{"id":767,"date":"2026-04-30T14:07:35","date_gmt":"2026-04-30T14:07:35","guid":{"rendered":"https:\/\/thedigitalfortress.us\/?p=767"},"modified":"2026-04-30T14:07:35","modified_gmt":"2026-04-30T14:07:35","slug":"sms-blaster-busts-openemr-flaws-600k-roblox-hacks-and-25-more-stories","status":"publish","type":"post","link":"https:\/\/thedigitalfortress.us\/?p=767","title":{"rendered":"SMS Blaster Busts, OpenEMR Flaws, 600K Roblox Hacks and 25 More Stories"},"content":{"rendered":"
\n

\ue804<\/i>Ravie Lakshmanan<\/span>\ue802<\/i>Apr 30, 2026<\/span><\/span>Hacking News \/ Cybersecurity News<\/span><\/p>\n<\/div>\n

\n
<\/a><\/div>\n

The internet is noisy this week. We are seeing some wild new tactics, like people using fake cell towers to send scam texts, while some developers are accidentally downloading tools that peek into their private files during a simple install. It is definitely a busy time to be online.<\/p>\n

Security is always a moving target. Millions of servers are currently sitting online without any passwords, and old software bugs are showing up in the most unexpected places. Even with the right fixes available, staying one step ahead is a full-time job for all of us.<\/p>\n

Data is shifting in strange ways, too. Some browser tools are now legally selling user history for profit, and new kits are making it simpler for almost anyone to launch a campaign. You have to see these latest updates to believe them. Let\u2019s look at the full list…<\/p>\n

\n
\n
    \n
  1. \n <\/p>\n
    \n SMS blaster phishing crackdown<\/span><\/p>\n

    \n Canadian authorities have arrested three men for operating an SMS blaster device that masquerades as a cellular tower to send phishing texts to nearby phones. These tools trick devices into connecting to them by emitting signals that mimic a legitimate tower. \u00abAn SMS blaster works by mimicking a legitimate cellular tower. When nearby phones connect to it, users receive fraudulent text messages that appear to come from trusted organizations,\u00bb authorities said<\/a>. \u00abThese messages often prompt recipients to click on links that lead to fake websites designed to capture personal information, including banking credentials and passwords.\u00bb The three men are facing 44 charges in connection with the crime. About tens of thousands of devices were connected to the blaster over several months, the official said. This is the first time that an SMS blaster has been spotted in the country.\n <\/p>\n<\/p><\/div>\n<\/li>\n

  2. \n <\/p>\n
    \n npm brandsquat data theft<\/span><\/p>\n

    \n A new supply chain attack has leveraged an npm package impersonating TanStack to ship malicious versions that exfiltrate environment variables from developers\u2019 machines during install. The package, named tanstack, is designed to \u00absilently steal environment variable files, including .env, .env.local, and .env.production, from developers’ machines at install time, exfiltrating them to an attacker-controlled endpoint,\u00bb Socket said<\/a>. The malicious package is maintained by a user named \u00absh20raj.\u00bb Versions 2.0.4 through 2.0.7 are confirmed malicious.\n <\/p>\n<\/p><\/div>\n<\/li>\n

  3. \n <\/p>\n
    \n Extensions legally sell user data<\/span><\/p>\n

    \n In a new analysis, LayerX found that multiple networks of browser extensions collect user data and resell it for profit. Unlike malicious extensions that conceal their behavior by offering some harmless functionality, the identified 80 extensions explicitly inform users in their privacy policy that they collect and sell data of users who install their extensions. \u00abA network of 24 media extensions that are installed on 800,000 users and collect viewing data and demographic information on major streaming platforms such as Netflix, Hulu, Disney+, Amazon Prime Video, HBO, Apple TV, and others,\u00bb LayerX said<\/a>. \u00ab12 separate ad blockers with a combined install base of over 5.5 million users openly selling user data. Nearly 50 other extensions, with over 100,000 users in aggregate, that collected and resold users\u2019 browsing data.\u00bb\n <\/p>\n<\/p><\/div>\n<\/li>\n

  4. \n <\/p>\n
    \n Komari tool weaponized in attacks<\/span><\/p>\n

    \n Huntress has revealed that unknown threat actors used stolen VPN credentials to pivot into a Windows workstation belonging to an unspecified organization via Impacket’s smbexec.py, and dropped a SYSTEM-level backdoor using the Komari<\/a> agent, a Go-based remote-control, monitoring, and management tool. The development marks the first publicly documented case of the tool being abused in a real-world intrusion. It also illustrates how bad actors are increasingly switching to publicly available and legitimate tools to conduct attacks. \u00abKomari is not a telemetry tool that happens to be abusable – it is a bidirectional control channel by design. The agent opens a persistent WebSocket to its server and accepts three server-to-agent event types out of the box: exec (arbitrary command execution via PowerShell \/ sh), terminal (interactive PTY reverse shell in the operator’s browser), and ping (ICMP \/ TCP \/ HTTP probing),\u00bb Huntress said<\/a>. \u00abAll three are enabled by default.\u00bb Whereas other tools like Velociraptor and SimpleHelp that have been abused by threat actors typically act as means to an end, Komari gives an operator arbitrary command execution, an interactive PTY reverse shell, and network probing by default, over a TLS-fronted WebSocket.\n <\/p>\n<\/p><\/div>\n<\/li>\n

  5. \n <\/p>\n
    \n Next-gen phishing kits escalate<\/span><\/p>\n

    \n Threat actors have detailed two new phishing kits named Saiga 2FA and Phoenix System that have been linked to emails and SMS phishing attacks. According to Barracuda, Saiga 2FA goes beyond traditional adversary-in-the-middle (AitM) features by integrating tools like FM Scanner for extracting and analyzing mailbox content. \u00abSaiga 2FA is an example of how phishing kits are evolving into application-level platforms,\u00bb the company said<\/a>. \u00abUnlike traditional phishing kits, Saiga integrates infrastructure, automation, and post-compromise capabilities into a unified system, supporting advanced and highly targeted campaigns.\u00bb Phoenix System, on the other hand, has been tied to over 2,500 phishing domains since January 2025, while relying on IP-based filtering and geofencing for precision targeting. It’s assessed to be the successor to the now-defunct Mouse System. \u00abThe campaigns are delivered via SMS, potentially leveraging fake Base Transceiver Stations (BTS) to bypass carrier-level filtering and allow threat actors to send messages that appear under the brand names of trusted organizations directly to victims,\u00bb Group-IB said<\/a>. \u00abThe campaign has so far targeted more than 70 organizations across the financial services, telecommunications, and logistics sectors globally.\u00bb\n <\/p>\n<\/p><\/div>\n<\/li>\n

  6. \n <\/p>\n
    \n Mass exposure of remote access servers<\/span><\/p>\n

    \n A new analysis from Forescout has found 1.8 million RDP and 1.6 million VNC servers are exposed on the internet. \u00abChina accounts for 22% of exposed RDP and 70% of exposed VNC servers; the U.S. accounts for 20% and 7%; Germany accounts for 8% and 2%,\u00bb the company said<\/a>. \u00abOf 91,000 RDP and 29,000 VNC servers mapped to specific industries, retail, services, and education lead RDP exposure; education, services, and healthcare lead VNC.\u00bb What’s more, 18% of exposed RDP servers run end-of-life Windows versions, more than 19,000 RDP servers remain vulnerable to BlueKeep (CVE-2019-0708), and nearly 60,000 VNC servers have authentication disabled. To make matters worse, more than 670 exposed VNC servers have authentication disabled and provide direct access to OT\/ICS control panels.\n <\/p>\n<\/p><\/div>\n<\/li>\n

  7. \n <\/p>\n
    \n China-linked influence op falters<\/span><\/p>\n

    \n A China-linked online influence campaign attempted to undermine April 26 elections for the Tibetan parliament-in-exile with little impact. The operation, part of Spamouflage, a long-running influence network linked to Beijing, has used a cluster of 90 Facebook profiles and 13 Instagram profiles to push criticism of the Tibetan government-in-exile and its leadership. \u00abThe network tries to drive wedges within the community,\u00bb DFRLab said<\/a>. \u00abThe goal is to erode trust in the exile government, weaken its international voice, and raise doubts about whether it can credibly represent Tibetans without the Dalai Lama. However, virtually none of these posts seem to have attracted any organic engagement, possibly because all the identified assets are regular Facebook profiles with limited reach and not established pages.\u00bb\n <\/p>\n<\/p><\/div>\n<\/li>\n

  8. \n <\/p>\n
    \n Unpatched RPC privilege escalation<\/span><\/p>\n

    \n An unpatched vulnerability can allow for local privilege escalation in Windows systems through the abuse of the Remote Procedure Call (RPC) architecture in the operating system. Called PhantomRPC<\/a>, the flaw stems from an architectural weakness in how RPC handles connections to unavailable services. To exploit the flaw<\/a>, an attacker with limited local access needs to first compromise a privileged service that runs under the Network Service identity, deploy a fake RPC server with the same RPC interface UUID and exposed endpoint name (i.e., TermService), listen to specific requests, and then impersonate the targeted service to escalate their privileges to SYSTEM. Kaspersky, which identified the weakness, said it discovered four PhantomRPC exploitation paths that could lead to privilege escalation. Following responsible disclosure in September 2025, Microsoft opted to not address the issue as it requires an attacker to first compromise the machine through some other means.\n <\/p>\n<\/p><\/div>\n<\/li>\n

  9. \n <\/p>\n
    \n Vidar dominates infostealer market<\/span><\/p>\n

    \n The information stealer known as Vidar (now in its second iteration called Vidar Stealer 2.0<\/a>) has vaulted to the top of the infostealer market since November 2025 in the aftermath of law enforcement takedowns of Lumma and Rhadamanthys. \u00abVidar profited from the generated chaos to rise to the top of the stealer ecosystem,\u00bb Intrinsec said<\/a>. \u00abWe assess that this rise was made available due to the release of version 2.0 of the malware, and to the collaboration with ‘Cloud’ Telegram channels.\u00bb It’s advertised by a user named \u00abLoadbaks\u00bb on underground forums. Recent campaigns have been observed distributing malware that has used bogus links shared via YouTube videos promoting fake software to direct users to Mediafire pages, which are used to deliver executables responsible for downloading and running the broad-spectrum credential harvester. The stolen credentials are then quickly monetized on underground marketplaces like Russian Market.\n <\/p>\n<\/p><\/div>\n<\/li>\n

  10. \n <\/p>\n
    \n Critical flaws hit healthcare platform<\/span><\/p>\n

    \n Thirty-eight critical security vulnerabilities have been disclosed in OpenEMR, the world’s most widely used open-source electronic medical records platform. The vulnerabilities, now patched, range in severity from medium to critical and include missing or incorrect authorization checks, cross-site scripting (XSS), SQL injection, path traversal, and insufficient session expiration. These issues, which include two designated critical (CVE-2026-24908 and CVE-2026-23627), could have been exploited to access and tamper with patient and provider data, posing a serious health and regulatory risk to individuals and institutions. \u00abIn the most severe cases, SQL injection vulnerabilities combined with modest database privileges could have led to full database compromise, PHI exfiltration at scale, and remote code execution on the server,\u00bb AISLE said<\/a>. OpenEMR is used by more than 100,000 medical providers, serving more than 200 million patients in 34 languages.\n <\/p>\n<\/p><\/div>\n<\/li>\n

  11. \n <\/p>\n
    \n Swiss crackdown on Black Axe<\/span><\/p>\n

    \n A coordinated police operation in Switzerland has led to the arrest of 10 suspected members of the Black Axe criminal network, including the Black Axe \u00abRegional Head\u00bb for the Southern European region. Most of those arrested are reported to be of Nigerian origin. The suspects are accused of numerous crimes, including romance scams, cyber fraud offences causing millions of Swiss francs in damages, and money laundering. \u00abThe criminal network is known for its involvement in a wide range of criminal activities, including cyber-enabled fraud, drug trafficking, human trafficking and prostitution, kidnapping, armed robbery, and fraudulent spiritual practices,\u00bb Europol said<\/a>.\n <\/p>\n<\/p><\/div>\n<\/li>\n

  12. \n <\/p>\n
    \n PyPI package hijacked via CI exploit<\/span><\/p>\n

    \n In yet another software supply chain attack, unknown threat actors pushed a malicious version of the popular \u00abelementary-data\u00bb package on the Python Package Index (PyPI) to steal sensitive developer data and cryptocurrency wallets. According to StepSecurity, elementary-data version 0.23.3 was uploaded to PyPI on April 24, 2026, at 10:20 p.m. UTC. The attacker opened a pull request with malicious code and exploited a script-injection vulnerability in one of its GitHub Actions workflows to publish it as release 0.23.3. Specifically, it came embedded with a \u00abelementary.pth\u00bb file that enabled the theft of developer credentials and secrets. \u00abThe attacker exploited a script injection vulnerability in one of the project’s own GitHub Actions workflows, then used the workflow’s GITHUB_TOKEN to forge a signed release commit and dispatch the legitimate publishing pipeline against it \u2013 without ever touching the master branch or opening a pull request,\u00bb the company said<\/a>. The developers urged users who installed 0.23.3, or pulled and ran its Docker image, to assume compromise and rotate any credentials<\/a>.\n <\/p>\n<\/p><\/div>\n<\/li>\n

  13. \n <\/p>\n
    \n $230M crypto laundering sentence<\/span><\/p>\n

    \n 22-year-old Evan Tangeman of Newport Beach, California, was sentenced to 70 months in prison for laundering funds stolen in a massive $230 million cryptocurrency heist<\/a> as part of an elaborate social engineering scheme. \u00abThis criminal enterprise was built on greed so brazen it borders on the cartoonish. They stole millions, spent it on half-million-dollar nightclub tabs, Lamborghinis, and Rolexes,\u00bb said<\/a> U.S. Attorney Jeanine Ferris Pirro. \u00abBut Evan Tangeman didn’t just launder the money that fueled that lifestyle. When his co-conspirators were arrested, he moved to destroy the evidence. That is consciousness of guilt, and this office and the court have treated that accordingly.\u00bb Tangeman pleaded guilty in December 2025. The criminal enterprise began no later than October 2023 and continued through at least May 2025.\n <\/p>\n<\/p><\/div>\n<\/li>\n

  14. \n <\/p>\n
    \n Legacy TLS finally deprecated<\/span><\/p>\n

    \n Microsoft has announced plans to start blocking legacy TLS connections for POP and IMAP email clients in Exchange Online starting in July 2026. \u00abWe’re planning to fully deprecate support for legacy TLS versions (TLS 1.0 and TLS 1.1) for POP3 and IMAP4 connections to Exchange Online. These older TLS versions have been industry-deprecated for some time and are no longer considered secure,\u00bb the company said<\/a>. \u00abSeveral years ago, we started the move to block these older versions, but we did allow you to use them by opting in; we’re now removing support for them entirely. Our expectation is that only customers who have explicitly opted into using those legacy endpoints are impacted by the deprecation.\u00bb\n <\/p>\n<\/p><\/div>\n<\/li>\n

  15. \n <\/p>\n
    \n Phishing via account flow abuse<\/span><\/p>\n

    \n Threat actors are abusing<\/a> online trading platform Robinhood’s account creation process to send phishing emails that bypass spam filters. The emails, which originate from \u00abnoreply@robinhood[.]com,\u00bb warn of suspicious activity tied to their accounts and urge them to click to complete a security check by clicking on a link that directs to a phishing site. \u00abThis phishing attempt was made possible by an abuse of the account creation flow,\u00bb Robinhood said<\/a> in an X post. \u00abIt was not a breach of our systems or customer accounts, and personal information and funds were not impacted. If you received this email, please delete it and do not click any suspicious links. If you have clicked a suspicious link or have any questions about your account, please contact us directly within the Robinhood app or website.\u00bb Reports on Reddit indicate<\/a> that the attackers created new Robinhood accounts using modified versions of existing Gmail addresses via the so-called \u00abdot trick.\u00bb The technique takes advantage of the fact that Gmail ignores periods inserted into or removed from a username, whereas Robinhood treats each variation as a distinct user, allowing the attackers to create a new account that points to an existing account.\n <\/p>\n<\/p><\/div>\n<\/li>\n

  16. \n <\/p>\n
    \n Social media scams surge<\/span><\/p>\n

    \n The U.S. Federal Trade Commission (FTC) warned of a massive increase in losses from social media scams since 2020, exceeding $2.1 billion in 2025, including $794 million to scams that started on Facebook, more than on any other platform. \u00abIn 2025, nearly 30% of people who reported losing money to a scam said that it started on social media, with reported losses reaching a staggering $2.1 billion. Social media scams produced far more in losses \u2013 an eightfold increase since 2020 \u2013 than any other contact method used by scammers to reach consumers,\u00bb the FTC said<\/a>. \u00abSocial media creates easy access to billions of people from anywhere in the world, making a scammer’s job easier at very little cost. Scammers may hack a user’s account, exploit what a user posts to figure out how to target them, or buy ads and use the same tools used by real businesses to target people by age, interests, or shopping habits.\u00bb\n <\/p>\n<\/p><\/div>\n<\/li>\n

  17. \n <\/p>\n
    \n Billions of credentials exposed<\/span><\/p>\n

    \n KELA said<\/a> it tracked 2.86 billion compromised credentials in 2025 globally. These included usernames, passwords, session tokens, cookies found in URL, login and password (ULP) lists, breached email repositories, and cybercrime marketplaces. At least 347 million were originally obtained by infostealers found on around 3.9 million infected machines.\n <\/p>\n<\/p><\/div>\n<\/li>\n

  18. \n <\/p>\n
    \n arXiv papers leak sensitive data<\/span><\/p>\n

    \n An analysis of 2.7 million submissions to the arXiv preprint service — which also makes available the LaTeX sources and other files used to create them — has found that they include unnecessary files, expose metadata embedded in files (usernames, email addresses, hardware details, GPS information, software versions), and leak irrelevant content in files such as source code comments. This includes backups, hidden .nfs files, Git repositories (including editing histories), andconfiguration files containing API keys. \u00abApart from unused template files that put unnecessary storage burden on arXiv, we further discovered scripts, research data, and even entire Git repositories. Additionally, comments in LaTeX sources reveal, e.g., author conversations or todo items \u2013 for some of those comments, we are certain that the authors did not intend to disclose them publicly. Alarmingly, our findings also include URLs without any access restrictions to other resources (e.g., Google Docs), security tokens, and private keys,\u00bb the study said<\/a>. While arXiv recommends Google’s arxiv_latex_cleaner<\/a> to clean the LaTeX code, the researchers have released a tool called ALC-NG to comprehensively remove files, metadata, and comments that are not needed to compile a LaTeX paper.\n <\/p>\n<\/p><\/div>\n<\/li>\n

  19. \n <\/p>\n
    \n Roblox account hacking ring busted<\/span><\/p>\n

    \n The Ukrainian police have arrested<\/a> three individuals who hacked more than 610,000 Roblox gaming accounts and sold them for a profit of $225,000 on Russian websites. The suspects face up to 15 years in prison if convicted and have been placed in pretrial detention while the investigation is in progress. The scheme was allegedly masterminded<\/a> by a 19-year-old resident of Drohobych, Lviv Oblast, who met his accomplices, aged 21 and 22, on gaming forums last year. From October 2025 to January 2026, the suspects are believed to have accessed more than 600,000 Roblox user accounts.\n <\/p>\n<\/p><\/div>\n<\/li>\n

  20. \n <\/p>\n
    \n Iran-linked group targets troops<\/span><\/p>\n

    \n The Iran-linked<\/a> threat actor Handala Hack has targeted U.S. troops in Bahrain in an influence campaign carried out via WhatsApp, according to Stars and Stripes<\/a>. The messages, signed Handala and containing a link to the group\u2019s website, claimed the service members were under surveillance and soon to be targeted with drones and missiles. \u00abYour identities are fully known to our missile units, and every move you make is under our surveillance. Very soon, you will be targeted by our Shahed drones and Kheibar and Ghadeer missiles,\u00bb the message sent on April 28, 2026, read.\n <\/p>\n<\/p><\/div>\n<\/li>\n

  21. \n <\/p>\n
    \n Record surge in privacy fines<\/span><\/p>\n

    \n U.S. states issued $3.45 billion in privacy-related fines to companies in 2025, a total larger than the last five years combined, per Gartner. \u00abRegulators are also shifting their efforts away from spreading awareness to full-scale enforcement,\u00bb the company said<\/a>. \u00abThis is increasingly becoming the standard in 2026 and beyond.\u00bb\n <\/p>\n<\/p><\/div>\n<\/li>\n

  22. \n <\/p>\n
    \n WordPress plugin backdoor uncovered<\/span><\/p>\n

    \n Anchor Hosting has revealed<\/a> that a WordPress plugin named Quick Page\/Post Redirect<\/a>\u00a0plugin, which has over 70,000 installs, was compromised with a backdoor that enables injecting arbitrary code into users’ sites. Plugin versions 5.2.1 and 5.2.2, released between 2020 and 2021, have been found to include a covert self-update mechanism that reaches out to a third-party domain, anadnet[.]com, to facilitate the execution of arbitrary code. It’s worth noting that the passive backdoor triggers only for logged-out users to hide its activity from site administrators. As of April 16, the plugin has been closed temporarily pending a full review.\n <\/p>\n<\/p><\/div>\n<\/li>\n

  23. \n <\/p>\n
    \n Qinglong flaws abused for mining<\/span><\/p>\n

    \n Hackers are exploiting two authentication bypass vulnerabilities in Qinglong<\/a>, an open-source timed task management platform with over 19,500 GitHub stars, to deploy cryptocurrency miners. The two flaws \u2013 CVE-2026-3965<\/a> and CVE-2026-4047<\/a> \u2013 enable authentication bypass that results in remote code execution. \u00abWhile these vulnerabilities were formally reported on February 27, exploitation had already been underway for weeks,\u00bb Snyk said<\/a>. \u00abStarting around February 7-8, 2026, Qinglong users began opening issues<\/a> about a hidden process called .fullgc consuming 85-100% of their CPU. The .fullgc filename may have been chosen to blend in with legitimate processes. In Java\/JVM environments, ‘Full GC’ (Full Garbage Collection) is a known source of CPU spikes, which could delay an administrator’s investigation.\u00bb The issues have since been addressed in #PR 2941<\/a>.\n <\/p>\n<\/p><\/div>\n<\/li>\n

  24. \n <\/p>\n
    \n Trivy hack enabled repo breach<\/span><\/p>\n

    \n In a new update shared this week, Checkmarx said<\/a> its investigation into the cybersecurity incident has revealed the TeamPCP attack affecting the Trivy scanner is the \u00ablikely vector that enabled the attackers to obtain credentials and to gain unauthorized access to our GitHub repositories.\u00bb This, in turn, allowed the attackers to interact with Checkmarx’s GitHub environment and publish malicious code to certain artifacts. The development comes as the company acknowledged that data stolen from the GitHub repository was published on the dark web by a cybercrime group known as LAPSUS$.\n <\/p>\n<\/p><\/div>\n<\/li>\n

  25. \n <\/p>\n
    \n npm stealer tied to DPRK group<\/span><\/p>\n

    \n The North Korean threat actor known as Famous Chollima has been attributed to the npm package named js-logger-pack that comes embedded with a WebSocket stealer that’s triggered via a postinstall hook. \u00abThe payload is a long-running WebSocket agent that: installs the attacker’s RSA key into ~\/.ssh\/authorized_keys on Linux; exfiltrates Telegram Desktop tdata sessions; drains credentials from 27 crypto wallets and Chromium-family browsers; steals .npmrc, cloud provider tokens, and shell history; and runs a native keylogger on Windows, macOS, and Linux with autostart persistence on all three,\u00bb SafeDep said<\/a>.\n <\/p>\n<\/p><\/div>\n<\/li>\n<\/ol>\n<\/section>\n<\/div>\n

    Security is a team sport. We keep seeing the same gaps because we focus on the new shiny toys while the basics, like simple passwords and old software versions, fall through the cracks. It is clear that just having a patch isn’t enough if nobody actually installs it.<\/p>\n

    The best lesson here is to stay curious and cautious. Whether it is a weird text from a \u00abtrusted\u00bb source or a new tool that seems too good to be true, taking a second to verify can save a lot of trouble later. Let’s keep learning and stay sharp until the next update!<\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"

    \ue804Ravie Lakshmanan\ue802Apr 30, 2026Hacking News \/ Cybersecurity News The internet is noisy this week. We are seeing some wild new tactics, like people using fake cell towers to send scam…<\/p>\n","protected":false},"author":1,"featured_media":768,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[1479,1476,1477,11,856,1478,1480,1416,187],"class_list":["post-767","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized","tag-600k","tag-blaster","tag-busts","tag-flaws","tag-hacks","tag-openemr","tag-roblox","tag-sms","tag-stories"],"_links":{"self":[{"href":"https:\/\/thedigitalfortress.us\/index.php?rest_route=\/wp\/v2\/posts\/767","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/thedigitalfortress.us\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/thedigitalfortress.us\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/thedigitalfortress.us\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/thedigitalfortress.us\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=767"}],"version-history":[{"count":0,"href":"https:\/\/thedigitalfortress.us\/index.php?rest_route=\/wp\/v2\/posts\/767\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/thedigitalfortress.us\/index.php?rest_route=\/wp\/v2\/media\/768"}],"wp:attachment":[{"href":"https:\/\/thedigitalfortress.us\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=767"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/thedigitalfortress.us\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=767"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/thedigitalfortress.us\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=767"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}