The Hacker News

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys

Attackers are exploiting CVE-2026-4020 in Gravity SMTP to leak API keys, OAuth tokens, and system data from WordPress sites.
Morning Overview on MSN

The FTC warns a fake CAPTCHA box can install malware the moment you click to prove you’re human

Anyone who has clicked a checkbox to confirm they are not a robot may now be one keystroke sequence away from handing over their email credentials to criminals. The Federal Trade Commission announced ...
note

To avoid ending the workday feeling 'vaguely busy,' I created a work time log using local HTML

When doing daily work, you might feel this way at the end of the day. I feel like I was quite busy today. But it's hard to explain what I spent my time on and for how long. Project tasks, meetings, ...