Hackers are exploiting a vulnerability in the Gravity SMTP WordPress plugin to extract configuration data, including API keys ...
Threat actors are exploiting an unauthenticated information disclosure vulnerability in the WordPress plugin Gravity SMTP, active on 100,000 sites. The flaw is tracked as CVE-2026-4020 and received a ...
How I stopped a massive WordPress spam attack with 4,700 lines of code in two days - thanks to Codex and Claude ...
Gravity SMTP WordPress vulnerability CVE-2026-4020 has drawn 17 million automated exploit attempts since May 2026, draining ...
Wordfence has blocked 17M+ exploit attempts targeting a Gravity SMTP bug that leaks API keys, OAuth tokens, and full system reports without authentication.
Operation Endgame malware takedown seized 326 servers, froze $47M in criminal cryptocurrency, and recovered 27 million stolen ...
Spread the love“`html With WordPress powering over 40% of all websites on the internet, it has become a prime target for cybercriminals. One of the most common methods of attack is through brute force ...
Spread the love“`html 7 Essential Ways to Hide Your WordPress Version and Enhance Security In the ever-evolving world of web development, securing your website is of utmost importance. One effective ...
Attackers are exploiting CVE-2026-4020 in Gravity SMTP to leak API keys, OAuth tokens, and system data from WordPress sites.
A recent attack compromised over 30 WordPress plugins through a backdoor acquired by purchasing the original developers. This ...
A vulnerability in the popular Ultimate Member WordPress plugin enables account takeover by exposing password reset links.
This week’s cybersecurity recap covers Firefox and Chrome bugs, EDR-killer tools, a TV botnet, an OpenBSD flaw, Android ...