The Hacker News Logo
Click to Subscribe

The Hacker News — Latest Cyber Security News: Web Application Security

Joomla 3.4.5 patches Critical SQL Injection Vulnerability

Joomla 3.4.5 patches Critical SQL Injection Vulnerability

October 23, 2015Khyati Jain
Joomla – one of the most popular open source Content Management System (CMS) software packages, has reportedly patched three critical v...
WordPress Analytics Plugin Leaves 1.3 Million Sites Vulnerable to Hackers

WordPress Analytics Plugin Leaves 1.3 Million Sites Vulnerable to Hackers

February 25, 2015Mohit Kumar
A critical vulnerability has been discovered in one of the most popular plugins of the the WordPress content management platform that pu...
Google releases Cloud-based Web App Vulnerability Scanner and Assessment Tool

Google releases Cloud-based Web App Vulnerability Scanner and Assessment Tool

February 20, 2015Wang Wei
Google on Thursday unleashed its own free web application vulnerability scanner tool, which the search engine giant calls Google Cloud S...
Website Backdoor Scripts Leverage the Pastebin Service

Website Backdoor Scripts Leverage the Pastebin Service

January 08, 2015Mohit Kumar
The popular copy and paste website ' Pastebin ' created a decade ago for software developers and even by hackers groups to share...
Google App Engine — More than 30 Vulnerabilities Discovered

Google App Engine — More than 30 Vulnerabilities Discovered

December 08, 2014Swati Khandelwal
Security researchers have discovered a number of critical vulnerabilities in the Java environment of the Google App Engine (GAE) that en...
AliExpress WebSite Vulnerability Exposes Millions of Users' Private Information

AliExpress WebSite Vulnerability Exposes Millions of Users' Private Information

December 08, 2014Wang Wei
A critical, but easily exploitable personal information disclosure vulnerability has been discovered in the widely popular online market...
Yahoo Quickly Fixes SQL Injection Vulnerability Escalated to Remote Code Execution

Yahoo Quickly Fixes SQL Injection Vulnerability Escalated to Remote Code Execution

September 20, 2014Swati Khandelwal
Yahoo! was recently impacted by a critical web application vulnerabilities which left website's database and server vulnerable to ha...
Avira Vulnerability Puts Users' Online Backup Data At Risk

Avira Vulnerability Puts Users' Online Backup Data At Risk

September 20, 2014Wang Wei
A popular Anti-virus software Avira that provides free security software to its customers with Secure Backup service is vulnerable to a...
How to Detect SQL Injection Attacks

How to Detect SQL Injection Attacks

September 19, 2014Swati Khandelwal
SQL Injection (SQLi) attacks have been around for over a decade. You might wonder why they are still so prevalent. The main reason is t...
 Hacking Fiverr.com Accounts — Vulnerability Puts $50 Million Company At Risk

Hacking Fiverr.com Accounts — Vulnerability Puts $50 Million Company At Risk

August 16, 2014Swati Khandelwal
Fiverr.com, a global online marketplace which provides a platform for people to sell their services for five dollars per job, is vulnera...
Flickr Cross-Site Request Forgery Vulnerability Patched

Flickr Cross-Site Request Forgery Vulnerability Patched

August 06, 2014Wang Wei
Yahoo-owned Flickr, one of the biggest online photo management and sharing website in the world was recently impacted by a web application v...
Jobvite Recruitment Service Website Vulnerable to Hackers

Jobvite Recruitment Service Website Vulnerable to Hackers

August 04, 2014Swati Khandelwal
Jobvite , a recruiting platform for the social web, is found vulnerable to the most common, but critical web application vulnerabilities...
MediaWiki Remote Code Execution vulnerability leaves Wikipedia open for Cyber attacks

MediaWiki Remote Code Execution vulnerability leaves Wikipedia open for Cyber attacks

January 30, 2014Anonymous
The Encyclopedia giant WIKIPEDIA has been found vulnerable to remote code execution because of a critical flaw in the MediaWiki softwa...
Yahoo fixes Critical Remote Command Execution vulnerability

Yahoo fixes Critical Remote Command Execution vulnerability

January 26, 2014Mohit Kumar
Cyber Security Expert and Penetration tester, Ebrahim Hegazy has found a serious vulnerability in Yahoo's website that allows an a...
Hacker demonstrated 'Remote Code Execution' vulnerability on EBay website

Hacker demonstrated 'Remote Code Execution' vulnerability on EBay website

December 13, 2013Mohit Kumar
A German Security researcher has demonstrated a critical  vulnerability on Ebay website, world's biggest eStore. According to David Vi...
Thousands of websites based on Ruby on Rails vulnerable to Cookie Handling flaw

Thousands of websites based on Ruby on Rails vulnerable to Cookie Handling flaw

November 29, 2013Anonymous
Ruby on Rails contains a flaw in its design that may allow attackers to more easily access applications. Websites that rely on Ruby on Rails...
Hacker stole $100,000 from Users of California based ISP using SQL Injection

Hacker stole $100,000 from Users of California based ISP using SQL Injection

October 22, 2013Mohit Kumar
In 2013 we have seen a dramatic increase in the number of hack attacks attempted against banks, credit unions and utility companies usin...
Web Application Security : PHP SuperGlobal Variables are vulnerable to Hackers

Web Application Security : PHP SuperGlobal Variables are vulnerable to Hackers

September 09, 2013Mohit Kumar
Hackers are focusing on vulnerabilities in the PHP web application development platform threatening 80% websites in the world, including...
Microsoft's Social network Yammer vulnerable to OAuth Bypass hack

Microsoft's Social network Yammer vulnerable to OAuth Bypass hack

August 04, 2013Mohit Kumar
Yammer , is the Enterprise Social Network service that was launched in 2008 and sold to Microsoft in 2012. Yammer is a secure, priva...
Exclusive Deals

Stay Informed — Newsletter Sign Up

Sign up for THN newsletter and get our latest stories delivered straight to your inbox.