Shodan search engine | Breaking Cybersecurity News | The Hacker News

This may sound crazy, but it's true! The war for "most-subscribed Youtube channel" crown between T-Series and PewDiePie just took an interesting turn after a hacker yesterday hijacked more than 50,000 internet-connected printers worldwide to print out flyers asking everyone to subscribe to PewDiePie YouTube channel. PewDiePie, whose real name is Felix Kjellberg, is a famous YouTuber from Sweden known for his game commentary and pranks and has had the most subscribers on YouTube since 2013. However, the channel owned by Bollywood record label T-Series has been catching up in recent months, and now both are hovering around 72.5 million YouTube subscribers. From this fear that PewDiePie won't remain the number one most-subscribed YouTuber in the world, an anonymous hacker (probably his die-hard fan) with the Twitter username " TheHackerGiraffe " came up with a hackish idea. TheHackerGiraffe scanned the Internet to find the list of vulnerable printers...

Rapidly growing, insecure internet-connected devices are becoming albatross around the necks of individuals and organizations with malware authors routinely hacking them to form botnets that can be further used as weapons in DDoS and other cyber attacks. But now finding malicious servers, hosted by attackers, that control botnet of infected machines gets a bit easier. Thanks to Shodan and Recorded Future. Shodan and Recorded Future have teamed up and launched Malware Hunter – a crawler that scans the Internet regularly to identify botnet command and control (C&C) servers for various malware and botnets. Command-and-control servers ( C&C servers ) are centralized machines that control the bots ( computers, smart appliances or smartphones ), typically infected with Remote Access Trojans or data-stealing malware, by sending commands and receiving data. Malware Hunter results have been integrated into Shodan – a search engine designed to gather and list information abo...

It's more than two and half years since the discovery of the critical OpenSSL Heartbleed vulnerability , but the flaw is still alive as it appears that many organizations did not remediate properly to the serious security glitch. It was one of the biggest flaws in the Internet's history that affected the core security of as many as two-thirds of the world's servers i.e. half a million servers at the time of its discovery in April 2014. However, the critical bug still affects more than 199,500 systems even after 2 years and 9 months have already passed, according to a new report published today on Shodan, a search engine that scans for vulnerable devices. Over 199,500 Systems Still Vulnerable to Heartbleed Heartbleed (CVE-2014-0160) was a serious bug in the OpenSSL's implementation of the TLS/DTLS heartbeat extension that allowed attackers to read portions of the affected server's memory, potentially revealing users data that the server isn't intended to re...

Detecting leaked credentials is only half the battle. The real challenge—and often the neglected half of the equation—is what happens after detection. New research from GitGuardian's State of Secrets Sprawl 2025 report reveals a disturbing trend: the vast majority of exposed company secrets discovered in public repositories remain valid for years after detection, creating an expanding attack surface that many organizations are failing to address. According to GitGuardian's analysis of exposed secrets across public GitHub repositories, an alarming percentage of credentials detected as far back as 2022 remain valid today: "Detecting a leaked secret is just the first step," says GitGuardian's research team. "The true challenge lies in swift remediation." Why Exposed Secrets Remain Valid This persistent validity suggests two troubling possibilities: either organizations are unaware their credentials have been exposed (a security visibility problem),...

Meet an all-new Hacker's Search Engine similar to Shodan – Censys . At the end of last month, security researchers from SEC Consult found that the lazy manufacturers of home routers and Internet of Things (IoT) devices have been re-using the same set of hard-coded cryptographic keys , leaving around 3 millions of IoT devices open to mass hijacking. But how did the researchers get this number? Researchers uncovered these devices with the help of Censys – a new search engine that daily scans the whole Internet for all the vulnerable devices. Censys Maintains Complete Database of Everything on The Internet Censys is similar to hacker's search engine Shodan , which is designed specifically to locate any devices that have been carelessly plugged into the Internet without much attempt at preventing unauthorized access. However, Censys employs a more advanced method to find vulnerabilities in the devices and make the Internet a safer place. Censys is a fre...

Nearly 40,000 organisations running MongoDB , a NoSQL high performance and cross-platform document-oriented database, are found to be unprotected and vulnerable to hackers. Three students from University of Saarland in Germany at the Centre for IT Security – Kai Greshake, Eric Petryka and Jens Heyens – discovered that MongoDB databases running at TCP port 27017 as a service on several thousands of commercial web servers are easily accessible on the Internet. MongoDB is an open-source database used by companies of all sizes, across all industries for a wide variety of applications. MongoDB is built for scalability, performance and high availability, scaling from single server deployments to large, complex multi-site architectures. By leveraging in-memory computing, MongoDB provides high performance for both reads and writes. The German researchers said that they were able to get "read and write access" to the unsecured MongoDB databases without using any sp...

Have you ever used Shodan search engine? A publicly available service crawls the Internet looking for connected devices and list their open ports, services running, system information etc. Shodan search engine is majorly used by Hackers, developers, students and anyone else with a sense of curiosity to find Internet-facing vulnerable systems with open ports and insecure mechanisms for authentication and authorization i.e. Servers, Internet-Connected Cameras, Traffic Lights, And SCADA Systems. According to latest revelation from the whistleblower Edward Snowden , British spy agency GCHQ – counterpart of NSA – apparently uses their own port scanning service to target internet-connected systems in at least 27 countries, in an attempt to potentially exploit them. In top-secret documents published by Heise on Friday, the Port-scan is a part of the "Hacienda" program which scans for open ports on all public-facing servers to find out vulnerable applications running on the...