#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Insider Risk Management

Reddit | Breaking Cybersecurity News | The Hacker News

Reddit Suffers Security Breach Exposing Internal Documents and Source Code

Reddit Suffers Security Breach Exposing Internal Documents and Source Code

Feb 10, 2023 Data Breach / Source Code
Popular social news aggregation platform Reddit has disclosed that it was the victim of a security incident that enabled unidentified threat actors to gain unauthorized access to internal documents, code, and some unspecified business systems. The company blamed it on a "sophisticated and highly-targeted phishing attack" that took place on February 5, 2023, aimed at its employees. The attack entailed sending out "plausible-sounding prompts" that redirected to a website masquerading as Reddit's intranet portal in an attempt to steal credentials and two-factor authentication (2FA) tokens. A single employee's credentials is said to have been phished in this manner, enabling the threat actor to access Reddit's internal systems. The affected employee self-reported the hack, it further added. The company, however, stressed that there is no evidence to suggest that its production systems were breached or that users' non-public data had been compromise
Reddit Hacked – Emails, Passwords, Private Messages Stolen

Reddit Hacked – Emails, Passwords, Private Messages Stolen

Aug 02, 2018
Another day, another significant data breach. This time the victim is Reddit... seems someone is really pissed off with Reddit's account ban policy or bias moderators. Reddit social media network today announced that it suffered a security breach in June that exposed some of its users' data, including their current email addresses and an old 2007 database backup containing usernames and hashed passwords. According to Reddit, the unknown hacker(s) managed to gain read-only access to some of its systems that contained its users' backup data, source code, internal logs, and other files. In a post published to the platform Wednesday, Reddit Chief Technology Officer Christopher Slowe admitted that the hack was a serious one, but assured its users that the hackers did not gain access to Reddit systems. "[The attackers] were not able to alter Reddit information, and we have taken steps since the event to further lock down and rotate all production secrets and API k
RIP Aaron Swartz, A legendary Internet Activist

RIP Aaron Swartz, A legendary Internet Activist

Jan 13, 2013
Aaron Swartz has committed suicide on January 11, 2013 in New York City.  I have long been fought if you write something about this extraordinary boy, but not dedicate a tribute would be a shame. Aaron Swartz has decided to leave a huge void in the IT scenario.  For me, as the entire world he is a legend, a guy that has profoundly changed our daily work. Aaron Swartz is an eclectic persona; he is an hacker and active activist, co-founder of social news website Reddit and founder of the group Demand Progress. The EFF in a blog post states: " Aaron did more than almost anyone to make the Internet a thriving ecosystem for open knowledge, and to keep it that way. His contributions were numerous, and some of them were indispensable. When we asked him in late 2010 for help in stopping COICA, the predecessor to the SOPA and PIPA Internet blacklist bills, he founded an organization called Demand Progress, which mobilized over a million online activists and proved to be an inval
cyber security

Protecting Your Organization From Insider Threats - All You Need to Know

websiteWing SecuritySaaS Security
Get practical insights and strategies to manage inadequate offboarding and insider risks effectively.
New Guide: How to Scale Your vCISO Services Profitably

New Guide: How to Scale Your vCISO Services Profitably

May 09, 2024vCISO / Regulatory Compliance
Cybersecurity and compliance guidance are in high demand among SMEs. However, many of them cannot afford to hire a full-time CISO. A  v CISO can answer this need by offering on-demand access to top-tier cybersecurity expertise. This is also an opportunity for MSPs and MSSPs to grow their business and bottom line. MSPs and MSSPs that expand their offerings and provide vCISO services will cater to SME requirements and concerns. By answering this market gap, they can grow their customer base as well as upsell to existing clients. This will lead to recurring revenue and increased profitability. Developing and scaling vCISO services requires a well-thought-out plan. This will help guide you through the required processes, anticipate and overcome challenges and optimize resource use. To aid you, we introduce a comprehensive and actionable  guide: "How to Scale Your vCISO Services Profitably" . The guide was developed based on the experience of industry leader  Cynom i, who has helped hun
Developer expelled by Google Play Store on posting Malicious Android apps

Developer expelled by Google Play Store on posting Malicious Android apps

Jan 01, 2013
Google Play Developer Console enables developers to easily publish and distribute their applications directly to users of Android-compatible phones. Recently someone posted on Reddit that a developer is trying to spread malware by masquerading infected programs as legitimate software. The account of the developer called, " apkdeveloper " and readers spotted that they are posting fake malware apps by names of famous android games and apps, using the word "Super" as suffix to them, making them seem as an upgraded version of the game. The users can find the difference between the real app and malicious app by observing the device permissions, like as compared to the simple permissions like network access and read write access of the original Temple Run app, the ' Temple Run Super ' app asks for sensitive information like location, phone status, identity and access to user accounts. After many report abuse Google Play has removed the developer from the store p
Cybersecurity
Expert Insights
Cybersecurity Resources