Critical WordPress Post SMTP plugin flaw exposes 200K+ sites to full takeover
Critical vulnerability in Post SMTP plugin risks full site takeover, over 400k sites use it, and nearly half remain unpatched.…
July 2025
Hackers Breach Toptal’s GitHub, Publish Malicious NPM Packages
Hackers compromised the GitHub account of freelance talent marketplace Toptal, gaining access to their entire repository of software, then injected…
Archaeologists Unearth 6-Foot-Tall Bronze Age Warrior Clutching a Spear
The man, who died roughly 3,800 years ago, may have been a prominent military leader and was buried in an…
Virtual Environments Under Fire: Fire Ant Campaign Breaches VMware Systems
A threat actor, codenamed Fire Ant, has targeted virtualization and networking infrastructure as part of a prolonged cyber-espionage campaign uncovered…
Scattered Spider targets VMware ESXi in using social engineering
Scattered Spider targets VMware ESXi in North America using social engineering, mainly fake IT help desk calls instead of software…
Comment Now! NIST IR 8374, Ransomware Risk Management: A Cybersecurity Framework 2.0 Community Profile
Earlier this year, the NIST National Cybersecurity Center of Excellence published an initial public draft of NIST Interagency Report (NIST…
Email Security Is Stuck in the Antivirus Era: Why It Needs a Modern Approach
Picture this: you’ve hardened every laptop in your fleet with real‑time telemetry, rapid isolation, and automated rollback. But the corporate…
Microsoft SharePoint Zero-Day
Chinese hackers are exploiting a high-severity vulnerability in Microsoft SharePoint to steal data worldwide: The vulnerability, tracked as CVE-2025-53770, carries…
Sophos’ Secure by Design 2025 Progress
We are pleased to openly share our pledges and the progress we are making in each of the seven core…
Weekly Update 462
Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite…