"Post SMTP plugin flaw exposes 200K WordPress sites to hijacking attacks."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 26 July 2025, 2227 UTC.

Content and Source:  Data compiled by https://feedly.com.

 https://feedly.com/i/collection/content/user/f401222a-bca6-4c45-9cc1-183f239e8d86/category/7737d3c9-5fe2-4b34-8708-85e57085f895

Please check email link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Security News Bundle

254

Most popular

Post SMTP plugin flaw exposes 200K WordPress sites to hijacking attacks

Account Manipulation (Enterprise T1098)

•

42BleepingComputer / 4h

More than 200,000 WordPress websites are using a vulnerable version of the Post SMTP plugin that allows hackers to take control of the administrator account. [...]

Congress tries to outlaw AI that jacks up prices based on what it knows about you

The Register – Security / 9h

Surveillance-based pricing? Two lawmakers say enough Two Democratic members of Congress, Greg Casar (D-TX) and Rashida Tlaib (D-MI,) have introduced legislation in the US House of Representatives to ban the use of AI surveillance to set prices and wages.…

How logic can help AI models tell more truth, according to AWS

ZDNet | Security / 11h

Linking AI models to formal verification methods can correct LLM shortcomings such as false assertions. Amazon's Byron Cook explains the promise of automated reasoning.

Today

Allianz Life confirms data breach impacts majority of 1.4 million customers

5 TTPs

•

36BleepingComputer / 4h

•

Allianz Life data breach

Insurance company Allianz Life has confirmed that the personal information for the "majority" of its 1.4 million customers was exposed in a data breach that occurred earlier this month. [...]

Law enforcement operations seized BlackSuit ransomware gang’s darknet sites

15 TTPs

•

Security Affairs / 8h

•

BlackSuit ransomware sites seized worldwide

An international law enforcement operation seized the dark web data leak site of the BlackSuit ransomware group. A banner on the BlackSuit ransomware group’s TOR data leak sites informs visitors that they were seized by U.S. Homeland Security Investigations in a global law enforcement operation. The notice features logos of 17 law enforcement agencies and cybersecurity firm Bitdefender. The Black

Blame a leak for Microsoft SharePoint attacks, researcher insists

2 TTPs

•

The Register – Security / 10h

MAPP program to blame? A week after Microsoft told the world that its July software updates didn't fully fix a couple of bugs, which allowed miscreants to take over on-premises SharePoint servers and remotely execute code, researchers have assembled much of the puzzle — with one big missing piece.…

Arizona woman sentenced for aiding North Korea in U.S. IT job fraud scheme

Arizona woman sentenced North Korea fraud

•

Security Affairs / 12h

Arizona woman gets 8 years for helping North Korea-linked threat actors to infiltrate 309 U.S. firms with fake IT jobs. Christina Marie Chapman (50) from Arizona, was sentenced to 102 months in prison for aiding North Korean IT workers in infiltrating 309 U.S. companies. She pleaded guilty to charges including aggravated identity theft, conspiracy to defraud the U.S., and conspiracy to commit mon

OpenAI teases imminent GPT-5 launch. Here's what to expect

OpenAI tests new advanced models

•

ZDNet | Security / 12h

Another day, another model.

Yesterday

8 smart home gadgets that instantly upgraded my house (and why they work)

ZDNet | Security / 13h

I test plenty of smart home devices, but I only keep a few favorites that I'd thoroughly recommend. Read on to find out which ones.

I ran with the Apple Watch and Samsung Watch 8 - here's the better AI coach

Samsung Galaxy Watch 8 Running Coach

•

ZDNet | Security / 15h

Apple and Samsung each offer an AI-powered running coach in their flagship smart watches. I put them both to the test.

Operation CargoTalon targets Russia’s aerospace with EAGLET malware,

13 TTPs

•

Security Affairs / 1d

•

Russian aerospace targeted by EAGLET malware

Operation CargoTalon targets Russia’s aerospace and defense sectors with EAGLET malware, using TTN documents to exfiltrate data. SEQRITE Labs researchers uncovered a cyber-espionage campaign, dubbed Operation CargoTalon, targeting Russia’s aerospace and defense sectors, specifically Voronezh Aircraft Production Association (VASO), via malicious TTN documents. “Товарно-транспортная накладная” (TTN

Unpatched flaw in EoL LG LNV5110R cameras lets hackers gain Admin access

4 TTPs

•

Security Affairs / 1d

•

CVE-2025-7742

Hundreds of LG LNV5110R cameras are affected by an unpatched auth bypass flaw that allows hackers to gain admin access. US Cybersecurity and Infrastructure Security Agency warns that hundreds of LG LNV5110R cameras are impacted by an unpatched authentication bypass vulnerability. The flaw, tracked as CVE-2025-7742 (CVSS score of 8.3), can allow attackers to gain admin access. The vulnerability wa

Cyber Career Opportunities: Weighing Certifications vs. Degrees

Dark Reading / 1d

Longtime CISO Melina Scotto joins Dark Reading to discuss career advice gleaned from her 30 years in the cyber industry.

Amazon AI coding agent hacked to inject data wiping commands

Hacker injects destructive commands into Amazon Q

•

100+BleepingComputer / 1d

A hacker planted data wiping code in a version of Amazon's generative AI-powered assistant, the Q Developer Extension for Visual Studio Code. [...]

'Fire Ant' Cyber Spies Compromise Siloed VMware Systems

Dark Reading / 1d

Suspected China-nexus threat actors targeted virtual environments and used several tools and techniques to bypass security barriers and reach isolated portions of victims' networks.

Senator to Google: Give us info from telco Salt Typhoon probes

Senator requests Salt Typhoon security details

•

The Register – Security / 1d

AT&T and Verizon refused to hand over the security assessments, says Cantwell US Senator Maria Cantwell (D-WA) has demanded that Google-owned incident response firm Mandiant hand over the Salt Typhoon-related security assessments of AT&T and Verizon that, according to the lawmaker, both operators have thus far refused to give Congress.…

UK Online Safety Act: Is the Day of Reckoning for Adult Websites a Wake-up Call for Games and XR Studios?

IT Security Guru / 1d

Today, the UK’s Online Safety Act enters a new phase of enforcement and media attention is riveted on the adult content industry. Age assurance is not only required, but now actively policed, with Ofcom empowered to block access and impose fines up to £18M or 10% of global revenue. This change is not gradual. The industry has mobilised with urgency, with 1,300 UK adult websites having deployed so

AI-Generated Linux Miner 'Koske' Beats Human Malware

AI malware hides in panda images

•

Dark Reading / 1d

AI malware is becoming less of a gimmick, with features that meet or exceed what traditional human-developed malware typically can do.

Microsoft investigates outage affecting Microsoft 365 admin center

56BleepingComputer / 1d

Microsoft is investigating an ongoing outage blocking Microsoft 365 administrators with business or enterprise subscriptions from accessing the admin center. [...]

North Korea's IT Worker Rampage Continues Amid DoJ Action

Dark Reading / 1d

Arrests and indictments keep coming, but the North Korean fake IT worker scheme is only snowballing, and businesses can't afford to assume their applicant-screening processes are up to the task of weeding the imposters out.

Microsoft gives Copilot a face - here's how to try your new Appearance chat buddy

Microsoft personalizes AI with virtual presence

•

ZDNet | Security / 1d

Available now for Copilot Labs testers, Appearance can smile, nod, and even raise an eyebrow during your voice conversations.

The role of the cybersecurity PM in incident-driven development

BleepingComputer / 1d

From PowerShell abuse to USB data theft, modern threats hit fast—and hard.vSee how security-minded PMs are responding with real-time controls, smarter policies, and tools like ThreatLocker Patch Management. [...]

Google's new AI tool Opal turns prompts into apps, no coding required

Google Labs launches Opal AI mini apps

•

ZDNet | Security / 1d

The Google Labs tool enables developers to create apps using natural language prompts and interactive visual aids.

These AR swim goggles I tested have all the relevant metrics (and no subscription)

ZDNet | Security / 1d

Form's Smart Swim 2 Pro AR goggles are made with Gorilla Glass 3 and an anti-fog solution, but it's the advanced coaching features that helped me swim faster.

Google's new Search mode puts classic results back on top - how to access it

Google introduces AI-organized search results

•

ZDNet | Security / 1d

Web Guide makes it a lot easier to target your search to a concentrated area of a topic.

U.S. Sanctions Firm Behind N. Korean IT Scheme; Arizona Woman Jailed for Running Laptop Farm

US sanctions North Korean IT schemes

•

28The Hacker News / 1d

The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) sanctioned a North Korean front company and three associated individuals for their involvement in the fraudulent remote information technology (IT) worker scheme designed to generate illicit revenues for Pyongyang. The sanctions target Korea Sobaeksu Trading Company (aka Sobaeksu United Corporation), and Kim Se Un, Jo

Patchwork Targets Turkish Defense Firms with Spear-Phishing Using Malicious LNK Files

IoC > 2 domains

•

33The Hacker News / 1d

•

13 TTPs

•

Dropping Elephant targets Turkish defense

The threat actor known as Patchwork has been attributed to a new spear-phishing campaign targeting Turkish defense contractors with the goal of gathering strategic intelligence. "The campaign employs a five-stage execution chain delivered via malicious LNK files disguised as conference invitations sent to targets interested in learning more about unmanned vehicle systems," Arctic Wolf Labs said

Trump's AI plan says a lot about open source - but here's what it leaves out

ZDNet | Security / 1d

The AI Action Plan pretty much frees up AI companies to do what they want, but it also supports the use of open source for AI. What that means is one big open question.

Freelance dev shop Toptal caught serving malware after GitHub account break-in

3 TTPs

•

The Register – Security / 1d

•

Toptal GitHub breach malware packages

Malicious code lurking in over 5,000 downloads, says Socket researcher Developer freelancing platform Toptal has been inadvertently spreading malicious code after attackers broke into its systems and began distributing malware through developer accounts.…

The Dell laptop I recommend to most college students is $350 off at Best Buy

ZDNet | Security / 1d

Dell's Inspiron 14 Plus boasts solid hardware and a long-lasting battery, making it perfect for long days.

Why Security Nudges Took Off

Dark Reading / 1d

Nudges can be powerful — but they are not immune to overuse or misapplication.

How to sync passkeys in Chrome across your PC, Mac, iPhone, or Android

ZDNet | Security / 1d

With Google's Password Manager, you're able to save and sync passkeys in Chrome across a range of devices.

Cyber Espionage Campaign Hits Russian Aerospace Sector Using EAGLET Backdoor

IoC > 1 IP

•

28The Hacker News / 1d

•

11 TTPs

Russian aerospace and defense industries have become the target of a cyber espionage campaign that delivers a backdoor called EAGLET to facilitate data exfiltration. The activity, dubbed Operation CargoTalon, has been assigned to a threat cluster tracked as UNG0901 (short for Unknown Group 901). "The campaign is aimed at targeting employees of Voronezh Aircraft Production Association (VASO), one

In Other News: $30k Google Cloud Build Flaw, Louis Vuitton Breach Update, Attack Surface Growth

Louis Vuitton data breach impacts thousands

•

SecurityWeek / 1d

Noteworthy stories that might have slipped under the radar: Google Cloud Build vulnerability earns researcher big bounty, more countries hit by Louis Vuitton data breach, organizations’ attack surface is increasing. The post appeared first on SecurityWeek .

The Young and the Restless: Young Cybercriminals Raise Concerns

Dark Reading / 1d

National governments warn that many hacker groups attract young people through a sense of community, fame, or the promise of money and the perception of a lack of risk of prosecution.

Microsoft admits it 'cannot guarantee' data sovereignty

Microsoft faces data sovereignty challenges

•

37The Register – Security / 1d

Under oath in French Senate, exec says it would be compelled – however unlikely – to pass local customer info to US admin Microsoft says it "cannot guarantee" data sovereignty to customers in France – and by implication the wider European Union – should the Trump administration demand access to customer information held on its servers.…

I got ChatGPT Agent to deliver a truly useful report - and then NotebookLM took it to the next level

ZDNet | Security / 1d

Can ChatGPT Agent and NotebookLM actually do real work together? I tested them on a cloud storage comparison project. The result was surprisingly impressive.

US sanctions North Korean firm, nationals behind IT worker schemes

US sanctions North Korean IT schemes

•

21BleepingComputer / 1d

The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) has sanctioned three North Korean nationals and a company for supporting fraudulent IT worker schemes that generated illicit revenue for the Democratic People's Republic of Korea (DPRK) government. [...]

Can Security Culture Be Taught? AWS Says Yes

Dark Reading / 1d

Newly appointed Amazon Web Services CISO Amy Herzog believes security culture goes beyond frameworks and executive structures. Having the right philosophy throughout the organization is key.

Mitel Patches Critical Flaw in Enterprise Communication Platform

SecurityWeek / 1d

An authentication bypass vulnerability in Mitel MiVoice MX-ONE could allow attackers to access user or admin accounts on the system. The post appeared first on SecurityWeek .

Sophisticated Koske Linux Malware Developed With AI Aid

AI malware hides in panda images

•

SecurityWeek / 1d

The Koske Linux malware shows how cybercriminals can use AI for payload development, persistence, and adaptivity. The post appeared first on SecurityWeek .

Woman gets 8 years for aiding North Koreans infiltrate 300 US firms

Arizona woman sentenced North Korea fraud

•

50BleepingComputer / 1d

Christina Marie Chapman, a 50-year-old woman from Arizona, was sentenced to 102 months in prison after pleading guilty to her involvement in a scheme that enabled North Korean IT workers to infiltrate 309 U.S. companies. [...]

Soco404 and Koske Malware Target Cloud Services with Cross-Platform Cryptomining Attacks

IoC > 1 domain

•

68The Hacker News / 1d

•

14 TTPs

•

Malware targets cloud cryptomining campaigns

Threat hunters have disclosed two different malware campaigns that have targeted vulnerabilities and misconfigurations across cloud environments to deliver cryptocurrency miners. The threat activity clusters have been codenamed Soco404 and Koske by cloud security firms Wiz and Aqua, respectively. Soco404 "targets both Linux and Windows systems, deploying platform-specific malware," Wiz

Overcoming Risks from Chinese GenAI Tool Usage

48The Hacker News / 1d

A recent analysis of enterprise data suggests that generative AI tools developed in China are being used extensively by employees in the US and UK, often without oversight or approval from security teams. The study, conducted by Harmonic Security, also identifies hundreds of instances in which sensitive data was uploaded to platforms hosted in China, raising concerns over compliance, data

Koske, a new AI-Generated Linux malware appears in the threat landscape

9 TTPs

•

Security Affairs / 1d

•

AI malware hides in panda images

Koske is a new Linux malware designed for cryptomining, likely developed with the help of artificial intelligence. Koske is a new Linux AI-generated malware that was developed for cryptomining activities. Aquasec researchers reported that the malicious code uses rootkits and polyglot image file abuse to evade detection. Attackers exploit a misconfigured server to drop backdoors and download two J

Advisor to Brit tech contractors Qdos confirms client data leak

The Register – Security / 1d

Policy management not affected, but some personal data may have been snaffled Updated Business insurance and employment status specialist Qdos has confirmed that an intruder has stolen some customers personal data, according to a communication to tech contractors that was seen by The Register .…

Microsoft lifts Windows 11 update block for Easy Anti-Cheat users

55BleepingComputer / 1d

Microsoft has removed a compatibility hold that prevented some Easy Anti-Cheat users from installing the Windows 11 2024 Update because of a known issue that triggers restarts with blue screen of death (BSOD) errors. [...]