Ram and I published a podcast today where we talked about the accidentally leaked zero-day exploit code for a new Windows bug, now called PrintNightmare. We also talked about easily exploitable vulnerabilities in the ProfilePress plugin, previously called WP User Avatar, were patched quickly. An unprotected cloud database containing over 814 million DreamHost user records was found online. Google Chrome is getting a HTTPS-only feature in an upcoming version, and two bugs, one of which is a zero-day, are leading to attackers fighting over control of internet-connected Western Digital My Book Live devices. 

You can find Think Like a Hacker on the Wordfence blog.