{"id":35831,"date":"2026-04-26T11:50:48","date_gmt":"2026-04-26T18:50:48","guid":{"rendered":"https:\/\/www.podfeet.com\/blog\/?p=35831"},"modified":"2026-04-26T11:52:06","modified_gmt":"2026-04-26T18:52:06","slug":"sb-2026-04-26","status":"publish","type":"post","link":"https:\/\/www.podfeet.com\/blog\/2026\/04\/sb-2026-04-26\/","title":{"rendered":"Security Bits \u2014 26 April 2026"},"content":{"rendered":"<h2>Feedback &amp; Followups<\/h2>\n<aside class=\"small-aside\">Listener and community feedback, developments in recently covered stories, and developments in long-running stories we&#8217;re tracking over time.<\/aside>\n<ul>\n<li><a href=\"https:\/\/cyberinsider.com\/mozilla-says-claudes-mythos-ai-helped-uncover-271-flaws-in-firefox\/\">Mozilla says Claude\u2019s Mythos AI helped uncover 271 flaws in Firefox \u2014 cyberinsider.com\/\u2026<\/a>\n<ul>\n<li><strong>Related:<\/strong> <a href=\"https:\/\/www.macobserver.com\/news\/openai-releases-gpt-5-4-cyber-to-help-with-defensive-security\/\">OpenAI Releases GPT 5.4 Cyber to Help with Defensive Security \u2014 www.macobserver.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>\ud83c\uddfa\ud83c\uddf8 <a href=\"https:\/\/appleinsider.com\/articles\/26\/04\/15\/fcc-hands-netgear-an-effective-monopoly-on-router-sale-in-the-us\">FCC Hands Netgear an Effective Monopoly on Router Sale in the US \u2014 appleinsider.com\/\u2026<\/a> (no cybersecurity justification)<\/li>\n<li>As expected: <a href=\"https:\/\/www.bleepingcomputer.com\/news\/microsoft\/microsoft-rolls-out-fast-track-to-reinstate-windows-hardware-dev-accounts\/\">Microsoft rolls out fast-track to reinstate Windows hardware dev accounts \u2014 www.bleepingcomputer.com\/\u2026<\/a> (WireGuard, VeraCrypt, etc.)<\/li>\n<li>\ud83c\uddfa\ud83c\uddf8 A preliminary court ruling has enjoined Apple &amp; Google from obeying government orders to remove ICE blocking apps, but it&#8217;s not clear if this will have any real-world effect \u2014 <a href=\"https:\/\/appleinsider.com\/articles\/26\/04\/18\/ice-monitoring-app-takedowns-violated-the-first-amendment\">appleinsider.com\/\u2026<\/a><\/li>\n<li>\ud83c\uddee\ud83c\uddf3 India has backed down from its plan to force cellphone manufacturers to preinstall a government app with significant privacy concerns \u2014 <a href=\"https:\/\/appleinsider.com\/articles\/26\/04\/17\/india-wont-force-apple-to-preinstall-its-state-run-app-on-iphone-after-all\">appleinsider.com\/\u2026<\/a> (initial announcement a few months ago, pulled back for &#8216;review&#8217;, now killed)<\/li>\n<\/ul>\n<h2>\u2757 Action Alerts<\/h2>\n<aside class=\"small-aside\">Calls to action, if any stories in this section are relevant to you, there is some action you should take.<\/aside>\n<ul>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/microsoft\/microsoft-april-2026-patch-tuesday-fixes-167-flaws-2-zero-days\/\">Microsoft April 2026 Patch Tuesday fixes 167 flaws, 2 zero-days \u2014 www.bleepingcomputer.com\/\u2026<\/a> &amp; <a href=\"https:\/\/krebsonsecurity.com\/2026\/04\/patch-tuesday-april-2026-edition\/\">krebsonsecurity.com\/\u2026<\/a>\n<ul>\n<li>Don&#8217;t forget to patch Office, very important for Word &amp; Excel this time!<\/li>\n<\/ul>\n<\/li>\n<li><a href=\"https:\/\/appleinsider.com\/articles\/26\/04\/22\/bug-fix-updates-for-ios-2642-ipados-2642-are-out-now\">Bug Fix Updates for iOS 26.4.2 iPadOS 26.4.2 Are Out Now \u2014 appleinsider.com\/\u2026<\/a> (including security fixes)<\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/new-pack2theroot-flaw-gives-hackers-root-linux-access\/\">New \u2018Pack2TheRoot\u2019 flaw gives hackers root Linux access \u2014 www.bleepingcomputer.com\/\u2026<\/a> (Affects Ubuntu &amp; Fedora among others)<\/li>\n<li>Be sure to patch Firefox: <a href=\"https:\/\/cyberinsider.com\/firefox-flaw-enables-cross-site-tracking-undermines-tor-browser-defenses\/\">Firefox flaw enables cross-site tracking, undermines Tor Browser defenses \u2014 cyberinsider.com\/\u2026<\/a> (patched)<\/li>\n<\/ul>\n<h2>Worthy Warnings<\/h2>\n<aside class=\"small-aside\">Potentially relevant warnings from government organisations, public interest groups, or the security community.<\/aside>\n<ul>\n<li>A timely reminder to responsibly recycle obsolete routers: <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/new-mirai-campaign-exploits-rce-flaw-in-eol-d-link-routers\/\">New Mirai campaign exploits RCE flaw in EoL D-Link routers \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<li>\u26a0\ufe0f <strong>Apple Users:<\/strong> <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/apple-account-change-alerts-abused-to-send-phishing-emails\/\">Apple account change alerts abused to send phishing emails \u2014 www.bleepingcomputer.com\/\u2026<\/a>\n<ul>\n<li><em>\u201cTo conduct the attack, the threat actor creates an Apple ID and inserts the phishing message into the account&#8217;s personal information fields, splitting the text across the first and last name fields.\u201d<\/em><\/li>\n<li>This means the emails will be weirdly formatted!<\/li>\n<li>Apple should limit the length of these fields to stop entire phishing messages from fitting into them.<\/li>\n<\/ul>\n<\/li>\n<li>\u26a0\ufe0f <strong>AppStore Users:<\/strong> timely reminders that none of the app stores are free from abuse:\n<ul>\n<li><a href=\"https:\/\/www.macobserver.com\/news\/fake-developers-are-running-a-chatgpt-scam-on-the-mac-app-store\/\">Fake Developers Are Running a ChatGPT Scam on the Mac App Store \u2014 www.macobserver.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/cyberinsider.com\/67-of-android-apps-log-data-not-mentioned-in-their-privacy-policies\/\">67% of Android apps log data not mentioned in their privacy policies \u2014 cyberinsider.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>Something to consider before using X&#8217;s new messaging app: <a href=\"https:\/\/cyberinsider.com\/xchat-launches-standalone-ios-app-as-security-concerns-remain\/\">XChat launches standalone iOS app as security concerns remain \u2014 cyberinsider.com\/\u2026<\/a><\/li>\n<li>\u26a0\ufe0f <strong>Hallmark, McGraw Hill, &amp; Amtrak Users:<\/strong> three corporations have suffered data breaches that contain physical addresses, have not been transparent with their users, but the data sets have been uploaded to <a href=\"https:\/\/haveibeenpwned.com\/\">Have-I-Been-Pwned<\/a>:\n<ul>\n<li><a href=\"https:\/\/cyberinsider.com\/hallmark-data-breach-exposed-information-of-1-7-million-accounts\/\">Hallmark data breach exposed information of 1.7 million accounts \u2014 cyberinsider.com\/\u2026<\/a><\/li>\n<li>Breach details \u2014 <a href=\"https:\/\/haveibeenpwned.com\/Breach\/Hallmark\">Have-I-Been-Pwned<\/a><\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/data-breach-at-edtech-giant-mcgraw-hill-affects-135-million-accounts\/\">Data breach at edtech giant McGraw Hill affects 13.5 million accounts \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<li>Breach details \u2014 <a href=\"https:\/\/haveibeenpwned.com\/Breach\/McGrawHill\">haveibeenpwned.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/cyberinsider.com\/amtrak-data-breach-exposed-information-of-2-1-million-accounts\/\">Amtrak data breach exposed information of 2.1 million accounts \u2014 cyberinsider.com\/\u2026<\/a><\/li>\n<li>Breach Details \u2014 <a href=\"https:\/\/haveibeenpwned.com\/Breach\/Amtrak\">haveibeenpwned.com\/\u2026<\/a><\/li>\n<li>Biggest risk is targeted phishing, but extra potent threat due to <strong>physical addresses<\/strong> matching the digital details<\/li>\n<\/ul>\n<\/li>\n<li>\u26a0\ufe0f <strong>Notion Users with Public Pages:<\/strong> <a href=\"https:\/\/cyberinsider.com\/notion-pages-have-leaked-user-data-via-an-unauthenticated-api-since-2022\/\">Notion pages have leaked user data via an unauthenticated API since 2022 \u2014 cyberinsider.com\/\u2026<\/a> (related to just one feature that I&#8217;m not sure is used by many NosillaCastaways?) <strong>Allison and Jill both use this!<\/strong><\/li>\n<li>\u26a0\ufe0f <strong>Obsidian Users:<\/strong> don&#8217;t open vaults shared by people you don&#8217;t know you can trust \u2013 <a href=\"https:\/\/thehackernews.com\/2026\/04\/obsidian-plugin-abuse-delivers.html\">Obsidian Plugin Abuse DeliversPHANTOMPULSE RAT in Targeted Finance, Crypto Attacks \u2014 thehackernews.com\/\u2026<\/a> (social engineering, not vulnerability)<\/li>\n<li>\u26a0\ufe0f <strong>Carnival Cruise Customers:<\/strong> unconfirmed reports of a data breach that could be especially dangerous for customers with up-coming cruises booked \u2014 <a href=\"https:\/\/cyberinsider.com\/carnival-corporation-probes-data-breach-after-claims-of-8-7m-records-theft\/\">cyberinsider.com\/\u2026<\/a><\/li>\n<li>\u26a0\ufe0f <strong>Fiverr Users:<\/strong> <a href=\"https:\/\/cyberinsider.com\/fiverr-exposes-sensitive-data-via-public-urls-indexed-by-google\/\">Fiverr exposes sensitive data via public URLs indexed by Google \u2014 cyberinsider.com\/\u2026<\/a> (no response from the company \ud83d\ude41)<\/li>\n<li><strong>Bitwarden CLI Users:<\/strong> <a href=\"https:\/\/cyberinsider.com\/bitwarden-cli-backdoored-in-checkmarx-supply-chain-attack\/\">Bitwarden CLI backdoored in Checkmarx supply chain attack \u2014 cyberinsider.com\/\u2026<\/a> (only relevant if you installed the optional extra CLI app)\n<ul>\n<li>No patch yet, so <strong>stop using the CLI for now<\/strong>!<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>Notable News<\/h2>\n<ul>\n<li>\ud83c\uddea\ud83c\uddfa <a href=\"https:\/\/cyberinsider.com\/eus-official-age-verification-app-found-exposing-sensitive-user-data\/\">The EU have started public testing of the privacy-preserving age verification service<\/a>\n<ul>\n<li>Conceptually sound, based on solid cryptographic concepts that ensure the site gets a verifiable assertion that the user is over the required age, but no other information about them<\/li>\n<li>The technical implementation is off to a rough start \u2014 lots more work to be done!<\/li>\n<li>This was a beta release designed to open the app to testing before a real release, so this is the process working as it should, but, perhaps foolishly, EU President Ursula von der Leyen overhyped the release in a big press briefing!<\/li>\n<\/ul>\n<\/li>\n<li>\ud83e\uddef <a href=\"https:\/\/www.macobserver.com\/news\/hackers-trick-apple-airtags-into-showing-completely-fake-locations\/\">Hackers Trick Apple AirTags Into Showing Completely Fake Locations \u2014 www.macobserver.com\/\u2026<\/a>\n<ul>\n<li><strong>Does not impact the AirTag&#8217;s only supported use case \u2014 list item finding!<\/strong><\/li>\n<li>Requires physical proximity to the tag for a long time \u2014 simply relays the tag&#8217;s rotating Bluetooth beacons to a remove device so it can be rebroadcast there and then registered by other passing iPhones at that wrong location<\/li>\n<li>Interesting research, but appears to have no practical use \u2014 a thief who would be motivated to do this would need to know the tag was there, and decide this was a better solution to the item they stole having a tracker than simply taking the battery out of the tracker!<\/li>\n<\/ul>\n<\/li>\n<li>\ud83c\uddec\ud83c\udde7 <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/uk-probes-telegram-teen-chat-sites-over-csam-sharing-concerns\/\">UK probes Telegram, teen chat sites over CSAM sharing concerns \u2014 www.bleepingcomputer.com\/\u2026<\/a> (by independent communications regulator Ofcom)<\/li>\n<li><a href=\"https:\/\/cyberinsider.com\/tor-vpn-for-android-security-audit-confirms-robust-design\/\">Tor VPN for Android security audit confirms robust design \u2014 cyberinsider.com\/\u2026<\/a><\/li>\n<li>Some nice upcoming cybersecurity enhancements:\n<ul>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/microsoft\/microsoft-adds-windows-protections-for-malicious-remote-desktop-files\/\">Microsoft adds Windows protections for malicious Remote Desktop files \u2014 www.bleepingcomputer.com\/\u2026<\/a> (interrupts automatic sharing of local folders to remote computers with a confirmation dialogue \u2014 a very useful feature now commonly abused in scams, so a good response)<\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/microsoft\/windows-update-gets-new-controls-to-reduce-forced-restarts\/\">Windows Update gets new controls to reduce forced restarts \u2014 www.bleepingcomputer.com\/\u2026<\/a> (in beta on the Windows Insiders program now)<\/li>\n<li><strong>Related:<\/strong> <a href=\"https:\/\/www.bleepingcomputer.com\/news\/microsoft\/microsoft-rolls-out-revamped-windows-insider-program\/\">Microsoft rolls out revamped Windows Insider Program \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<li>An important Google Search update: <a href=\"https:\/\/developers.google.com\/search\/blog\/2026\/04\/back-button-hijacking\">Introducing a new spam policy for &#8220;back button hijacking&#8221; \u2014 developers.google.com\/\u2026<\/a> (About time!)<\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/google\/google-expands-gemini-ai-use-to-fight-malicious-ads-on-its-platform\/\">Google expands Gemini AI use to fight malicious ads on its platform \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.macobserver.com\/news\/apple-plans-stricter-network-security-rules-for-os-27-updates\/\">Apple Plans Stricter Network Security Rules for OS 27 Updates \u2014 www.macobserver.com\/\u2026<\/a><\/li>\n<li>Only relevant if you manage Macs with Mobile Device Management (MDM) using a service like Jamf, Apple Business, or Microsoft Intune<\/li>\n<li>Apple are simply enforcing recent versions of TLS\/SSL, given how critical MDM security is, this should affect no one, but alas, it will probably break some <em>working<\/em> (and irresponsibly insecure) setups, likely in smaller organisations.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>Top Tips<\/h2>\n<aside class=\"small-aside\">Tips, tricks, or advice that are likely to be useful to the NosillaCast audience or the family members and friends whose IT they support.<\/aside>\n<ul>\n<li><a href=\"https:\/\/www.cultofmac.com\/how-to\/forgot-iphone-passcode\">Save your iPhone by unlocking with an old passcode \u2014 www.cultofmac.com\/\u2026<\/a>\n<ul>\n<li><strong>By default<\/strong>, you can use your old passcode for 72 hours to recover your account if you forget your new one!<\/li>\n<li>There is a corollary to this useful feature reminder \u2014 if you <strong>need<\/strong> to reset your password to lock someone unwanted out of your phone, you <strong>must invalidate the old password immediately<\/strong>!<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>Excellent Explainers<\/h2>\n<aside class=\"small-aside\">High-quality content explaining a security concept of some kind.<\/aside>\n<ul>\n<li><a href=\"https:\/\/www.intego.com\/mac-security-blog\/what-is-vishing\/\">What Is Vishing? How Voice Scams Work and How to Spot Them \u2014 www.intego.com\/\u2026<\/a><\/li>\n<\/ul>\n<h2>Interesting Insights<\/h2>\n<aside class=\"small-aside\">High-quality opinion and editorial content recommended by Bart.<\/aside>\n<ul>\n<li>Agentic AI that actually make sense to me: <a href=\"https:\/\/www.troyhunt.com\/heres-what-agentic-ai-can-do-with-have-i-been-pwneds-apis\/\">Here&#8217;s What Agentic AI Can Do With Have I Been Pwned&#8217;s APIs \u2014 www.troyhunt.com\/\u2026<\/a><\/li>\n<\/ul>\n<h2>Palate Cleansers<\/h2>\n<aside class=\"small-aside\">Anything upbeat and nerdy Bart and\/or Allison think you might enjoy.<\/aside>\n<ul>\n<li><strong>From Bart:<\/strong>\n<ul>\n<li>\ud83c\udfa6 <a href=\"https:\/\/apod.nasa.gov\/apod\/ap260422.html\">NASA Astronomy Picture of the Day for 22 April 2026: Earthset with an iPhone \u2014 apod.nasa.gov\/\u2026<\/a><\/li>\n<li>\ud83d\udda5\ufe0f <a href=\"https:\/\/tidbits.com\/2026\/04\/20\/vidbits-matt-sephtons-wall-of-tiny-apps\/\">VidBITS: Matt Sephton\u2019s Wall of Tiny Apps \u2014 tidbits.com\/\u2026<\/a><\/li>\n<li>Suite of little <em>Tim Verpoorten<\/em> Apps from a developer who scratched their own itches for years, and has finally released all his little <em>does one thing<\/em> apps to the Mac\/iOS AppStores<\/li>\n<li>No one is likely to want all of them, but everyone is likely to find something useful in there! (for me it was the USB device debugger that shows the physical layout of your USB hubs and devices)<\/li>\n<\/ul>\n<\/li>\n<li><strong>From Allison<\/strong>:\n<ul>\n<li>Want another chance to tear up over how important it was that we sent humans to the moon? A dramatic reading of a writing called &#8220;Copy, Moon Joy&#8221; by Anna Lisa: <a href=\"https:\/\/podfeet.slack.com\/archives\/CDD96SGSD\/p1776968379340659\">podfeet.slack.com\/&#8230;<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>Legend<\/h2>\n<p>When the textual description of a link is part of the link, it is the title of the page being linked to, when the text describing a link is not part of the link, it is a description written by <a href=\"https:\/\/bartb.ie\/\">Bart<\/a>.<\/p>\n<table>\n<thead>\n<tr>\n<th align=\"center\">Emoji<\/th>\n<th align=\"left\">Meaning<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td align=\"center\">\ud83c\udfa7<\/td>\n<td align=\"left\">A link to <strong>audio content<\/strong>, probably a podcast.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\u2757<\/td>\n<td align=\"left\">A <strong>call to action<\/strong>.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\"><em>flag<\/em><\/td>\n<td align=\"left\">The story is particularly relevant to people living in a <strong>specific country<\/strong>, or, the organisation the story is about is affiliated with the government of a specific country.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83d\udcca<\/td>\n<td align=\"left\">A link to <strong>graphical content<\/strong>, probably a chart, graph, or diagram.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83e\uddef<\/td>\n<td align=\"left\">A story that has been <strong>over-hyped<\/strong> in the media, or, <em>&#8220;no need to light your hair on fire&#8221;<\/em> \ud83d\ude42<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83d\udcb5<\/td>\n<td align=\"left\">A link to an article behind a <strong>paywall<\/strong>.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83d\udccc<\/td>\n<td align=\"left\">A <strong>pinned<\/strong> story, i.e. one to keep an eye on that&#8217;s likely to develop into something significant in the future.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83c\udfa9<\/td>\n<td align=\"left\">A <strong><em>tip of the hat<\/em><\/strong> to thank a member of the community for bringing the story to our attention.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83c\udfa6<\/td>\n<td align=\"left\">A link to <strong>video content<\/strong>.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n","protected":false},"excerpt":{"rendered":"<p>Feedback &amp; Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we&#8217;re tracking over time. Mozilla says Claude\u2019s Mythos AI helped uncover 271 flaws in Firefox \u2014 cyberinsider.com\/\u2026 Related: OpenAI Releases GPT 5.4 Cyber to Help with Defensive Security \u2014 www.macobserver.com\/\u2026 \ud83c\uddfa\ud83c\uddf8 FCC Hands Netgear an Effective Monopoly on [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":28385,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[147,214],"tags":[170,8148,50,569,2003],"class_list":["post-35831","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog-posts","category-security-bits","tag-hack","tag-leaks","tag-security","tag-security-bits","tag-vulnerabilities"],"jetpack_featured_media_url":"https:\/\/www.podfeet.com\/blog\/wp-content\/uploads\/2023\/05\/Security-Bits-Logo_1040x520.png","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/35831","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/comments?post=35831"}],"version-history":[{"count":1,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/35831\/revisions"}],"predecessor-version":[{"id":35832,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/35831\/revisions\/35832"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/media\/28385"}],"wp:attachment":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/media?parent=35831"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/categories?post=35831"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/tags?post=35831"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}