Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys
Threat actors are exploiting a recently patched security flaw impacting Gravity SMTP, a WordPress plugin that's installed on about 100,000 sites
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Threat actors are exploiting a recently patched security flaw impacting Gravity SMTP, a WordPress plugin that's installed on about 100,000 sites
Cisco has rolled out updates for a maximum-severity security flaw impacting Secure Workload that could allow an unauthenticated, remote attacker to access sensitive data
Fortinet has released out-of-band patches for a critical security flaw impacting FortiClient EMS that it said has been exploited in the wild
A critical security flaw impacting Langflow has come under active exploitation within 20 hours of public disclosure, highlighting the speed at which threat actors weaponize newly published vulnerabilities
IBM has disclosed details of a critical security flaw in API Connect that could allow attackers to gain remote access to the application
Flaw Bypasses Clickjacking Defenses, Enables Account TakeoversHackers are exploiting the split-second delay between two mouse clicks to carry out sophisticated clickjacking attacks, tricking victims into authorizing transactions or granting access they never intended. "DoubleClickjacking" manipulates users into granting OAuth and API permissions
Misconfigurations, weak authentication and logic flaws are among the main drivers of API security risks at many organizations.
An attack flow that combines API flaws within "log in with" implementations and Web injection bugs could affect millions of websites.