The Hacker News Logo
Subscribe to Newsletter

The Hacker News – Most Popular Cyber Security, Hacking News Site: Web Application Security

Tumblr Patches A Flaw That Could Have Exposed Users’ Account Info

Tumblr Patches A Flaw That Could Have Exposed Users’ Account Info

October 17, 2018Swati Khandelwal
Tumblr today published a report admitting the presence of a security vulnerability in its website that could have allowed hackers to st...
Latest Joomla 3.7.1 Release Patches Critical SQL Injection Attack

Latest Joomla 3.7.1 Release Patches Critical SQL Injection Attack

May 17, 2017Mohit Kumar
If your website is based on the popular Joomla content management system, make sure you have updated your platform to the latest version ...
New Apache Struts Zero-Day Vulnerability Being Exploited in the Wild

New Apache Struts Zero-Day Vulnerability Being Exploited in the Wild

March 09, 2017Swati Khandelwal
Security researchers have discovered a Zero-Day vulnerability in the popular Apache Struts web application framework, which is being acti...
Yahoo Hacked Once Again! Quietly Warns Affected Users About New Attack

Yahoo Hacked Once Again! Quietly Warns Affected Users About New Attack

February 15, 2017Mohit Kumar
Has Yahoo rebuilt your trust again? If yes, then you need to think once again, as the company is warning its users of another hack. L...
Update — Hacker Claims to Have Hacked the FBI, But It Wasn't

Update — Hacker Claims to Have Hacked the FBI, But It Wasn't

January 05, 2017Mohit Kumar
Update: A hacker yesterday claimed to have hacked the FBI's website running on Plone CMS, but it seems it wasn't hacked using an...
Someone Hijacking Unsecured MongoDB Databases for Ransom

Someone Hijacking Unsecured MongoDB Databases for Ransom

January 03, 2017Swati Khandelwal
Nearly two years back, we warned users about publicly accessible MongoDB instances – almost 600 Terabytes (TB) – over the Internet which...
3 Critical Zero-Day Flaws Found in PHP 7 — One Remains Unpatched!

3 Critical Zero-Day Flaws Found in PHP 7 — One Remains Unpatched!

December 28, 2016Swati Khandelwal
Three critical zero-day vulnerabilities have been discovered in PHP 7 that could allow an attacker to take complete control over 80 perce...
Multiple Critical Remotely Exploitable Flaws Discovered in Memcached Caching System

Multiple Critical Remotely Exploitable Flaws Discovered in Memcached Caching System

November 01, 2016Swati Khandelwal
Hey Webmasters, are you using Memcached to boost the performance of your website? Beware! It might be vulnerable to remote hackers. T...
Researcher finds a way to Delete and Modify Facebook Messages Sent to Other Users

Researcher finds a way to Delete and Modify Facebook Messages Sent to Other Users

June 07, 2016Swati Khandelwal
Sometimes I receive emails from our readers who wanted to know how to hack Facebook account , but just to delete some of their messages t...
Joomla 3.4.5 patches Critical SQL Injection Vulnerability

Joomla 3.4.5 patches Critical SQL Injection Vulnerability

October 22, 2015Khyati Jain
Joomla – one of the most popular open source Content Management System (CMS) software packages, has reportedly patched three critical v...
WordPress Analytics Plugin Leaves 1.3 Million Sites Vulnerable to Hackers

WordPress Analytics Plugin Leaves 1.3 Million Sites Vulnerable to Hackers

February 25, 2015Mohit Kumar
A critical vulnerability has been discovered in one of the most popular plugins of the the WordPress content management platform that pu...
Google releases Cloud-based Web App Vulnerability Scanner and Assessment Tool

Google releases Cloud-based Web App Vulnerability Scanner and Assessment Tool

February 20, 2015Wang Wei
Google on Thursday unleashed its own free web application vulnerability scanner tool, which the search engine giant calls Google Cloud S...
Website Backdoor Scripts Leverage the Pastebin Service

Website Backdoor Scripts Leverage the Pastebin Service

January 07, 2015Mohit Kumar
The popular copy and paste website ' Pastebin ' created a decade ago for software developers and even by hackers groups to share...
Google App Engine — More than 30 Vulnerabilities Discovered

Google App Engine — More than 30 Vulnerabilities Discovered

December 07, 2014Swati Khandelwal
Security researchers have discovered a number of critical vulnerabilities in the Java environment of the Google App Engine (GAE) that en...
AliExpress WebSite Vulnerability Exposes Millions of Users' Private Information

AliExpress WebSite Vulnerability Exposes Millions of Users' Private Information

December 07, 2014Wang Wei
A critical, but easily exploitable personal information disclosure vulnerability has been discovered in the widely popular online market...
Yahoo Quickly Fixes SQL Injection Vulnerability Escalated to Remote Code Execution

Yahoo Quickly Fixes SQL Injection Vulnerability Escalated to Remote Code Execution

September 19, 2014Swati Khandelwal
Yahoo! was recently impacted by a critical web application vulnerabilities which left website's database and server vulnerable to ha...
Avira Vulnerability Puts Users' Online Backup Data At Risk

Avira Vulnerability Puts Users' Online Backup Data At Risk

September 19, 2014Wang Wei
A popular Anti-virus software Avira that provides free security software to its customers with Secure Backup service is vulnerable to a...
How to Detect SQL Injection Attacks

How to Detect SQL Injection Attacks

September 19, 2014Swati Khandelwal
SQL Injection (SQLi) attacks have been around for over a decade. You might wonder why they are still so prevalent. The main reason is t...
 Hacking Fiverr.com Accounts — Vulnerability Puts $50 Million Company At Risk

Hacking Fiverr.com Accounts — Vulnerability Puts $50 Million Company At Risk

August 16, 2014Swati Khandelwal
Fiverr.com, a global online marketplace which provides a platform for people to sell their services for five dollars per job, is vulnera...
Flickr Cross-Site Request Forgery Vulnerability Patched

Flickr Cross-Site Request Forgery Vulnerability Patched

August 06, 2014Wang Wei
Yahoo-owned Flickr, one of the biggest online photo management and sharing website in the world was recently impacted by a web application v...
Best Deals

Get Daily News Updates By Email

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.