{"id":19366,"date":"2025-05-16T13:44:16","date_gmt":"2025-05-16T11:44:16","guid":{"rendered":"https:\/\/kordon.app\/?p=19366"},"modified":"2025-05-16T13:44:16","modified_gmt":"2025-05-16T11:44:16","slug":"13-cybersecurity-news-worth-your-attention-this-week-2-4-may-2025","status":"publish","type":"post","link":"https:\/\/kordon.app\/et\/13-cybersecurity-news-worth-your-attention-this-week-2-4-may-2025\/","title":{"rendered":"13 Cybersecurity News Worth Your Attention This Week (2\/4 May 2025)"},"content":{"rendered":"<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>Each week\u00a0I spend hours going throguh 20+ different cybersecurity news sources to find and summarise most interesting news from the week so you can quickly catch up on only the most interesting cyber news quickly.\u00a0<\/p>\n<\/blockquote>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>1. UK Government Moves to Replace SMS 2FA With Passkeys<\/strong><\/h2>\n\n\n\n<pre class=\"wp-block-verse\"><strong>Summary<\/strong><br><strong>The UK government is phasing out SMS-based two-factor authentication in favor of passkeys for logging into digital services. <\/strong>Passkeys use device-bound cryptographic keys and offer a far more secure and user-friendly alternative to passwords and SMS codes. The National Cyber Security Centre is backing the move, and the UK has formally joined the FIDO Alliance\u2014marking one of the most significant government adoptions of passwordless technology to date.<\/pre>\n\n\n\n<p><strong>Key Details<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Passkeys tie your identity to your device, eliminating the need for text codes or passwords altogether.<\/li>\n\n\n\n<li>The system uses asymmetric cryptography and is resistant to phishing, replay attacks, and SIM-swap fraud.<\/li>\n\n\n\n<li>The NCSC plans to mandate FIDO-compliant authentication across government platforms.<\/li>\n<\/ul>\n\n\n\n<p><strong>Next Steps<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Start preparing to support passkeys<\/strong>: If your organization integrates with GOV.UK or plans to, be ready to adopt the FIDO2 standard.<\/li>\n\n\n\n<li><strong>Audit SMS and password-based logins<\/strong> to find opportunities to phase out unsecure SMS 2FA for your services.<\/li>\n<\/ul>\n\n\n\n<p>Read more on <a href=\"https:\/\/www.ncsc.gov.uk\/news\/government-adopt-passkey-technology-digital-services\" target=\"_blank\" rel=\"noopener\">NCSC<\/a>, <a href=\"https:\/\/www.govinfosecurity.com\/uk-government-to-roll-out-passkeys-late-this-year-a-28348\" target=\"_blank\" rel=\"noopener\">Gov InfoSecurity<\/a>, and <a href=\"https:\/\/www.infosecurity-magazine.com\/news\/passkeys-govuk-accounts\/\" target=\"_blank\" rel=\"noopener\">Infosecurity Magazine<\/a><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>2. Google Launches Android \u2018Advanced Protection\u2019 Mode to Protect <strong>High-risk Users<\/strong><\/strong><\/h2>\n\n\n\n<pre class=\"wp-block-verse\"><strong>Summary<\/strong><br>Google is rolling out <strong>\u201cAdvanced Protection\u201d mode<\/strong> for <strong>Android 16<\/strong> to <strong>defend high-risk users\u2014like journalists and political targets<\/strong>\u2014against commercial spyware and mobile malware. Much like Apple\u2019s Lockdown Mode, this <strong>toggle enforces multiple protections at once, including disabling sideloading, blocking 2G networks and risky USB access, and logging any intrusion attempts for forensic review. <\/strong><\/pre>\n\n\n\n<p><strong>Key Details<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Intrusion Logging also creates an encrypted, tamper-proof log vault to aid in post-incident investigations a long-missing tool for mobile threat forensics.<\/li>\n\n\n\n<li>Optional integrations include scam detection in Google Phone, safe browsing in Chrome, and AI-powered call screening.<\/li>\n<\/ul>\n\n\n\n<p>Read more on <a href=\"https:\/\/www.securityweek.com\/google-ships-android-advanced-protection-mode-to-thwart-surveillance-spyware\/\" target=\"_blank\" rel=\"noopener\">SecurityWeek<\/a><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>3. Attackers Lace Fake Generative AI Tools With Malware<\/strong><\/h2>\n\n\n\n<pre class=\"wp-block-verse\"><strong>Summary<\/strong><br>Threat actors are capitalizing on the buzz around generative AI by <strong>distributing fake AI apps that install remote access tools and password stealers.<\/strong> Posing as cracked versions of tools like OpenAI or Sora, these lures are distributed via SEO-poisoned pages, fake GitHub repos, and social media, particularly targeting users looking for free or unofficial AI tools<strong>. Once installed, the malware gives attackers full access to the victim\u2019s system or browser data.<\/strong><\/pre>\n\n\n\n<p><strong>Next Steps<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Make AI tools officially available to employees to avoid shadow AI usage.<\/strong><\/li>\n\n\n\n<li><strong>Warn users against downloading AI tools from unofficial sources<\/strong>, especially if promoted as cracked or free versions.<\/li>\n<\/ul>\n\n\n\n<p>Read more on <a href=\"https:\/\/www.darkreading.com\/endpoint-security\/attackers-fake-generative-ai-tools-malware\" target=\"_blank\" rel=\"noopener\">Dark Reading<\/a><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>4. <strong>Malicious npm Package Uses Hidden Unicode to Pull Payloads via Google Calendar<\/strong><br><\/strong><\/h2>\n\n\n\n<pre class=\"wp-block-verse\"><strong>Summary<\/strong><br>A malicious npm package named <code><strong>os-info-checker-es6<\/strong><\/code> was found disguising itself as a system utility while secretly embedding a payload dropper using invisible Unicode characters. It contacts a Google Calendar event to retrieve a hidden Base64-encoded command, effectively using the calendar as a stealthy command-and-control (C2) channel. The campaign appears to be a proof-of-concept or a targeted attack, with several related packages suggesting coordinated distribution.<\/pre>\n\n\n\n<p><strong>Key Details<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>The malware uses Unicode &#8220;Private Use&#8221; characters to hide execution code within <code>preinstall.js<\/code>, evading static detection.<\/li>\n\n\n\n<li>It accesses a Google Calendar shortlink, extracts a Base64 C2 address from the event title, and contacts that server for further instructions.<\/li>\n\n\n\n<li>Three other suspicious packages\u2014<code>vue-dev-serverr<\/code>, <code>vue-dummyy<\/code>, and <code>vue-bit<\/code>\u2014also reference the malicious package.<\/li>\n<\/ul>\n\n\n\n<p><strong>Next Steps<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Immediately audit your dependency tree<\/strong> for <code>os-info-checker-es6<\/code> and its related packages.<\/li>\n<\/ul>\n\n\n\n<p>Read more on <a href=\"https:\/\/thehackernews.com\/2025\/05\/malicious-npm-package-leverages-unicode.html\" target=\"_blank\" rel=\"noopener\">The Hacker News<\/a><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>5. \u2018Kaleidoscope\u2019 Ad Fraud Network Infects 2.5 Million Devices Monthly<\/strong><\/h2>\n\n\n\n<pre class=\"wp-block-verse\"><strong>Summary<\/strong><br>Researchers have uncovered a massive ad fraud operation called \u201cKaleidoscope\u201d that is infecting more than 2.5 million devices each month via malvertising and fake browser extensions.<strong> Once installed, the malware simulates user activity like scrolling and clicking on ads in the background to generate ad revenue, while exfiltrating user data.<\/strong><\/pre>\n\n\n\n<p><strong>Key Details<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>The malware is delivered via Google Ads and sketchy downloads<\/strong> disguised as Chrome updates, VPNs, and video players.<\/li>\n\n\n\n<li>It hijacks browsers to<strong> load ads invisibly and track mouse movement and clicks, <\/strong>all while <strong>harvesting sensitive data<\/strong> like IP addresses and user agents.<\/li>\n\n\n\n<li>The network <strong>uses compromised developer accounts to publish browser extensions<\/strong> and avoid detection on the Chrome Web Store.<\/li>\n\n\n\n<li><strong>More than 71 million devices have been infected to date,<\/strong> making it one of the largest known ad fraud networks in recent memory.<\/li>\n<\/ul>\n\n\n\n<p><strong>Next Steps<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Check browser extension policies<\/strong>: Use Chrome\u2019s enterprise management tools to restrict or block unauthorized extensions, especially on devices logged in with managed profiles.<\/li>\n\n\n\n<li><strong>Audit for unmanaged profiles<\/strong>: Even with policies in place, users may switch to personal accounts evaluate whether to restrict using unmanaged (personal) Chrome profiles on work devices. <\/li>\n<\/ul>\n\n\n\n<p>Read more on <a href=\"https:\/\/risky.biz\/risky-bulletin-kaleidoscope-ad-fraud-network-infects-2-5mil-new-devices-each-month\/\" target=\"_blank\" rel=\"noopener\">Risky Business Media<\/a><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>6. Scatter Spider Group Who Hit UK Retailers by Coordinated Cyberattacks Now Targeting the U.<\/strong>S Retail as Well<\/h2>\n\n\n\n<pre class=\"wp-block-verse\"><strong>Summary<\/strong><br>A wave of cyberattacks has disrupted some of the UK\u2019s biggest retailers, with <strong>Marks &amp; Spencer <\/strong>confirming customer data theft and reportedly seeking up to \u00a3100 million in insurance coverage. The attacks, which also impacted the <strong>Co-op and Harrods,<\/strong> are suspected to be part of a larger campaign attributed to the Scattered Spider group.<strong> Google warns that this actor has now pivoted to targeting US retail as well. <\/strong><\/pre>\n\n\n\n<p><strong>Key Details<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>The attackers are known for using social engineering, SIM-swapping, and affiliate ransomware tools like DragonForce to infiltrate networks.<\/li>\n<\/ul>\n\n\n\n<p><strong>Next Steps<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Retail and supply chain organizations should revalidate business continuity plans<\/strong> <strong>and be at high alert<\/strong> <\/li>\n<\/ul>\n\n\n\n<p>Read more on <a href=\"https:\/\/therecord.media\/british-retailer-marks-spencer-insurance\" target=\"_blank\" rel=\"noopener\">The Record<\/a>, <a href=\"https:\/\/therecord.media\/scattered-spider-suspected-retail-hackers-google-alert\" target=\"_blank\" rel=\"noopener\">The Record<\/a>, and <a href=\"https:\/\/www.darkreading.com\/threat-intelligence\/marks-spencer-confirms-customer-data-stolen\" target=\"_blank\" rel=\"noopener\">Dark Reading<\/a><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>7. EU Launches European Vulnerability Database to Enhance Cybersecurity Autonomy<\/strong><\/h2>\n\n\n\n<pre class=\"wp-block-verse\"><strong>Summary<\/strong>\nThe European Union has officially launched the European Vulnerability Database (EUVD), developed by ENISA under the NIS2 Directive. Initiated in 2022, the EUVD aims to provide a centralized platform for publicly known ICT vulnerabilities, enhancing the EU's cybersecurity resilience and reducing reliance on external databases like the U.S.-based CVE system.<\/pre>\n\n\n\n<p><strong>Key Details<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Unlike existing systems, the EUVD integrates data from multiple sources, including CSIRTs, vendors, and other databases, and provides enriched, contextualized information tailored to the European cybersecurity landscape.<\/li>\n<\/ul>\n\n\n\n<p>See it in action: https:\/\/euvd.enisa.europa.eu\/<\/p>\n\n\n\n<p>Read more on <a href=\"https:\/\/euvd.enisa.europa.eu\/about\" target=\"_blank\" rel=\"noopener\">ENISA<\/a>, <a href=\"https:\/\/www.infosecurity-magazine.com\/news\/european-vulnerability-database-us\/\" target=\"_blank\" rel=\"noopener\">Infosecurity Magazine<\/a>, and <a href=\"https:\/\/www.heise.de\/en\/news\/After-the-impending-CVE-ban-EU-vulnerability-database-goes-live-10354564.html\" target=\"_blank\" rel=\"noopener\">Heise Online<\/a><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>8. AI-Generated Spam Flooding Bug Bounty Platforms With Fake Vulnerability Reports<\/strong><\/h2>\n\n\n\n<pre class=\"wp-block-verse\"><strong>Summary<\/strong><br>Bug bounty platforms are facing a <strong>surge of AI-generated vulnerability reports that waste researcher time,<\/strong> slow down triage teams, and in some cases closely mimic actual bugs found in open-source code. Researchers warn that generative AI is now being used to produce convincing\u2014but fake\u2014proof-of-concept code and vulnerability writeups, <strong>sometimes designed to trick programs into paying bounties for nonexistent flaws.<\/strong><\/pre>\n\n\n\n<p><strong>Key Details<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Some fake reports are partially copied from real bugs and altered just enough to appear novel, making them harder to detect.<\/li>\n\n\n\n<li>Platform operators are concerned about signal-to-noise ratio, especially as bounty hunters and scammers alike automate submissions.<\/li>\n<\/ul>\n\n\n\n<p><strong>Next Steps<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Enhance triage playbooks<\/strong>: Train reviewers to spot AI-generated signs like hallucinated CVEs or inconsistent technical logic.<\/li>\n\n\n\n<li><strong>Cross-reference submissions with known bugs and changelogs<\/strong> to detect slight repackaging of public vulnerabilities.<\/li>\n<\/ul>\n\n\n\n<p>Read more on <a href=\"https:\/\/www.404media.co\/ai-polluting-bug-bounty-platforms-fake-reports\/\" target=\"_blank\" rel=\"noopener\">404 Media<\/a><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>9. No-one&#8217;s Safe: LockBit Ransomware Gang Hacked<\/strong><\/h2>\n\n\n\n<pre class=\"wp-block-verse\"><strong>Summary<\/strong><br><strong>LockBit, once one of the most prolific ransomware-as-a-service (RaaS) gangs,<\/strong> has suffered another major blow: an unknown party breached its infrastructure and leaked the group\u2019s affiliate panel and internal communications. The 60,000-record SQL dump reveals affiliate chats, victim negotiations, affiliate identities, build configurations, and tactical insights\u2014offering defenders a rare look into the operational guts of a ransomware outfit just months after Operation Cronos had already disrupted it.<\/pre>\n\n\n\n<p><strong>Key Details<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>The leak includes Bitcoin wallet addresses, affiliate credentials, LockBit malware configurations, and <strong>over 4,000 chat logs between affiliates and victims.<\/strong><\/li>\n\n\n\n<li>Researchers <strong>discovered affiliate tactics such as killing backup services, removing domain admins,<\/strong> and preferring Monero over Bitcoin for anonymity and discounts.<\/li>\n\n\n\n<li><strong>The most active affiliates were targeting APAC,<\/strong> with ransom demands typically ranging from $4K to $150K, far less than LockBit\u2019s historic demands, signaling a decline in influence.<\/li>\n<\/ul>\n\n\n\n<p>Read more on <a href=\"https:\/\/www.darkreading.com\/threat-intelligence\/lockbit-ransomware-gang-hacked-data-leaked\" target=\"_blank\" rel=\"noopener\">Dark Reading<\/a><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>10. Flock Is Quietly Building a People Lookup Engine for Police<\/strong><\/h2>\n\n\n\n<pre class=\"wp-block-verse\"><strong>Summary<\/strong><br>Leaked documents reveal that Flock, the company behind 5,000+ license plate reader networks across the U.S., is developing a powerful new surveillance platform called \u201cNova.\u201d <strong>The tool combines license plate data with breached information, public records, and people search services to let police \u201cjump from plate to person\u201d<\/strong>\u2014and then to that person\u2019s broader network. <strong>Internal Slack messages show even Flock employees are questioning the ethics of this system.<\/strong><\/pre>\n\n\n\n<p><strong>Key Details<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Nova supports 20+ data sources, enabling cross-referencing of license plates with public and commercial identity datasets, including breached data.<\/li>\n\n\n\n<li>Some agencies are already using Nova in an \u201cearly access\u201d phase, without public oversight or known legal safeguards.<\/li>\n<\/ul>\n\n\n\n<p>Read more on <a href=\"https:\/\/www.404media.co\/license-plate-reader-company-flock-is-building-a-massive-people-lookup-tool-leak-shows\/\" target=\"_blank\" rel=\"noopener\">404 Media<\/a><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>11. 442% Increase in Voice Phishing Between the First and Second Halves of 2024<\/strong><\/h2>\n\n\n\n<pre class=\"wp-block-verse\"><strong>Summary<\/strong><br>As deepfake technology accelerates, attackers are using AI-generated voices and videos to impersonate trusted individuals in real time\u2014particularly in high-stakes virtual meetings and job interviews. T<strong>he scale and realism of these attacks has outpaced detection tools,<\/strong> with security researchers urging a shift from reactive deepfake detection to proactive identity verification using cryptographic proof and device compliance checks.<\/pre>\n\n\n\n<p><strong>Key Details<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>CrowdStrike observed a 442% increase in voice phishing <\/strong>between the first and second halves of 2024, largely driven by AI-generated impersonation.<\/li>\n\n\n\n<li>North Korean threat actors have been caught using deepfakes to infiltrate companies by impersonating IT job candidates on video calls.<\/li>\n\n\n\n<li><strong>Most deepfake defenses today rely on heuristics and facial analytics, which are often bypassed by high-quality synthetic media.<\/strong><\/li>\n<\/ul>\n\n\n\n<p>Read more on <a href=\"https:\/\/thehackernews.com\/2025\/05\/deepfake-defense-in-age-of-ai.html\" target=\"_blank\" rel=\"noopener\">The Hacker News<\/a><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>12. WhatsApp\u2019s &#8220;Private Processing&#8221; Tries to Balance AI Features With End-to-End Encryption<\/strong><\/h2>\n\n\n\n<pre class=\"wp-block-verse\"><strong>Summary<\/strong><br><strong>WhatsApp is introducing a system called \u201cPrivate Processing\u201d<\/strong> to power new AI features like message summarization without breaking its core promise of end-to-end encryption. Built on hardware-backed Trusted Execution Environments, <strong>the system processes user prompts in isolated cloud infrastructure that Meta says even it can\u2019t access. <\/strong>While researchers praise the design, others warn that shifting private chats closer to cloud AI inference makes them a high-value surveillance target, regardless of good intentions.<\/pre>\n\n\n\n<p><strong>Key Details<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>The system is opt-in,<\/strong> and a new \u201cAdvanced Chat Privacy\u201d control lets users block AI features in shared conversations.<\/li>\n<\/ul>\n\n\n\n<p><strong>Next Steps<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Understand what \u201cAI-safe\u201d really means<\/strong>: Private Processing is secure by design, but still moves encrypted interactions closer to inference engines that must be trusted.<\/li>\n\n\n\n<li><strong>Review opt-in defaults and user education<\/strong>: Organizations using WhatsApp for sensitive work should verify AI features are clearly explained and easy to disable<\/li>\n<\/ul>\n\n\n\n<p>Read more on <a href=\"https:\/\/www.wired.com\/story\/whatsapp-private-processing-generative-ai-security-risks\/\" target=\"_blank\" rel=\"noopener\">WIRED<\/a><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>13. Coca-Cola\u2019s AI-Powered Ad Shows Why We Need AI Use Policies by Getting Basic Facts Wrong<\/strong><\/h2>\n\n\n\n<pre class=\"wp-block-verse\"><strong>Summary<\/strong><br>Coca-Cola\u2019s new \u201cClassic\u201d <strong>ad campaign uses AI <\/strong>to celebrate famous authors by highlighting book excerpts that mention the brand\u2014except one <strong>ad attributed a quote to J.G. Ballard that he didn\u2019t write, from a book he didn\u2019t author, dated in a year that doesn\u2019t match. <\/strong><br><br><strong>This is another case that underscores the importance of having effective AI use policies in place <\/strong>as when not used responsibly the collateral damage to the organisations reputation can be substantial. This is already the second time Coca Cola has a similar issue with AI generated ads, last being just last christmas.<\/pre>\n\n\n\n<p><strong>Next Steps: <\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Review your AI use Policy templates or reference our <a href=\"https:\/\/kordon.app\/et\/policy-templates\/\" target=\"_blank\" rel=\"noopener\" title=\"Tasuta infoturbe poliitikate dokumendimallid - tasuta muudetavate mallide allalaadimine\">free and editable policy tempates <\/a>to create onw<\/li>\n<\/ul>\n\n\n\n<p>Read more on <a href=\"https:\/\/www.404media.co\/ai-powered-coca-cola-ad-celebrating-authors-gets-basic-facts-wrong\/\" target=\"_blank\" rel=\"noopener\">404 Media<\/a><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>","protected":false},"excerpt":{"rendered":"<p>Quick summaries of cybersecurity news from May 2025 worth your attention.<\/p>","protected":false},"author":1,"featured_media":19371,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[32,26],"tags":[],"class_list":["post-19366","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","category-blog"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/kordon.app\/et\/wp-json\/wp\/v2\/posts\/19366","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kordon.app\/et\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kordon.app\/et\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kordon.app\/et\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/kordon.app\/et\/wp-json\/wp\/v2\/comments?post=19366"}],"version-history":[{"count":10,"href":"https:\/\/kordon.app\/et\/wp-json\/wp\/v2\/posts\/19366\/revisions"}],"predecessor-version":[{"id":19377,"href":"https:\/\/kordon.app\/et\/wp-json\/wp\/v2\/posts\/19366\/revisions\/19377"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kordon.app\/et\/wp-json\/wp\/v2\/media\/19371"}],"wp:attachment":[{"href":"https:\/\/kordon.app\/et\/wp-json\/wp\/v2\/media?parent=19366"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kordon.app\/et\/wp-json\/wp\/v2\/categories?post=19366"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kordon.app\/et\/wp-json\/wp\/v2\/tags?post=19366"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}