The Next Web

Hackers are mass-exploiting a Gravity SMTP flaw to steal API keys from 100,000 WordPress sites

Wordfence has blocked 17M+ exploit attempts targeting a Gravity SMTP bug that leaks API keys, OAuth tokens, and full system reports without authentication.
CSOonline

SMTP smuggling enables email spoofing while passing security checks

Security researchers have found inconsistencies in how some Simple Mail Transfer Protocol (SMTP) servers handle end-of-data sequences. This allows the injection of SMTP commands into email messages in ...