#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
DevSecOps

CAPTCHA bypass | Breaking Cybersecurity News | The Hacker News

Category — CAPTCHA bypass
Hackers Using CAPTCHA Bypass Tactics in Freejacking Campaign on GitHub

Hackers Using CAPTCHA Bypass Tactics in Freejacking Campaign on GitHub

Jan 06, 2023 Cryptocurrency / GitHub
A South Africa-based threat actor known as Automated Libra has been observed employing CAPTCHA bypass techniques to create GitHub accounts in a programmatic fashion as part of a freejacking campaign dubbed PURPLEURCHIN. The group "primarily targets cloud platforms offering limited-time trials of cloud resources in order to perform their crypto mining operations," Palo Alto Networks Unit 42 researchers William Gamazo and Nathaniel Quist  said . PURPLEURCHIN first came to light in October 2022 when Sysdig  disclosed  that the adversary created as many as 30 GitHub accounts, 2,000 Heroku accounts, and 900 Buddy accounts to scale its operation. Now according to Unit 42, the cloud threat actor group created three to five GitHub accounts every minute at the height of its activity in November 2022, totally setting up over 130,000 bogus accounts across Heroku, Togglebox, and GitHub. More than 22,000 GitHub accounts are estimated to have been created between September and No...
Snapchat's new Security feature Hacked in 30 Minutes; CAPTCHA Cracking tool published

Snapchat's new Security feature Hacked in 30 Minutes; CAPTCHA Cracking tool published

Jan 25, 2014
Snapchat suffered a massive data breach back in December in which 4.6 million usernames and phone numbers were compromised. Earlier this month, the company launched an update to its iOS and Android apps, added a new security measure to ensure that new users aren't spambots or a robot. While signing up for the first time, it now displays nine images and then ask you to pick which images have a " ghost ". Within 24 hours of Snapchat releasing an improved security feature, a developer has written a computer program capable of cracking it. Another hacker, ' Steven Hickson ' took only 30 minutes to write a script that can crack this new security feature. In this CAPTCHA feature, basically have you choose from amongst a bunch of images, identifying the ones that have the Snapchat ghost to prove you are a person. " The problem with this is that the Snapchat ghost is very particular. You could even call it a template. For those of you familiar with template m...
What Is Attack Surface Management?

What Is Attack Surface Management?

Feb 03, 2025Attack Surface Management
Attack surfaces are growing faster than security teams can keep up – to stay ahead, you need to know what's exposed and where attackers are most likely to strike. With cloud adoption dramatically increasing the ease of exposing new systems and services to the internet, prioritizing threats and managing your attack surface from an attacker's perspective has never been more important. In this guide, we look at why attack surfaces are growing and how to monitor and manage them properly with  tools like Intruder . Let's dive in. What is your attack surface? First, it's important to understand what we mean when we talk about an attack surface. An attack surface is the sum of your digital assets that are 'reachable' by an attacker – whether they are secure or vulnerable, known or unknown, in active use or not. You can also have both internal and external attack surfaces - imagine for example a malicious email attachment landing in a colleague's inbox, vs a new FTP server being...
Expert Insights / Articles Videos
Cybersecurity Resources