Attackers are exploiting CVE-2026-4020 in Gravity SMTP to leak API keys, OAuth tokens, and system data from WordPress sites.

Researchers found 15 malicious JetBrains plugins posing as AI coding tools that exfiltrate OpenAI, DeepSeek, and SiliconFlow ...

Gravity SMTP WordPress vulnerability CVE-2026-4020 has drawn 17 million automated exploit attempts since May 2026, draining ...

At least 15 malicious plugins found on the JetBrains Marketplace were designed to steal AI API keys from developers. The campaign, discovered by Aikido Security, includes plugins that act as AI coding ...

Security researchers identified a coordinated malware campaign within the JetBrains Marketplace designed to exfiltrate ...

Wordfence has blocked 17M+ exploit attempts targeting a Gravity SMTP bug that leaks API keys, OAuth tokens, and full system reports without authentication.

At least 15 plug-ins for JetBrains IDEs transmit API keys to an external server, while otherwise offering their promised ...

Attackers are actively exploiting path traversal and SQL injection in Langflow, LangGraph, and LangChain — below where your ...

Anthropic has taken another step toward making AI agents genuinely autonomous infrastructure rather than chat sessions that die when you close the tab. On June 9, 2026, the company announced that ...

New solution replaces static, permanent API keys with dynamic, revocable, least-privilege credentials designed to ...

What actually changed wasn't automation.

I can use virtually every language, speech, image, and video model with one API key.