The Next Web

Hackers are mass-exploiting a Gravity SMTP flaw to steal API keys from 100,000 WordPress sites

Wordfence has blocked 17M+ exploit attempts targeting a Gravity SMTP bug that leaks API keys, OAuth tokens, and full system reports without authentication.
The Hacker News

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys

Attackers are exploiting CVE-2026-4020 in Gravity SMTP to leak API keys, OAuth tokens, and system data from WordPress sites.
PCMag

I Traced My Leaked Email Address to the Dark Web. Here's How It Got There

After AI-powered scams overwhelmed my inbox, I investigated how my email address ended up on the dark web—and discovered the ...
The Next Web

Mastodon adds email newsletters so people who don’t want an account can still follow creators on the open social web

Mastodon 4.6 lets creators send posts to email subscribers who don't have fediverse accounts. The feature targets institutions and independent publishers.

Mastodon looks to newsletters to help revive the open social web

Mastodon’s newly launched newsletter feature lets anyone subscribe to creators by email, even without a Mastodon account.