Attackers are exploiting CVE-2026-4020 in Gravity SMTP to leak API keys, OAuth tokens, and system data from WordPress sites.
Wordfence has blocked 17M+ exploit attempts targeting a Gravity SMTP bug that leaks API keys, OAuth tokens, and full system reports without authentication.
Daniel Costa is the director of immigration law and policy research at the Economic Policy Institute, and a visiting scholar at the University of California, Merced. He is on Twitter. Updated ...
JFrog says six malicious npm packages used hidden install-time execution, JSONKeeper fetches, and sandbox checks to enable remote access.
Update: Added statement from Microsoft to the end of this article. A security researcher has released a new Microsoft Defender zero-day exploit named "RoguePlanet" just hours after Microsoft fixed two ...
DB Insurance Co., Ltd. engages in the business of providing non-life insurance services. It operates through the following businesses: Insurance, Loan, and Other Services. The Insurance business ...