Attackers are exploiting CVE-2026-4020 in Gravity SMTP to leak API keys, OAuth tokens, and system data from WordPress sites.

CVE-2026-42530, the NGINX HTTP/3 vulnerability rated CVSS 9.2, is collecting dismissals because exploitation requires ASLR to ...

Researchers found 15 malicious JetBrains plugins posing as AI coding tools that exfiltrate OpenAI, DeepSeek, and SiliconFlow ...

Wordfence has blocked 17M+ exploit attempts targeting a Gravity SMTP bug that leaks API keys, OAuth tokens, and full system reports without authentication.

Security researchers identified a coordinated malware campaign within the JetBrains Marketplace designed to exfiltrate ...

At least 15 plug-ins for JetBrains IDEs transmit API keys to an external server, while otherwise offering their promised ...

Gravity SMTP WordPress vulnerability CVE-2026-4020 has drawn 17 million automated exploit attempts since May 2026, draining ...

Grab's security team built Palana, a Kubernetes-native secure execution platform, to run autonomous AI agents safely. Unlike ...

The next generation of the Model Context Protocol (MCP) enables enterprise-scale AI deployments but shifts critical security ...

Akamai today revealed a raft of cybersecurity weaknesses in the latest specification for the Model Context Protocol (MCP) that is widely used by ...

ESET researchers assisted in the global disruption of the Amadey botnet and Stealc infostealer, providing technical analysis, ...