The Hacker News

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys

Attackers are exploiting CVE-2026-4020 in Gravity SMTP to leak API keys, OAuth tokens, and system data from WordPress sites.
The Next Web

Mastodon adds email newsletters so people who don’t want an account can still follow creators on the open social web

Mastodon 4.6 lets creators send posts to email subscribers who don't have fediverse accounts. The feature targets institutions and independent publishers.

Mastodon looks to newsletters to help revive the open social web

Mastodon’s newly launched newsletter feature lets anyone subscribe to creators by email, even without a Mastodon account.