The Hacker News Logo
Click to Subscribe

The Hacker News - Cybersecurity News and Analysis: php security

Watch Out IT Admins! Two Unpatched Critical RCE Flaws Disclosed in rConfig

Watch Out IT Admins! Two Unpatched Critical RCE Flaws Disclosed in rConfig

November 03, 2019Swati Khandelwal
If you're using the popular rConfig network configuration management utility to protect and manage your network devices, here we hav...
New PHP Flaw Could Let Attackers Hack Sites Running On Nginx Servers

New PHP Flaw Could Let Attackers Hack Sites Running On Nginx Servers

October 26, 2019Mohit Kumar
If you're running any PHP based website on NGINX server and have PHP-FPM feature enabled for better performance, then beware of a new...
Multiple Code Execution Flaws Found In PHP Programming Language

Multiple Code Execution Flaws Found In PHP Programming Language

September 06, 2019Wang Wei
Maintainers of the PHP programming language recently released the latest versions of PHP to patch multiple high-severity vulnerabilities ...
Hackers Actively Exploiting Widely-Used Social Share Plugin for WordPress

Hackers Actively Exploiting Widely-Used Social Share Plugin for WordPress

April 23, 2019Swati Khandelwal
Hackers have been found exploiting a pair of critical security vulnerabilities in one of the popular social media sharing plugins to take...
Drupal Releases Core CMS Updates to Patch Several Vulnerabilities

Drupal Releases Core CMS Updates to Patch Several Vulnerabilities

April 17, 2019Swati Khandelwal
Drupal, the popular open-source content management system, has released security updates to address multiple "moderately critical&qu...
phpMyAdmin Releases Critical Software Update — Patch Your Sites Now!

phpMyAdmin Releases Critical Software Update — Patch Your Sites Now!

December 11, 2018Mohit Kumar
Developers of phpMyAdmin, one of the most popular and widely used MySQL database management systems, today released an updated version 4.8...
Symfony Flaw Leaves Drupal Sites Vulnerable to Hackers—Patch Now

Symfony Flaw Leaves Drupal Sites Vulnerable to Hackers—Patch Now

August 03, 2018Mohit Kumar
It's time to update your Drupal websites. Drupal, the popular open-source content management system, has released a new version of i...
3 Critical Zero-Day Flaws Found in PHP 7 — One Remains Unpatched!

3 Critical Zero-Day Flaws Found in PHP 7 — One Remains Unpatched!

December 29, 2016Swati Khandelwal
Three critical zero-day vulnerabilities have been discovered in PHP 7 that could allow an attacker to take complete control over 80 perce...
Critical PHPMailer Flaw leaves Millions of Websites Vulnerable to Remote Exploit

Critical PHPMailer Flaw leaves Millions of Websites Vulnerable to Remote Exploit

December 26, 2016Mohit Kumar
A critical vulnerability has been discovered in PHPMailer , which is one of the most popular open source PHP libraries to send emails use...
PornHub Pays Hackers $20,000 to Find Zero-day Flaws in its Website

PornHub Pays Hackers $20,000 to Find Zero-day Flaws in its Website

July 25, 2016Wang Wei
Cyber attacks get bigger, smarter, more damaging. P*rnHub launched its bug bounty program two months ago to encourage hackers and bug...
These Top 10 Programming Languages Have Most Vulnerable Apps on the Internet

These Top 10 Programming Languages Have Most Vulnerable Apps on the Internet

December 04, 2015Swati Khandelwal
A new research showed that Scripting languages, in general, give birth to more security vulnerabilities in web applications, which raise...
Vulnerability in WPTouch WordPress Plugin Allows Hackers to Upload PHP backdoors

Vulnerability in WPTouch WordPress Plugin Allows Hackers to Upload PHP backdoors

July 15, 2014Mohit Kumar
If you own a mobile version for your Wordpress website using the popular WPtouch plugin, then you may expose to a critical vulnerability...
Disqus Wordpress Plugin Flaw Leaves Millions of Blogs Vulnerable to Hackers

Disqus Wordpress Plugin Flaw Leaves Millions of Blogs Vulnerable to Hackers

June 30, 2014Swati Khandelwal
A Remote code execution (RCE) vulnerability has been discovered in the comment and discussion service, Disqus plugin for the most popul...
Securing Passwords with Bcrypt Hashing Function

Securing Passwords with Bcrypt Hashing Function

April 10, 2014Anonymous
Passwords are the first line of defense against cyber criminals. It is the most vital secret of every activity we do over the internet ...
MediaWiki Remote Code Execution vulnerability leaves Wikipedia open for Cyber attacks

MediaWiki Remote Code Execution vulnerability leaves Wikipedia open for Cyber attacks

January 30, 2014Anonymous
The Encyclopedia giant WIKIPEDIA has been found vulnerable to remote code execution because of a critical flaw in the MediaWiki softwa...
Yahoo fixes Critical Remote Command Execution vulnerability

Yahoo fixes Critical Remote Command Execution vulnerability

January 26, 2014Mohit Kumar
Cyber Security Expert and Penetration tester, Ebrahim Hegazy has found a serious vulnerability in Yahoo's website that allows an a...
Hacker demonstrated 'Remote Code Execution' vulnerability on EBay website

Hacker demonstrated 'Remote Code Execution' vulnerability on EBay website

December 13, 2013Mohit Kumar
A German Security researcher has demonstrated a critical  vulnerability on Ebay website, world's biggest eStore. According to David Vi...
Critical vulnerability in Twitter allows attacker to upload Unrestricted Files

Critical vulnerability in Twitter allows attacker to upload Unrestricted Files

October 30, 2013Anonymous
Security expert Ebrahim Hegazy , Cyber Security Analyst Consultant at Q-CERT, has found a serious vulnerability in Twitter that allows a...
Google detected Malware on PHP.net website; Flagged as 'Suspicious' site

Google detected Malware on PHP.net website; Flagged as 'Suspicious' site

October 24, 2013Mohit Kumar
If you are today trying to visit the php.net website, an official website of the PHP scripting language, you will likely see the above s...
OpenX Advertising Network hacked and backdoor Injected

OpenX Advertising Network hacked and backdoor Injected

August 07, 2013Mohit Kumar
OpenX, a leading provider of digital and mobile advertising technology has accordingly served backdoors that are injected into the Code...
Exclusive Deals

Stay Informed — Newsletter Sign Up

Sign up for THN newsletter and get our latest stories delivered straight to your inbox.