The Hacker News Logo
Subscribe to Newsletter

The Hacker News — Cyber Security and Hacking News Website: website security

Drupal Releases Core CMS Updates to Patch Several Vulnerabilities

Drupal Releases Core CMS Updates to Patch Several Vulnerabilities

April 17, 2019Swati Khandelwal
Drupal, the popular open-source content management system, has released security updates to address multiple "moderately critical&qu...
Over 100 Million JustDial Users' Personal Data Found Exposed On the Internet

Over 100 Million JustDial Users' Personal Data Found Exposed On the Internet

April 17, 2019Mohit Kumar
An unprotected database belonging to JustDial , India's largest local search service, is leaking personally identifiable information ...
Critical Magento SQL Injection Vulnerability Discovered – Patch Your Sites

Critical Magento SQL Injection Vulnerability Discovered – Patch Your Sites

March 29, 2019Swati Khandelwal
If your online e-commerce business is running over the Magento platform, you must pay attention to this information. Magento yesterday...
New MageCart Attacks Target Bedding Retailers My Pillow and Amerisleep

New MageCart Attacks Target Bedding Retailers My Pillow and Amerisleep

March 20, 2019Mohit Kumar
Cybersecurity researchers today disclosed details of two newly identified Magecart attacks targeting online shoppers of bedding retailers ...
New WordPress Flaw Lets Unauthenticated Remote Attackers Hack Sites

New WordPress Flaw Lets Unauthenticated Remote Attackers Hack Sites

March 14, 2019Swati Khandelwal
If for some reason your WordPress-based website has not yet been automatically updated to the latest version 5.1.1, it's highly recom...
F5 Networks Acquires NGINX For $670 Million

F5 Networks Acquires NGINX For $670 Million

March 12, 2019Wang Wei
One of the most important software companies NGINX , which is also behind the very popular open-source web server of the same name, is b...
Hackers Actively Exploiting Latest Drupal RCE Flaw Published Last Week

Hackers Actively Exploiting Latest Drupal RCE Flaw Published Last Week

February 26, 2019Swati Khandelwal
Cybercriminals have actively started exploiting an already patched security vulnerability in the wild to install cryptocurrency miners on...
DHS Orders U.S. Federal Agencies to Audit DNS Security for Their Domains

DHS Orders U.S. Federal Agencies to Audit DNS Security for Their Domains

January 23, 2019Swati Khandelwal
The U.S. Department of Homeland Security (DHS) has today issued an "emergency directive" to all federal agencies ordering IT st...
From today, Google Chrome starts marking all non-HTTPS sites 'Not Secure'

From today, Google Chrome starts marking all non-HTTPS sites 'Not Secure'

July 24, 2018Mohit Kumar
Starting today with the release of Chrome 68, Google Chrome prominently marks all non-HTTPS websites as 'Not Secure' in its years-...
Nearly 2000 WordPress Websites Infected with a Keylogger

Nearly 2000 WordPress Websites Infected with a Keylogger

January 29, 2018Swati Khandelwal
More than 2,000 WordPress websites have once again been found infected with a piece of crypto-mining malware that not only steals the res...
Hidden Backdoor Found In WordPress Captcha Plugin Affects Over 300,000 Sites

Hidden Backdoor Found In WordPress Captcha Plugin Affects Over 300,000 Sites

December 20, 2017Swati Khandelwal
Buying popular plugins with a large user-base and using it for effortless malicious campaigns have become a new trend for bad actors. ...
Incapsula Updated Review — New Security Options, Improved Delivery and Reliability

Incapsula Updated Review — New Security Options, Improved Delivery and Reliability

September 06, 2017Unknown
It's been close to five years since we last looked at Incapsula , a security-focused CDN service known for its DDoS mitigation and w...
Over 70,000 Memcached Servers Still Vulnerable to Remote Hacking

Over 70,000 Memcached Servers Still Vulnerable to Remote Hacking

July 18, 2017Swati Khandelwal
Nothing in this world is fully secure, from our borders to cyberspace. I know vulnerabilities are bad, but the worst part comes in when p...
Google becomes its own Root Certificate Authority

Google becomes its own Root Certificate Authority

January 28, 2017Swati Khandelwal
In an effort to expand its certificate authority capabilities and build the "foundation of a more secure web," Google has final...
Critical PHPMailer Flaw leaves Millions of Websites Vulnerable to Remote Exploit

Critical PHPMailer Flaw leaves Millions of Websites Vulnerable to Remote Exploit

December 26, 2016Mohit Kumar
A critical vulnerability has been discovered in PHPMailer , which is one of the most popular open source PHP libraries to send emails use...
OpenSSL Releases Patch For "High" Severity Vulnerability

OpenSSL Releases Patch For "High" Severity Vulnerability

November 10, 2016Mohit Kumar
As announced on Tuesday, the OpenSSL project team released OpenSSL version 1.1.0c that addresses three security vulnerabilities in its soft...
Chinese Certificate Authority 'mistakenly' gave out SSL Certs for GitHub Domains

Chinese Certificate Authority 'mistakenly' gave out SSL Certs for GitHub Domains

August 29, 2016Swati Khandelwal
A Chinese certificate authority (CA) appeared to be making a significant security blunder by handing out duplicate SSL certificates for a...
4 Flaws hit HTTP/2 Protocol that could allow Hackers to Disrupt Servers

4 Flaws hit HTTP/2 Protocol that could allow Hackers to Disrupt Servers

August 03, 2016Swati Khandelwal
If you think that the HTTP/2 protocol is more secure than the standard HTTP ( Hypertext Transfer Protocol ), then you might be wrong, as...
Several Critical Remotely Exploitable Flaws Found in Drupal Modules, patch ASAP!

Several Critical Remotely Exploitable Flaws Found in Drupal Modules, patch ASAP!

July 13, 2016Swati Khandelwal
The extraordinary ' Panama Papers leak ' from Law firm Mossack Fonseca that exposed the tax-avoiding efforts by the world's r...
Pornhub Launches Bug Bounty Program; Offering Reward up to $25,000

Pornhub Launches Bug Bounty Program; Offering Reward up to $25,000

May 11, 2016Swati Khandelwal
With the growing number of cyber attacks and data breaches, a significant number of companies and organizations have started Bug Bounty P...
Exclusive Deals

Get Daily News Updates By Email

Join over 350,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.