![Think Like a Hacker with Wordfence show](https://d3dthqtvwic6y7.cloudfront.net/podcast-covers/000/093/948/small/think-like-a-hacker-with-wordfence.jpg)
Summary: A hosting provider exposed 63+ million customer records via an open elastic search database containing exposed username/password credentials for numerous WordPress, Magento and other sites. We also talk about the security updates in WordPress 5.5.2/5.5.3, about object injection vulnerabilities like the one discovered in the Welcart e-Commerce plugin, and how POP chain attacks work. And Google's Project Zero finds a high-severity vulnerability in GitHub Actions not fixed within the disclosure grace period.