#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
State of SaaS

GoDaddy Hosting | Breaking Cybersecurity News | The Hacker News

Category — GoDaddy Hosting
GoDaddy Vulnerability Allows Domain Hijacking

GoDaddy Vulnerability Allows Domain Hijacking

Jan 21, 2015
An Internet domain registrar and web hosting company GoDaddy has patched a Cross-Site Request Forgery ( CSRF or XSRF) vulnerability that allowed hackers and malicious actors to hijack websites registered with the domain registration company. The vulnerability was reported to GoDaddy on Saturday by Dylan Saccomanni, a web application security researcher and penetration testing consultant in New York. Without any time delay, the company patched the bug in less than 24 hours after the blog was published. While managing an old domain registered on GoDaddy, Saccomanni stumbled across the bug and noticed that there was absolutely no protection against CSRF vulnerability at all on many GoDaddy DNS management actions. Cross-Site Request Forgery (CSRF) is a method of attacking a website in which an attacker need to convince the victim to click on a specially crafted HTML exploit page that will make a request to the vulnerable website on their behalf. This common but rathe...
Syrian Electronic Army Hacks UK based Media Websites

Syrian Electronic Army Hacks UK based Media Websites

Nov 27, 2014
Syrian Electronic Army (SEA) , a pro-hacker group supposed to be aligned with Syrian President Bashar al-Assad has again gain media attention by compromising a number of popular news websites and displayed a Thanksgiving popups informing people that they've been hacked. The Forbes, The Independent, The Chicago Tribune , The Daily Telegraph , The London Evening Standard, broadcaster CNBC, PC World and the US National Hockey League were among those popular websites affected by the group. This time they apparently targeted a third-party widget that is used by all those compromised websites. It is being reported that the hacker group found a way into registrar GoDaddy to compromise DNS records for the Gigya , a customer identity management platform used by all the sites. Although all site visitors were not affected by the attack, but some visitors using a line of Javascript were redirected to SEA web pages with the message " You've been hacked by the Syrian Elec...
From $22M in Ransom to +100M Stolen Records: 2025's All-Star SaaS Threat Actors to Watch

From $22M in Ransom to +100M Stolen Records: 2025's All-Star SaaS Threat Actors to Watch

Jan 06, 2025SaaS Security / Threat Detection
In 2024, cyber threats targeting SaaS surged, with 7,000 password attacks blocked per second (just in Entra ID)—a 75% increase from last year—and phishing attempts up by 58%, causing $3.5 billion in losses (source: Microsoft Digital Defense Report 2024 ). SaaS attacks are increasing, with hackers often evading detection through legitimate usage patterns. The cyber threat arena saw standout players, unexpected underdogs, and relentless scorers leaving their mark on the SaaS security playing field.  As we enter 2025, security teams must prioritize SaaS security risk assessments to uncover vulnerabilities, adopt SSPM tools for continuous monitoring, and proactively defend their systems. Here are the Cyber Threat All-Stars to watch out for—the MVPs, rising stars, and master strategists who shaped the game. 1. ShinyHunters: The Most Valuable Player Playstyle: Precision Shots (Cybercriminal Organization) Biggest Wins: Snowflake, Ticketmaster and Authy Notable Drama: Exploited on...
Expert Insights / Articles Videos
Cybersecurity Resources