Cybersecurity Research

Vulnerabilities and Exploits

CVE-2026-4020: Gravity SMTP WordPress Plugin – Sensitive Information Exposure

by
CVE-2026-4020 GravIty SMTP WordPress PlugIn SensItIve InformatIon Exposure

Introduction A severe security crisis recently emerged within the WordPress ecosystem involving Gravity SMTP, a widely adopted plugin designed to streamline outbound email delivery. Tracked as CVE-2026-4020, this unauthenticated sensitive information exposure vulnerability has rapidly transitioned from a theoretical risk to an active, widespread threat vector. As attackers increasingly weaponize automation to scan the modern web, leading cybersecurity firms, including Wordfence, have documented

Continue Reading →
Vulnerabilities and Exploits

CVE-2026-20253 – Splunk Enterprise Unauthenticated Arbitrary File Vulnerability

by

Introduction In modern enterprise environments, Splunk sits at the heart of cyber defense architectures, serving as a central hub for log management, SIEM, and data analytics. However, the very platforms deployed to monitor and protect infrastructures can sometimes introduce severe security risks, effectively turning a defensive tool into a primary attack vector. A security advisory released by Splunk in June 2026 exposed a

Continue Reading →
Python Projects

Phone Numbers with OSINT: A Practical Guide Python

by
Extracting Information from Phone Numbers with OSINT A Practical Guide

Introduction Extracting information from phone numbers is crucial in cybersecurity and Open-Source Intelligence (OSINT) investigations. This process can reveal valuable details such as geographical locations, operators, and other important information. Phone number analysis is used by cybersecurity professionals to identify threats and by law enforcement to track criminals. This article will guide you on how to extract valuable information from phone numbers

Continue Reading →