Wordfence blocked 17M+ attempts to exploit a Gravity SMTP bug that leaks API keys and system data from WordPress sites without authentication. Attackers are actively exploiting a vulnerability in the ...
A security flaw in the Gravity SMTP WordPress plugin has drawn more than 17 million automated exploit attempts since early May 2026 — and every site that ran an unpatched version while those attacks ...
Oliver Sild, founder of Patchstack WordPress security company, shared concerns about the security of AI API keys in WordPress 7.0, sharing that there “will be an absolute rush by hackers to steal API ...
WordPress 7.0 "Armstrong," released May 20, 2026, arrived without the real-time collaborative editing feature that had been its stated centerpiece for months — and within two days of launch, a ...