The Next Web

Hackers are mass-exploiting a Gravity SMTP flaw to steal API keys from 100,000 WordPress sites

Wordfence has blocked 17M+ exploit attempts targeting a Gravity SMTP bug that leaks API keys, OAuth tokens, and full system reports without authentication.
CPO Magazine

API Vulnerability Could Have Let Attackers Hijack FIFA World Cup Broadcast Streams

A API vulnerability documented by independent security blogger "bobdahacker" created a path to replacing the FIFA World Cup ...

Instagram accounts continue to be hacked as hackers claim Meta only removed a UI button

Meta AI loophole continues to allow hackers to hijack Instagram accounts. Reports claim Meta's fix failed to secure the backend.
Crowdfund Insider

CertiK Hack Analysis: API Private Key Compromise Led to Kronos Research Losing $26M

On 18 November 2023, Kronos Research announced, via social media platform X, that unauthorized access to their API resulted in “a loss of approximately $26 million.” As noted in an update shared by ...