The Hacker News | Biggest Information Security Channel

Google App Engine — More than 30 Vulnerabilities Discovered

Google App Engine — More than 30 Vulnerabilities Discovered

Security researchers have discovered a number of critical vulnerabilities in the Java environmen...
AliExpress WebSite Vulnerability Exposes Millions of Users' Private Information

AliExpress WebSite Vulnerability Exposes Millions of Users' Private Information

A critical, but easily exploitable personal information disclosure vulnerability has been discov...
Yahoo Quickly Fixes SQL Injection Vulnerability Escalated to Remote Code Execution

Yahoo Quickly Fixes SQL Injection Vulnerability Escalated to Remote Code Execution

Yahoo! was recently impacted by a critical web application vulnerabilities which left website...
Avira Vulnerability Puts Users' Online Backup Data At Risk

Avira Vulnerability Puts Users' Online Backup Data At Risk

A popular Anti-virus software Avira that provides free security software to its customers with ...
How to Detect SQL Injection Attacks

How to Detect SQL Injection Attacks

SQL Injection (SQLi) attacks have been around for over a decade. You might wonder why they are ...
 Hacking Fiverr.com Accounts — Vulnerability Puts $50 Million Company At Risk

Hacking Fiverr.com Accounts — Vulnerability Puts $50 Million Company At Risk

Fiverr.com, a global online marketplace which provides a platform for people to sell their servi...
Flickr Cross-Site Request Forgery Vulnerability Patched

Flickr Cross-Site Request Forgery Vulnerability Patched

Yahoo-owned Flickr, one of the biggest online photo management and sharing website in the world was ...
Jobvite Recruitment Service Website Vulnerable to Hackers

Jobvite Recruitment Service Website Vulnerable to Hackers

Jobvite , a recruiting platform for the social web, is found vulnerable to the most common, but ...
MediaWiki Remote Code Execution vulnerability leaves Wikipedia open for Cyber attacks

MediaWiki Remote Code Execution vulnerability leaves Wikipedia open for Cyber attacks

The Encyclopedia giant WIKIPEDIA has been found vulnerable to remote code execution because of...
Yahoo fixes Critical Remote Command Execution vulnerability

Yahoo fixes Critical Remote Command Execution vulnerability

Cyber Security Expert and Penetration tester, Ebrahim Hegazy has found a serious vulnerability ...
Hacker demonstrated 'Remote Code Execution' vulnerability on EBay website

Hacker demonstrated 'Remote Code Execution' vulnerability on EBay website

A German Security researcher has demonstrated a critical  vulnerability on Ebay website, world'...
Thousands of websites based on Ruby on Rails vulnerable to Cookie Handling flaw

Thousands of websites based on Ruby on Rails vulnerable to Cookie Handling flaw

Ruby on Rails contains a flaw in its design that may allow attackers to more easily access applicati...
Hacker stole $100,000 from Users of California based ISP using SQL Injection

Hacker stole $100,000 from Users of California based ISP using SQL Injection

In 2013 we have seen a dramatic increase in the number of hack attacks attempted against banks, ...
Web Application Security : PHP SuperGlobal Variables are vulnerable to Hackers

Web Application Security : PHP SuperGlobal Variables are vulnerable to Hackers

Hackers are focusing on vulnerabilities in the PHP web application development platform threaten...
Microsoft's Social network Yammer vulnerable to OAuth Bypass hack

Microsoft's Social network Yammer vulnerable to OAuth Bypass hack

Yammer , is the Enterprise Social Network service that was launched in 2008 and sold to Micro...
LinkedIn Clickjacking vulnerability tricks users to spam links

LinkedIn Clickjacking vulnerability tricks users to spam links

A Clickjacking vulnerability existed on LinkedIn that allowed an attacker to trick users for sharin...
Vulnerability in Whatsapp messenger media server

Vulnerability in Whatsapp messenger media server

If you own an iPhone or an Android device, then the chances are high that you're familiar wit...
Drupal resets 1 Million Passwords after Data Breach

Drupal resets 1 Million Passwords after Data Breach

A Drupal data breach was announced by the official Drupal Association, that Passwords for almost on...
Upgrade ModSecurity to version 2.7.4 for fixing Denial of Service Vulnerability

Upgrade ModSecurity to version 2.7.4 for fixing Denial of Service Vulnerability

ModSecurity is an open source web application firewall. It provides protection from a range of atta...
SSH Backdoor accounts in multiple Barracuda Products

SSH Backdoor accounts in multiple Barracuda Products

Firewall, VPN and spam filtering products from Barracuda Networks contains hidden hard coded backd...