Wordfence has blocked 17M+ exploit attempts targeting a Gravity SMTP bug that leaks API keys, OAuth tokens, and full system reports without authentication.
Gravity SMTP WordPress vulnerability CVE-2026-4020 has drawn 17 million automated exploit attempts since May 2026, draining ...
Hackers are exploiting a vulnerability in the Gravity SMTP WordPress plugin to extract configuration data, including API keys ...
Threat actors are exploiting a recently patched security flaw impacting Gravity SMTP, a WordPress plugin that's installed on about 100,000 sites. The vulnerability, tracked as CVE-2026-4020 (CVSS ...
WPVibe WordPress plugin makes it easy and safe to connect virtually any AI to a WordPress site and safely edit virtually ...
How I stopped a massive WordPress spam attack with 4,700 lines of code in two days - thanks to Codex and Claude ...
Three popular plugins served malicious JavaScript through a compromised CDN.
In WordPress theme development, functions.php is not a universal file. If you keep writing code there just because "it works," functions.php will quickly become bloated. An even bigger problem is ...
Cybersecurity researchers have flagged a "coordinated malware campaign" on the JetBrains Marketplace that has published no less than 15 malicious plugins capable of exfiltrating artificial ...