The Hacker News

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys

Attackers are exploiting CVE-2026-4020 in Gravity SMTP to leak API keys, OAuth tokens, and system data from WordPress sites.
CNET

Is That Call, Text or Email Real? Here’s How to Identify Scams

A suspicious username, often similar to a real username (like “contact12” for a scammer impersonating a company’s customer ...
The Next Web

Mastodon adds email newsletters so people who don’t want an account can still follow creators on the open social web

Mastodon 4.6 lets creators send posts to email subscribers who don't have fediverse accounts. The feature targets institutions and independent publishers.