Wordfence has blocked 17M+ exploit attempts targeting a Gravity SMTP bug that leaks API keys, OAuth tokens, and full system reports without authentication.

Attackers are exploiting CVE-2026-4020 in Gravity SMTP to leak API keys, OAuth tokens, and system data from WordPress sites.

Prosecutors have charged the chief engineer of the cargo ship Dali in connection with the 2024 collapse of Baltimore’s ...

Researchers found 15 malicious JetBrains plugins posing as AI coding tools that exfiltrate OpenAI, DeepSeek, and SiliconFlow ...

Aikido Security found at least 15 integrated development environment (IDE) plugins on the JetBrains Marketplace which had ...

At least 15 malicious plugins found on the JetBrains Marketplace were designed to steal AI API keys from developers. The campaign, discovered by Aikido Security, includes plugins that act as AI coding ...

Did Donald Trump's Truth Social account really make a post about an API service being unavailable, implying that AI writes ...

Getting used to pressing the Command key instead of Control on a Mac may be one of the most difficult things to adapt to when switching from a Windows computer to something like an M2 Macbook Air. The ...

Google API keys aren't completely inactive after users delete them, giving attackers a small but significant window to continue abusing them. Joe Leon, researcher at Belgian startup Aikido Security, ...

The biggest mistake people make when trying to get their ChatGPT API key is that they use the wrong URL. The key can't be found at chatgpt.com. Instead, point your browser to the OpenAI developer ...

Data API Builder helps developers expose database objects through REST and GraphQL without building extensive custom data access code. Steve Jones' Visual Studio Live! San Diego 2026 session will show ...

Web infrastructure provider Vercel disclosed a security breach that may have exposed customer API keys, prompting crypto projects to rotate credentials and review their code. Vercel traced the ...