Wordfence has blocked 17M+ exploit attempts targeting a Gravity SMTP bug that leaks API keys, OAuth tokens, and full system reports without authentication.

Hackers are exploiting a vulnerability in the Gravity SMTP WordPress plugin to extract configuration data, including API keys ...

Gravity SMTP WordPress vulnerability CVE-2026-4020 has drawn 17 million automated exploit attempts since May 2026, draining ...

Hackers are targeting WordPress websites running a vulnerable version of the WP Maps Pro plugin, which allows creating rogue administrator accounts without authentication. The vulnerability, tracked ...

Three popular plugins served malicious JavaScript through a compromised CDN.

Starting on June 11, 2026, the Arch User Repository (AUR) was targeted by malware which rapidly compromised over 1,500 packages. The AUR repository allows for abandoned community packages to be taken ...

The Twitter API is more than just a gateway to tweets; it’s a powerful tool that enables developers to access Twitter data and integrate its functionalities into their applications. This Twitter API ...

Spread the love“`html If you’ve ever found yourself locked out of your WordPress site, you know how frustrating it can be to reset your WordPress admin password. Whether you’ve forgotten it, or it has ...

Multiple WordPress plugins from ShapedPlugin were compromised in a supply chain attack after unknown threat actors managed to tamper with the official release channels and push backdoor code.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a maximum-severity security flaw impacting Widget Factory Joomla Content Editor (JCE) to its Known Exploited ...

A vulnerability in the popular Ultimate Member WordPress plugin enables account takeover by exposing password reset links.

Credential theft surged by 160% in 2025, contributing to one in five data breaches as attackers employed AI-driven attacks to bypass traditional defenses. The challenge for security teams has evolved ...