Over 5,000 WordPress websites globally have been breached in a new attack campaign that creates fake admin accounts and injects malicious plugins to steal data. It is unclear how the websites were initially compromised. A security report has prompted web admins to use firewalls and other systems, scrutinize privileged accounts and plugins, and strengthen cross-site request forgery defenses. The use of multi-factor authentication was also recommended.

NHS suppliers required to meet robust measures under Cyber Bill
The UK government has released its Cyber Security and Resilience Bill plans, seeking to bolster public service cyber defences, especially for the NHS. The legislation,