The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

3 university websites database exploited by FR0664/FCA sci.nu.ac.th - Faculty Of Science - Naresuan University Thaïland https://pastebin.com/Yv8iuUPY frsr.utn.edu.ar - Universidad Tecnológica Nacional - Facultad Regional Santa Fe https://pastebin.com/pXLQYmMH eswap.ca - Where You Swap To Gain https://pastebin.com/RvNLzHYq

Yahoo! PH Purple Hunt 2.0 Ad Compromised ! Earlier the other day, I was browsing through the Yahoo! PH site and the Yahoo! Purple Hunt 2.0 ad caught my attention. Curious as I am, I clicked on the ad and surprisingly my browser downloaded a suspicious file named com.com. Apparently this ad redirected me to a randomly generated URL similar to the following which, unfortunately, led to the malicious download: hxxp://want6.{BLOCKED}.com/se/3da19bea8f9c03e96c9b1acad9cce5a88a2244f0a34d69 c09b8d3198b2797726789be0228c0df3c762ed088a2327b07f4a183fa6fa753b0acfd7f0afc2d2b 13b801ba978269fcda413f53e/960b0a2a/com.com hxxp://nose8.{BLOCKED}.com/se/3da19bea8f9c03e96c9b1acad9cce5a88a2244f0a34d69c 09b8d3198b2797726789be0228c0df3c762ed088a2327b07f4a183fa6fa753b0acfd7f0afc2d2b 13b801ba978269fcda413f53e/960b0a2a/com.com hxxp://letter6.{BLOCKED}.com/se/3da19bea8f9c03e96c9b1acad9cce5a88a2244f0a34d69c0 9b8d3198b2797726789be0228c0f3c762ed088a2327b07f4a183fa6fa753b0acfd7f0afc2d2b13 b801ba978269...

India's Railway Email System hacked by Pakistan Cyber Army ! The Indian Railway Email System is Hacked by Pakistan Cyber Army (pca), They have taken complete backup of all important mails and user-pass of all email id's . Have a look to the images below as HACK PROOF and thier statement on this Hack attack. Statement By Pakistan Cyber Army : Dear All, Answer to Indian hackers for hacking the server of Pakistan Air Force We are Pakistan Cyber Army (Real PCA is Reality). Many times we told Indian hackers out there from various groups that don't mess with any Pakistani site or server especially systems from government organizations. We observe another attack on 22nd April 2011 at Pakistan Air Force Server backup server and other 8 machines on the same network. We would like to tell you that Pakistan Cyber Army is looking at each and every move you do on the cyber front of Pakistan. Indian hackers were unable to do anything accept taking screenshot of the serv...

While phishing and ransomware dominate headlines, another critical risk quietly persists across most enterprises: exposed Git repositories leaking sensitive data. A risk that silently creates shadow access into core systems Git is the backbone of modern software development, hosting millions of repositories and serving thousands of organizations worldwide. Yet, amid the daily hustle of shipping code, developers may inadvertently leave behind API keys, tokens, or passwords in configuration files and code files, effectively handing attackers the keys to the kingdom. This isn't just about poor hygiene; it's a systemic and growing supply chain risk. As cyber threats become more sophisticated, so do compliance requirements. Security frameworks like NIS2, SOC2, and ISO 27001 now demand proof that software delivery pipelines are hardened and third-party risk is controlled. The message is clear: securing your Git repositories is no longer optional, it's essential. Below, we look at the ris...

Pangolin v3.2.3 Released, Download Now ! "Pangolin is a penetration testing, SQL Injection test tool on database security. It finds SQL Injection vulnerabitlities.Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user"s specific DBMS tables/columns, run his own SQL statement, read specific files on the file system and more." This is the updated change log: Speed up in fast mode when MySQL database later than 4.x. Speed up when dump Microsoft SQL Server 2005/2008 database. Enhance the injection ability of Informix database. Add feature to manual keywords selection. Fix the bug dump data incomplete in byte-by-byte mode. Enhance the ability in...

Albanian Ministry of Justice Exploited by ATH-Cr3w ATH-Cr3w Hack into Albanian Ministry of Justice's Website and Extract Database + Do Admin access. They Upload data here :  https://pastebin.com/y4nDWBVt

The Social-Engineer Toolkit v1.3.5 Released ! "The Social Engineering Toolkit (SET) is a python-driven suite of custom tools which solely focuses on attacking the human element of penetration testing. It's main purpose is to augment and simulate social-engineering attacks and allow the tester to effectively test how a targeted attack may succeed." This is the official change log: Fixed a bug where create payload and listener wouldn't work for the new SET interactive shell or RATTE Updated the SET User Manual for version 1.3.5 Fixed the core.log(error) core library to properly log potential errors within SET Updated the SET interactive listener to hold over nearly unlimited connections versus the 30 it was initially limited to Turned the Java Repeater off by default, still a bit buggy, feel free to turn on if you want it Added an automatic selection for the Sun Java Applet2ClassLoader Remote Code Execution to select java meterpreter since it is specific to the java meterpret...

Infondlinux - Security tools install script for Ubuntu ! infondlinux is a post configuration script for Ubuntu Linux. It installs useful security tools and firefox addons. Tools installed by script are listed at the beginning of source code. # download: $ wget https://infondlinux.googlecode.com/svn/trunk/infondlinux.sh # install: $ sudo infondlinux.sh Pakages : # debian packages # - imagemagick # - vim # - less # - gimp # - build-essential # - wipe # - xchat # - pidgin # - vlc # - nautilus-open-terminal # - nmap # - zenmap # - sun-java6-plugin et jre et jdk # - bluefish # - flash-plugin-nonfree # - aircrack-ng # - wireshark # - ruby # - ascii # - webhttrack # - socat # - nasm # - w3af # - subversion # - wireshark # - mercurial # - libopenssl-ruby # - ruby-gnome2 # - traceroute # - filezilla # - gnupg # - rubygems # - php5 # - libapache2-mod-php5 # - mysql-server # - php5-mysql # - phpmyadmin # - extract # - p0f # - spikeproxy # - ettercap # - dsniff : # * arpsp...

Mandriva 2011 Beta 2 is Available for Testing ! Mandriva 2011 beta 2 was supposed to be released a week ago, but the release schedule was delayed by last minute defects discovered by the development and testing teams. In order to get hold of beta 2, you can visit your favorite Mandriva mirror and check devel/iso/2011. Beta testers are fortunate enough to lay their hands on new login manager functionalities, a new launcher and welcome application, overall look and feel enhancements, new panel, LibreOffice 3.3.0, and new artwork with a default theme. That is what you all see on the surface. At the core, the release is equipped with the latest kernel 2.6.38.3, gcc 4.6.0, systemd 24, and many more system and application packages. Mandriva beta 2 is available for both 32 bit and 64 bit Intel architectures, in the form of Live CDs, which can be installed in the system on demand. Download: Mandriva.2011-beta2.i586.iso (1,492MB) Mandriva.2011-beta2.x86_64.iso (1,520MB)

CMR Collage  Bangalore Website Hacked by  lionaneesh Hack Proof: Hacked site :  https://www.cmredu.com

PlayStation Network Hacked, Information leaked ! Update :  [THN] The Hacker News Exclusive Report on Sony 3rd Attack Issue ! While the PlayStation Network is down, a lot of gamers are curious as to what have been the reasons to this outrageous downtime. Today, Media Molecule said that the PSN is once again, hacked. According to the post that Media Molecule posted today, the PSN is hacked and it warned users not to enter any personal information including credit card, etc until the PSN website says it's okay. Here's what Media Molecule posted: The PSN is still down because of a hack and will remain out of service for another while yet (worst-case scenario would be 1 or 2 more days). DO NOT enter ANY personal information (credit card information etc.) until the PSN website says its OK. Even once the PSN website says it's OK, please wait at least 2 hours to make sure it's a legitimate announcement. But for the moment, you should be patient and don't worry about it. As wha...

10 Site Hacked by Mr.D4NG3R Hacked sites list + Mirrors :   https://pastebin.com/dCApyUDa

Facebook hacker posts stolen pics on porn site ! A 26-year-old man faces 13 felony charges after being accused of hacking into Facebook accounts, stealing photos of young women and posting them on porn sites, reports the Kansas City Star. Along with content belonging to the 13 young women (ages 17 to 25), Timothy P. Noirjean is accused of victimizing, investigators found 92 folders on his computer containing names or photos of women, as well as 235 email addresses with security information. Noirjean confessed to accessing more than 100 Facebook accounts, and told police he was unaware that it's a crime. The shocking thing here isn't that there are predators on the Internet, that Noirjean claims ignorance of the law, that police arrested Noirjean in his parents' basement (which, according to the report, they totally did) or that young ladies of today have porn-worthy photos of themselves in unencrypted files on their computers. It's that Noirjean carried out his crime...