An oversight in a WordPress plug-in exposes PII and authentication data to malicious insiders.
https://threatpost.com/severe-wordpress-plug-in-updraftplus-bug-threatens-backups/178528/
The previously unknown SnapMC group exploits unpatched VPNs and webserver apps to breach systems and carry out quick-hit extortion in less time than it takes to order a pizza.
https://threatpost.com/rapid-attacks-extort-ransomware/175445/