Sat, Jun 20 09:08 PM

Hackers are mass-exploiting a Gravity SMTP flaw to steal API keys from 100,000 WordPress sites

TNW•Sat, Jun 20, 2026, 04:56 PM•2 min read

Attackers are actively exploiting a vulnerability in the Gravity SMTP WordPress plugin that exposes API keys, OAuth tokens, and detailed system configuration data to anyone who sends a single unauthenticated HTTP request.

Source: [TNW](https://thenextweb.com/news/gravity-smtp-wordpress-plugin-vulnerability-cve-2026-4020-api-keys-exploit)

📰 Read Full Story

This is an aggregated headline summary. For the complete report, visit the original publisher.

Continue Reading at TNW ↗

#tech #wordpress #exploiting #gravity #smtp #flaw #api #keys #hackers

More Headlines

TechnologyHacker News• 6m ago

A Day with Laravel #59 – Hand-curated Laravel packages, tutorials and trends

1 points, 1 comments on Hacker News

TechnologyHacker News• 7m ago

Show HN: LoopFlow – loop engineering for Claude Code

1 points, 0 comments on Hacker News

TechnologyHacker News• 8m ago

Linux Eliminates the Strncpy API After Six Years of Work, 360 Patches

1 points, 0 comments on Hacker News

TechnologyHacker News• 11m ago

You're Accountable for the Team. You're Not in Charge of It

1 points, 1 comments on Hacker News

TechnologyDev.to• 12m ago

The Imitation Mandala

This is a submission for the June Solstice Game Jam What I Built The Imitation Mandala is an interactive, generative 3D art ecosystem and narrative simulation. The game draws inspiration from Alan Turing’s legendary 1952 scientific paper on Morphogenesis —the mathematical equations behind how pa...

TechnologyHacker News• 15m ago

The UK will scan asylum seekers' faces for age checks

2 points, 0 comments on Hacker News