The Hacker News Logo
Subscribe to Newsletter

The Hacker News – Most Popular Cyber Security, Hacking News Site: website security

From today, Google Chrome starts marking all non-HTTPS sites 'Not Secure'

From today, Google Chrome starts marking all non-HTTPS sites 'Not Secure'

July 24, 2018Mohit Kumar
Starting today with the release of Chrome 68, Google Chrome prominently marks all non-HTTPS websites as 'Not Secure' in its years-...
Nearly 2000 WordPress Websites Infected with a Keylogger

Nearly 2000 WordPress Websites Infected with a Keylogger

January 29, 2018Swati Khandelwal
More than 2,000 WordPress websites have once again been found infected with a piece of crypto-mining malware that not only steals the res...
Hidden Backdoor Found In WordPress Captcha Plugin Affects Over 300,000 Sites

Hidden Backdoor Found In WordPress Captcha Plugin Affects Over 300,000 Sites

December 19, 2017Swati Khandelwal
Buying popular plugins with a large user-base and using it for effortless malicious campaigns have become a new trend for bad actors. ...
Incapsula Updated Review — New Security Options, Improved Delivery and Reliability

Incapsula Updated Review — New Security Options, Improved Delivery and Reliability

September 05, 2017Mohit Kumar
It's been close to five years since we last looked at Incapsula , a security-focused CDN service known for its DDoS mitigation and w...
Over 70,000 Memcached Servers Still Vulnerable to Remote Hacking

Over 70,000 Memcached Servers Still Vulnerable to Remote Hacking

July 18, 2017Swati Khandelwal
Nothing in this world is fully secure, from our borders to cyberspace. I know vulnerabilities are bad, but the worst part comes in when p...
Google becomes its own Root Certificate Authority

Google becomes its own Root Certificate Authority

January 27, 2017Swati Khandelwal
In an effort to expand its certificate authority capabilities and build the "foundation of a more secure web," Google has final...
Critical PHPMailer Flaw leaves Millions of Websites Vulnerable to Remote Exploit

Critical PHPMailer Flaw leaves Millions of Websites Vulnerable to Remote Exploit

December 26, 2016Mohit Kumar
A critical vulnerability has been discovered in PHPMailer , which is one of the most popular open source PHP libraries to send emails use...
OpenSSL Releases Patch For "High" Severity Vulnerability

OpenSSL Releases Patch For "High" Severity Vulnerability

November 10, 2016Mohit Kumar
As announced on Tuesday, the OpenSSL project team released OpenSSL version 1.1.0c that addresses three security vulnerabilities in its soft...
Chinese Certificate Authority 'mistakenly' gave out SSL Certs for GitHub Domains

Chinese Certificate Authority 'mistakenly' gave out SSL Certs for GitHub Domains

August 29, 2016Swati Khandelwal
A Chinese certificate authority (CA) appeared to be making a significant security blunder by handing out duplicate SSL certificates for a...
4 Flaws hit HTTP/2 Protocol that could allow Hackers to Disrupt Servers

4 Flaws hit HTTP/2 Protocol that could allow Hackers to Disrupt Servers

August 03, 2016Swati Khandelwal
If you think that the HTTP/2 protocol is more secure than the standard HTTP ( Hypertext Transfer Protocol ), then you might be wrong, as...
Several Critical Remotely Exploitable Flaws Found in Drupal Modules, patch ASAP!

Several Critical Remotely Exploitable Flaws Found in Drupal Modules, patch ASAP!

July 13, 2016Swati Khandelwal
The extraordinary ' Panama Papers leak ' from Law firm Mossack Fonseca that exposed the tax-avoiding efforts by the world's r...
Pornhub Launches Bug Bounty Program; Offering Reward up to $25,000

Pornhub Launches Bug Bounty Program; Offering Reward up to $25,000

May 11, 2016Swati Khandelwal
With the growing number of cyber attacks and data breaches, a significant number of companies and organizations have started Bug Bounty P...
High-Severity OpenSSL Vulnerability allows Hackers to Decrypt HTTPS Traffic

High-Severity OpenSSL Vulnerability allows Hackers to Decrypt HTTPS Traffic

May 04, 2016Mohit Kumar
OpenSSL has released a series of patches against six vulnerabilities, including a pair of high-severity flaws that could allow attackers ...
Google makes it mandatory for Chrome Apps to tell Users what Data they collect

Google makes it mandatory for Chrome Apps to tell Users what Data they collect

April 19, 2016Mohit Kumar
In Brief Chrome apps and extensions make things easier, but they can also do terrible things like spy on web users and collect their p...
More than 1 Million Websites Install Free SSL Certificate (and Counting...)

More than 1 Million Websites Install Free SSL Certificate (and Counting...)

March 08, 2016Swati Khandelwal
Let's Encrypt has achieved another big milestone by issuing 1 million free Transport Layer Security (TLS) SSL Certificates to webma...
Critical Flaws in Magento leave Millions of E-Commerce Sites at Risk

Critical Flaws in Magento leave Millions of E-Commerce Sites at Risk

January 26, 2016Swati Khandelwal
If you are using Magento to run your e-commerce website, it's time for you to update the CMS ( content management system ) now. ...
How to Install Let's Encrypt Free SSL Certificate On Your Website

How to Install Let's Encrypt Free SSL Certificate On Your Website

December 03, 2015Swati Khandelwal
Another Big Milestone – Let's Encrypt is now offering Free HTTPS certificates to everyone. Let's Encrypt has opened to the ...
Linux Ransomware targeting Servers and Threatening Webmasters to Pay

Linux Ransomware targeting Servers and Threatening Webmasters to Pay

November 09, 2015Swati Khandelwal
Since past few years, Ransomware has emerged as one of the catastrophic malware programs that lets hacker encrypts all the contents of a...
When a 'Hacker News' Reader Tricked Me into visiting this Amazing Site (Don't Click at Work)

When a 'Hacker News' Reader Tricked Me into visiting this Amazing Site (Don't Click at Work)

September 19, 2015Swati Khandelwal
My usual bed routine is to check comments under my articles before I go to sleep. The same I was doing last night, but something weird h...
Best Deals

Get Daily News Updates By Email

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.