BleepingComputer.com

"Post SMTP plugin flaw exposes 200K WordPress sites to hijacking attacks."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 26 July 2025, 1507 UTC.

Content and Source:  "BleepingComputer.com."

URL-- https://www.bleepingcomputer.com/

Please check URL or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

atest Articles

• 
   
  Security

  Post SMTP plugin flaw exposes 200K WordPress sites to hijacking attacks

  More than 200,000 WordPress websites are using a vulnerable version of the Post SMTP plugin that allows hackers to take control of the administrator account.

  • Bill Toulas
   
  • July 26, 2025
   
  • 10:17 AM
   
  •  0
• 
   
  Deals

  Boost productivity with 1min.AI’s countless AI tools for life, now just $80

  Instead of bouncing between multiple tools or wasting time on repetitive tasks, 1min.AI offers a single, streamlined productivity solution—and for a limited time, you can get lifetime access to the Advanced Business Plan for just $79.97 (reg. $540).

  • BleepingComputer Deals
   
  • July 26, 2025
   
  • 08:12 AM
   
  •  0
• 
   

  How to conduct an AI risk assessment [Free Guide] 

  Shadow AI is growing fast. Stay one step ahead.

  Learn how to take a scalable approach to AI risk assessments so you can safeguard your org's proprietary data without blocking innovation.

  • Nudge Security Sponsorship
• 
   
  Security, Artificial Intelligence

  Amazon AI coding agent hacked to inject data wiping commands

  A hacker planted data wiping code in a version of Amazon's generative AI-powered assistant, the Q Developer Extension for Visual Studio Code.

  • Bill Toulas
   
  • July 25, 2025
   
  • 04:43 PM
   
  •  0
• 
   
  Microsoft

  Microsoft investigates outage affecting Microsoft 365 admin center

  Microsoft is investigating an ongoing outage blocking Microsoft 365 administrators with business or enterprise subscriptions from accessing the admin center.

  • Sergiu Gatlan
   
  • July 25, 2025
   
  • 02:49 PM
   
  •  1
• 
   
  Security

  The role of the cybersecurity PM in incident-driven development

  From PowerShell abuse to USB data theft, modern threats hit fast—and hard.vSee how security-minded PMs are responding with real-time controls, smarter policies, and tools like ThreatLocker Patch Management.

  • ThreatLocker
   
  • July 25, 2025
   
  • 10:01 AM
   
  •  0
• 
   
  Security, Legal

  US sanctions North Korean firm, nationals behind IT worker schemes

  The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) has sanctioned three North Korean nationals and a company for supporting fraudulent IT worker schemes that generated illicit revenue for the Democratic People's Republic of Korea (DPRK) government.

  • Bill Toulas
   
  • July 25, 2025
   
  • 08:40 AM
   
  •  0
• 
   
  Security

  Woman gets 8 years for aiding North Koreans infiltrate 300 US firms

  Christina Marie Chapman, a 50-year-old woman from Arizona, was sentenced to 102 months in prison after pleading guilty to her involvement in a scheme that enabled North Korean IT workers to infiltrate 309 U.S. companies.

  • Sergiu Gatlan
   
  • July 25, 2025
   
  • 07:41 AM
   
  •  0
• 
   
  Deals

  Get this open-box touchscreen ASUS 2-in-1 Chromebook for $170 in this deal

  If you're looking for a sleek, powerful, and lightweight laptop that won't wreck your budget, take a longer look at the ASUS Chromebook CM30. For a limited time, you can grab this new, open-box 2-in-1 for just $169.99 (regularly $329.99) — and yes, shipping is free.

  • BleepingComputer Deals
   
  • July 25, 2025
   
  • 07:09 AM
   
  •  0
• 
   
  Microsoft

  Microsoft lifts Windows 11 update block for Easy Anti-Cheat users

  Microsoft has removed a compatibility hold that prevented some Easy Anti-Cheat users from installing the Windows 11 2024 Update because of a known issue that triggers restarts with blue screen of death (BSOD) errors.

  • Sergiu Gatlan
   
  • July 25, 2025
   
  • 06:11 AM
   
  •  0
• 
   
  Security

  BlackSuit ransomware extortion sites seized in Operation Checkmate

  Law enforcement has seized the dark web extortion sites of the BlackSuit ransomware operation, which has targeted and breached the networks of hundreds of organizations worldwide over the past several years.

  • Sergiu Gatlan
   
  • July 24, 2025
   
  • 05:34 PM
   
  •  0
• 
   
  Artificial Intelligence, Technology

  OpenAI confirms ChatGPT Agent is now rolling out for $20 Plus users

  ChatGPT Agent is now rolling out to users with $20 Plus subscription, but OpenAI warns that it will take a few days for the rollout to finish.

  • Mayank Parmar
   
  • July 24, 2025
   
  • 04:59 PM
   
  •  0
• 
   
  Security, CryptoCurrency, Linux

  New Koske Linux malware hides in cute panda images

  A new Linux malware named Koske may have been developed with artificial intelligence and is using seemingly benign JPEG images of panda bears to deploy malware directly into system memory.

  • Bill Toulas
   
  • July 24, 2025
   
  • 04:54 PM
   
  •  2
• 
   
  Deals

  Ditch subscriptions: Get SwifDoo PDF Pro for life at just $30 in this deal

  Powerful PDF editors are usually expensive or buried behind monthly subscriptions. That's what makes this deal on SwifDoo PDF Pro such a standout. For a limited time, you can get a perpetual lifetime license for just $29.97 (reg. $129).

  • BleepingComputer Deals
   
  • July 24, 2025
   
  • 02:10 PM
   
  •  0
• 
   
  Security, Gaming

  Hacker sneaks infostealer malware into early access Steam game

  A threat actor called EncryptHub has compromised a game on Steam to distribute info-stealing malware to unsuspecting users downloading the title.

  • Bill Toulas
   
  • July 24, 2025
   
  • 12:49 PM
   
  •  1
• 
   
  Security

  Mitel warns of critical MiVoice MX-ONE authentication bypass flaw

  Mitel Networks has released security updates to patch a critical-severity authentication bypass vulnerability impacting its MiVoice MX-ONE enterprise communications platform.

  • Sergiu Gatlan
   
  • July 24, 2025
   
  • 11:17 AM
   
  •  0
• 
   
  Security

  Hackers breach Toptal GitHub account, publish malicious npm packages

  Hackers compromised Toptal's GitHub organization account and used their access to publish ten malicious packages on the Node Package Manager (NPM) index.

  • Bill Toulas
   
  • July 24, 2025
   
  • 09:26 AM
   
  •  1
• 
   
  Security

  SonicWall urges admins to patch critical RCE flaw in SMA 100 devices

  SonicWall urges customers to patch SMA 100 series appliances against a critical authenticated arbitrary file upload vulnerability that can let attackers gain remote code execution.

  • Sergiu Gatlan
   
  • July 24, 2025
   
  • 07:17 AM
   
  •  0
• 
   
  Deals

  Prep for Microsoft Azure certifications at home for $30 in this course deal

  The 2025 Microsoft Azure Architect & Administrator Exam Certification Prep Bundle gives you the flexibility to learn everything you need to pass Microsoft Azure exams — from the comfort of your home. And lifetime access is on sale for just $29.97.

  • BleepingComputer Deals
   
  • July 24, 2025
   
  • 07:09 AM
   
  •  0
• 
   
  Security, Microsoft

  Microsoft: SharePoint flaws exploited in Warlock ransomware attacks

  A China-based hacking group is deploying Warlock ransomware on Microsoft SharePoint servers vulnerable to widespread attacks targeting the recently patched ToolShell zero-day exploit chain.

  • Sergiu Gatlan
   
  • July 24, 2025
   
  • 05:53 AM
   
  •  0
• 
   
  Security, Microsoft

  Brave blocks Windows Recall from screenshotting your browsing activity

  Brave Software says its privacy-focused browser will block Microsoft's Windows Recall from capturing screenshots of Brave windows by default to protect users' privacy.

  • Lawrence Abrams
   
  • July 23, 2025
   
  • 06:42 PM
   
  •  2

• 1
 
• 2
 
• 3
 
• 4
 
• 5
 

View More