Meta’s recovery plan needed re... Note

Meta’s recovery plan needed recovery.

Meta's recent bug in a support tool inadvertently exposed over 20,000 Instagram accounts. CISA has issued a warning about active attacks targeting a vulnerability in SolarWinds Serv-U software. WordPress sites are also at risk due to the exploitation of a widely used plugin. A new variant of the Gafgyt botnet has emerged, expanding its malicious reach. Threat actors known as "Pink" are stealing cloud data using vishing and legitimate tools. Allegations have surfaced accusing IBM and AT&T of concealing hacks. Separately, a dark web drug dealer received a sentence of over 26 years. Tim Starks discussed ongoing debates regarding staffing and budget cuts at CISA. NATO recently participated in a cyber attack simulation where Ukraine acted as the adversary. The CyberWire Daily podcast is produced by N2K Networks.