8 Release Candidate 3by Jeffrey Paul on April 8, 2025 at 3:54 pm
WordPress 6.8 RC 3 is ready for download and testing! The scheduled final release date for WordPress 6.8 is April 15, 2025. Your help testing over the next week is vital to ensuring the final release is everything it should be: stable, powerful, and intuitive.
- WordPress 6.8 Release Candidate 2by Jonathan Desrosiers on April 1, 2025 at 3:53 pm
The second Release Candidate (“RC2”) for WordPress 6.8 is ready for download and testing! This version of the WordPress software is under development. Please do not install, run, or test this version of WordPress on production or mission-critical websites. Instead, it’s recommended that you […]
- WordPress 6.8 Release Candidate 1by Jeffrey Paul on March 25, 2025 at 4:19 pm
WordPress 6.8 RC 1 is ready for download and testing! The scheduled final release date for WordPress 6.8 is April 15, 2025. Your help testing over the next three weeks is vital to ensuring the final release is everything it should be: stable, powerful, and intuitive.
- WordPress 6.8 Beta 3by Jeffrey Paul on March 18, 2025 at 3:35 pm
WordPress 6.8 Beta 3 is ready for download and testing! The scheduled final release date for WordPress 6.8 is April 15, 2025. Your help testing Beta and RC versions over the next four weeks is vital to ensuring the final release is everything it should be: stable, powerful, and intuitive.
- WordPress 6.8 Beta 2by Jeffrey Paul on March 11, 2025 at 3:46 pm
WordPress 6.8 Beta 2 is ready for download and testing! The scheduled final release date for WordPress 6.8 is April 15, 2025. Your help testing Beta and RC versions over the next five weeks is vital to ensuring the final release is everything it should be: stable, powerful, and intuitive.
- WordPress 6.8 Beta 1by Jeffrey Paul on March 4, 2025 at 5:09 pm
WordPress 6.8 Beta 1 is ready for download and testing! The scheduled final release date for WordPress 6.8 is April 15, 2025. Your help testing Beta and RC versions over the next six weeks is vital to ensuring the final release is everything it should be: stable, powerful, and intuitive.
- Shaping Tomorrow at WordCamp Asia 2025by Nicholas Garofalo on February 22, 2025 at 3:04 pm
Over 1,400 attendees from 71 countries gathered at the Philippine International Convention Center in Manila, and nearly 15,000 more joined online, for WordCamp Asia 2025. It’s the people. It’s the friendships and the stories. Matt Mullenweg, WordPress Cofounder The flagship WordPress event […]