The Hacker News

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys

Attackers are exploiting CVE-2026-4020 in Gravity SMTP to leak API keys, OAuth tokens, and system data from WordPress sites.
LinkedIn

WordPress REST API Authentication Methods Explained

Understanding how to authenticate WordPress REST API requests is essential for building secure, modern applications that interact with WordPress programmatically. The complete guide covers all major ...
Security Boulevard

WordPress Authentication Best Practices

WordPress powers over 40% of the web, making it a prime target for cyberattacks. Weak authentication leaves sites vulnerable to brute-force attacks, unauthorized access, and data breaches.
The Next Web

Hackers are mass-exploiting a Gravity SMTP flaw to steal API keys from 100,000 WordPress sites

Wordfence has blocked 17M+ exploit attempts targeting a Gravity SMTP bug that leaks API keys, OAuth tokens, and full system reports without authentication.
Yahoo Finance

AwareID Plug-In for WordPress Makes Biometric Authentication Available on WordPress Marketplace

BURLINGTON, Mass., Oct. 22, 2024 (GLOBE NEWSWIRE) -- In an effort to make biometric authentication more readily accessible to businesses, Aware, Inc. (NASDAQ: AWRE) has launched AwareID, its ...
GitHub

rest-api.md

Access to all Abilities REST API endpoints requires an authenticated user (see the Authentication section). Access to execute individual Abilities is restricted based on the permission_callback() of ...