https://cybercrime.club/tags/wordfence/Infrastructure security news for people who build infrastructure.Hugo -- gohugo.ioen-usSat, 20 Jun 2026 23:09:32 -0400https://cybercrime.club/posts/gravity-smtp-cve-2026-4020-wordpress-api-key-disclosure/Sat, 20 Jun 2026 23:09:32 -0400https://cybercrime.club/posts/gravity-smtp-cve-2026-4020-wordpress-api-key-disclosure/Attackers are mass-exploiting CVE-2026-4020 in the Gravity SMTP WordPress plugin to dump site config and third-party email provider API keys. Patch to 2.1.5 and rotate every key now.vulnerabilities