The Hacker News

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys

Attackers are exploiting CVE-2026-4020 in Gravity SMTP to leak API keys, OAuth tokens, and system data from WordPress sites.
SecurityWeek

Attackers Exploit Gravity SMTP Plugin Flaw to Harvest Valuable WordPress Data

Hackers are exploiting a vulnerability in the Gravity SMTP WordPress plugin to extract configuration data, including API keys ...
The Next Web

Hackers are mass-exploiting a Gravity SMTP flaw to steal API keys from 100,000 WordPress sites

Wordfence has blocked 17M+ exploit attempts targeting a Gravity SMTP bug that leaks API keys, OAuth tokens, and full system reports without authentication.
Tech Times

WordPress Email Plugin Flaw Triggers 17 Million Attacks: Gravity SMTP Leaks Live API Keys

Gravity SMTP WordPress vulnerability CVE-2026-4020 has drawn 17 million automated exploit attempts since May 2026, draining ...
SiliconANGLE

API and bot attacks cost businesses $186M annually, new report finds

A new report out today from Imperva Inc., a Thales company, is warning that vulnerable application programming interface and bot attacks are costing businesses up to $186 billion annually as incidents ...
The Next Web

Google found the first AI-generated zero-day exploit. It stopped the attack before it started.

Google identified the first zero-day exploit it believes was developed with AI and thwarted a planned mass exploitation event. The GTIG report documents state-sponsored actors from China, North Korea, ...
CoinDesk

SwissBorg’s SOL Earn Wallet Exploited for $41.5M After Partner's API Is Compromised

Crypto exchange SwissBorg said about 192,600 SOL ($41.5 million) was stolen from an external wallet used exclusively for its SOL Earn strategy on Monday. The exploit stemmed from a partner's ...
Benzinga.com

Securing APIs at Scale: Why Businesses Need Dedicated API Protection

APIs (Application Programming Interfaces) have become the backbone of modern software ecosystems. They enable seamless communication between applications, services, and systems, driving innovation and ...
dbta

New Product Integration Lends Salt Security’s Adaptive API Protection to CrowdStrike Falcon NG-SIEM

Salt Security, a leading API security company, is announcing a new collaboration with CrowdStrike that focuses on protecting APIs from evolving attacks while addressing the need for integrated ...