Gravity SMTP Exploit Puts WordPress Mail API Keys at Risk
Attackers are actively exploiting CVE-2026-4020 in the Gravity SMTP WordPress plugin, a flaw that can expose mail-service API keys, OAuth tokens, plugin versions, and server details. Site owners should update to Gravity SMTP 2.1.5 or later, check logs, and rotate affected email credentials.
Apple’s Beats Studio Buds Patch Fixes a Bluetooth Eavesdropping Risk
Apple’s Beats Firmware Update 1B211 fixes CVE-2025-20701, a Bluetooth pairing flaw that could let a nearby attacker listen through unpaired Beats Studio Buds while they are seeking pairing requests. Here is what changed and how to check your firmware.
AWS AgentCore Turns Enterprise AI Agents Into an Operations Stack
AWS used its New York Summit to expand Bedrock AgentCore, launch AWS Context and AWS Continuum, and push AI agents deeper into enterprise operations. The real story is not another chatbot layer, but a managed stack for grounding, governing, testing, and remediating agent behavior.
Unreal Engine 6 Turns Fortnite Into Epic’s Test Bed for Portable Games
Epic’s Unreal Engine 6 roadmap merges UE5 and UEFN, moves gameplay toward Verse, and uses Fortnite cosmetics as the first test of portable game assets. The plan could reshape game development, but adoption, AI tooling, and creator-economy incentives remain open questions.
AWS WAF Gives Publishers a Way to Charge AI Bots at the Edge
AWS WAF now lets CloudFront publishers charge AI bots and agents per request using HTTP 402, x402 payments, Coinbase settlement, and stablecoins. The launch turns AI crawler access into an edge-security and machine-payments problem.
SearchLeak Shows How Microsoft 365 Copilot Search Can Become a Data Leak
Varonis disclosed SearchLeak, a patched Microsoft 365 Copilot Enterprise Search vulnerability chain that could turn one trusted-looking Microsoft link into a path for stealing emails, files, calendar data, and MFA codes.
Dream’s $260M Round Turns Sovereign AI Into Cyber Infrastructure
Dream raised $260 million at a $3 billion valuation for sovereign AI and cyber defense systems built for governments. The deal shows how national AI infrastructure and critical-infrastructure security are becoming the same market.
SandboxAQ’s $500M CHIPS Award Moves AI Into Chip Materials
The Commerce Department awarded SandboxAQ $500 million to use physics-based AI for semiconductor materials discovery. The target is not a new chip, but the chemicals, magnets, catalysts, and backup-power systems that fabs need to run.
Apple-Intel Chip Claim Puts Intel Foundry’s 18A-P Test in Public View
President Trump says Apple has agreed to work with Intel on U.S.-made chips, but Apple and Intel have not announced a signed foundry deal. The real test is whether Intel’s 18A-P process can move from risk production to Apple-grade yield, volume, and product trust.
ASML Denies EUV Machine Reached China as U.S. Chip Controls Tighten
U.S. officials reportedly raised concerns that ASML EUV-related equipment may have reached China, a claim ASML denies. The dispute shows why chipmaking tools, servicing, and allied export controls are becoming central to the AI hardware race.