Attackers are exploiting CVE-2026-4020 in Gravity SMTP to leak API keys, OAuth tokens, and system data from WordPress sites.

An inexperienced hacker managed to compromise over a dozen companies using AI agents to do most of the work, raising real ...

Security researchers have uncovered a series of cyberattacks targeting Apple customers across the world. The tools used in these hacking campaigns have been dubbed Coruna and DarkSword, and they have ...

What happened Threat actors are actively exploiting an unauthenticated information disclosure vulnerability in the Gravity SMTP WordPress plugin, which is installed on more than 100,000 WordPress ...

Privacy blockchain Namada has lost roughly $600,000 in an exploit, wiping nearly all value from its multi-asset shielded pool ...

The popular product lifecycle management platform is under active exploitation for an RCE vulnerability that could put ...

Hackers infiltrated Polymarket’s website via a compromised third-party vendor, the company said, swiping millions in crypto ...

Security researchers turned the chatbot into a "one-click data exfiltration weapon." The post Microsoft’s Copilot AI Caught ...

Foom Cash lost $2.26 million in an exploit tied to a Groth16 verifier misconfiguration, but a white hat recovered $1.84 million of the funds. A white hat hacker helped Foom Cash recover most of the ...

June 11 (Reuters) - Alphabet's cybersecurity unit Mandiant and Google Threat Intelligence Group said Thursday they had ...

Meta’s AI support chatbot reportedly exploited in Instagram account takeover hack, raising concerns over AI-driven security and account recovery systems ...

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. Not all zero-day threat stories are worth getting unduly ...