Microsoft

Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign

Microsoft Threat Intelligence identified a large-scale npm supply chain attack affecting 32 maliciously modified packages across more than 90 versions under the @redhat-cloud-services npm scope. The ...

WordPress malware uses Steam profile comments for command and control

The comments on some Steam Profiles are actually loaded with invisible malware.
The Next Web

A WordPress plugin sold to 15,000 sites has a flaw that lets anyone create an admin account, and attackers are already using it

CVE-2026-8732 in WP Maps Pro lets unauthenticated attackers create admin accounts on 15,000+ WordPress sites. Wordfence blocked 2,858 attacks in 24 hours.
kcra.com

California EDD wasted over $4.6 million in state funds on unused mobile devices, audit finds

SILVESTRI ALLEGEDLY SET UP THE MEETING. THE CALIFORNIA STATE AUDITOR HAS RELEASED AN ANNUAL REPORT OF GOVERNMENT WASTE AND AMONG ITS FINDINGS, THE STATE’S EMPLOYMENT DEPARTMENT SPENT MILLIONS OF ...
AOL

Should You Cancel Unused Credit Cards? Financial Experts vs. Reddit

What to do with an unwanted credit card? A thread in Reddit's r/personalfinance subreddit recently reignited a debate that's been circling personal finance forums for years: Should you cancel unused ...
The Mirror

HMRC 'unused allowance' alert as deadline and rule change ahead

With less than a month remaining until the end of the HMRC tax year and numerous new policies taking effect alongside resetting limits, a finance expert has cautioned that millions of Britons risk ...
Sacramento Bee

CA agency wasted $4.6 million on thousands of unused cellphones, state audit finds

The state’s Employment Development Department wasted at least $4.6 million buying more than 6,200 cellphones amid the COVID-19 pandemic that the department didn’t use for months, the California State ...