The Hacker News

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys

Attackers are exploiting CVE-2026-4020 in Gravity SMTP to leak API keys, OAuth tokens, and system data from WordPress sites.
Tech Times

WordPress Email Plugin Flaw Triggers 17 Million Attacks: Gravity SMTP Leaks Live API Keys

Gravity SMTP WordPress vulnerability CVE-2026-4020 has drawn 17 million automated exploit attempts since May 2026, draining ...
The Hacker News

Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats

Researchers found 15 malicious JetBrains plugins posing as AI coding tools that exfiltrate OpenAI, DeepSeek, and SiliconFlow ...
latesthackingnews.comOpinion

The ASLR Caveat on NGINX’s Critical HTTP/3 Flaw Changes Nothing About Urgency

CVE-2026-42530, the NGINX HTTP/3 vulnerability rated CVSS 9.2, is collecting dismissals because exploitation requires ASLR to ...
The Next Web

Hackers are mass-exploiting a Gravity SMTP flaw to steal API keys from 100,000 WordPress sites

Wordfence has blocked 17M+ exploit attempts targeting a Gravity SMTP bug that leaks API keys, OAuth tokens, and full system reports without authentication.
Developer Tech

ONLYOFFICE Docs Developer: Secure document editing in your own app

Secure document editing in your own app. ONLYOFFICE Docs Developer equips web applications with secure, latency-free document ...
Developer Tech

JetBrains marketplace malware exposes developer API keys

Security researchers identified a coordinated malware campaign within the JetBrains Marketplace designed to exfiltrate ...
techtimes

Claude Outage Tops 8,000 Reports: Agentic Pipeline Failures Mount Before Anthropic IPO

Anthropic's Claude platform went down for tens of thousands of users on Tuesday, June 23, as Downdetector reports surged past 8,000 in the United States alone — the latest in a documented run of ...
Analytics Insight

How Hackers Operate: The Tools Behind Real-World Cybersecurity Testing

Overview:Ethical hackers follow the seven-phase Penetration Testing Execution Standard (PTES), moving from intelligence ...

Multiple plugins for JetBrains IDEs steal API keys for OpenAI, DeepSeek & Co.

At least 15 plug-ins for JetBrains IDEs transmit API keys to an external server, while otherwise offering their promised ...
TMCnet

Beyond Announces AI Innovations to Empower Property Managers & Grow Revenue

Neyoba, Beyond's AI pricing assistant, has quickly become one of the platform's most-used features after being launched in late 2025. In its first six months, more than 15 thousand hosts and property ...