The Hacker News

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys

Attackers are exploiting CVE-2026-4020 in Gravity SMTP to leak API keys, OAuth tokens, and system data from WordPress sites.

Over 1 million WordPress sites at risk after popular plugins hacked

Three popular plugins served malicious JavaScript through a compromised CDN.
Macworld

How to recover deleted notes in the Notes app

You may use the Notes app as a catchall for all kinds of scraps of thoughts, lists, long entries, shared financial details with family members, and much more. Apple lets you sync note entries across ...