The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

You got owned, Exposure about privacy on facebook ! If you had any doubts regarding privacy on facebook, here is a list containing hundreds of user and password, how can this be ? Easy, any application that asks for permission can get your credentials! And then do not say that we had not warned :P WikiLeaks founder Julian Assange says Facebook is Spying on You and Your Loved Ones "Here we have the world's most comprehensive database about people, their relationships, their names, their addresses, their locations and the communications with each other, their relatives, all sitting within the United States, all accessible to U.S. intelligence." Read More News Regarding Facebook on THN : Assange says Facebook is spying tool for US intelligence ! A Syrian Man-In-The-Middle Attack against Facebook Facebook is not Exclusion, XML Vulnerability ! Truth About Facebook -  CIA, U.S. government - Everything Related ! Vulnerability in Facebook Email feature Exposed ! Face...

Linux kernel 2.6.38.6 ( stable) has been released ! The latest -Stable kernel has been raised again after Greg released a new version : 2.6.38.6. This is a maintenance update, so no new feature are included, only bug fixes and minor changes. Even though Greg urges users to upgrade to this version, it's wiser to look at the  ChangeLog  to decide whether you really need to upgrade to this version or not. Personally, i don't really see any important updates in this release, so if you have no problem with your current kernel (2.6.38.x series), you can stay with it until 2.6.39 comes up in probably a week or two. Download :  https://www.kernel.org/

India's Rajasthan State Co-operative Marketing Federation Ltd (https://rajfed.gov.in/) has been infected with a malicious script tag. This government site promotes the objectives of procuring agricultural produce from farmers through the member societies on support prices declared by the Govt. of India. Here is the home page of this site: The malicious script has been injected at the bottom of this page. Here is the screenshot of source page, Below, you can see a decoded version of the script using Malzilla. ( https://malzilla.sourceforge.net/ ) The decoded script tag leads to JavaScript from " hxxp://cs.cskick.cn/cs/sc.js ". Currently, this malicious site is down. A quick Google search for this domain shows that it has been involved with malicious activity in the past. Trend Micro has issued a report for a separate threat hosted at that same domain. Submitted by :  Umesh

Is Managing Customer Logins and Data Giving You Headaches? You're Not Alone! Today, we all expect super-fast, secure, and personalized online experiences. But let's be honest, we're also more careful about how our data is used. If something feels off, trust can vanish in an instant. Add to that the lightning-fast changes AI is bringing to everything from how we log in to spotting online fraud, and it's a whole new ball game! If you're dealing with logins, data privacy, bringing new users on board, or building digital trust, this webinar is for you . Join us for " Navigating Customer Identity in the AI Era ," where we'll dive into the Auth0 2025 Customer Identity Trends Report . We'll show you what's working, what's not, and how to tweak your strategy for the year ahead. In just one session, you'll get practical answers to real-world challenges like: How AI is changing what users expect – and where they're starting to push ba...

Sony 3rd massive leak - 100 million user's personal info hacked in Japan ! Personal information on a total of 100 million people has possibly been hacked and leaked from online game and other Internet services provided by the Sony Group worldwide, sparking fears that it could develop into the worst information leakage case ever. Sony has been under fire for being slow to announce the incident. It is essential for the electronics and entertainment giant to clarify the whole picture of the damage as quickly as possible and gather itself together to follow up the case in order to recover consumers' confidence. According to the revelation, personal information including the names, IDs and passwords of about 77 million people in some 60 countries -- mainly in North America -- was hacked and leaked from Sony's Internet services that provide game software for PlayStation 3 and other game consoles and distribute movies and music for TV viewers. Furthermore, private inform...

SkidHacker.com , Underground-Hacking.Net & IndoCoder.or.id Hacked by Shadow008 (PakCyberArmy) Sites Hacked: Forum: https://www.indocoder.or.id/community/ Blog: https://www.indocoder.or.id/journal/ Mirror: Forum: https://www.k0-ka.in/attack/?id=1498 Blog: https://zone-h.com/mirror/id/13632754 ___________________________________________________ Sites Hacked: https://underground-hacking.net/ Mirror: https://zone-h.com/mirror/id/13667406 ___________________________________________________ Sites Hacked: https://www.skidhacker.com/ Mirror: https://zone-h.com/mirror/id/13668102

Cbseguess.com   4243  users data compromised ! https://cbseguess.com/ Hacked By Indian Hacker 'Akash Jain', and almost 4243 users data Compromised .

Samsung Data Management Server with Sql Injection Login Bypass vulnerability Here we have one more example of human stupidity. Samsung Data Management Server with Sql Injection Login Bypass vulnerability . Anyone can easy hack into admin panel of server... here a screen shot of admin panel : Sorry ! We can't Disclose the location/URL of Panel just because of security reasons. But Samsung should fix this as soon as possible !

French security firm VUPEN Say New Bugs Can Bypass Google Chrome Sandbox ! Researchers at the French security firm VUPEN say that they have discovered several new vulnerabilities in Google Chrome that enable them to bypass the browser's sandbox, as well as ASLR and DEP and run arbitrary code on a vulnerable machine. The company said that they are not going to disclose the details of the bugs right now, but that they have shared information on them with some of their government customers through its customer program. The vulnerabilities are present in the latest version of Chrome running on Windows 7, VUPEN said. VUPEN published a video (  https://www.vupen.com/demos / ) that demonstrates an attack that exploits the Chrome vulnerabilities, although there is no further clues about the bugs themselves. "The exploit shown in this video is one of the most sophisticated codes we have seen and created so far as it bypasses all security features including ASLR/DEP/Sandbox, it...

Patch for Metasploit that will enhance db_autopwn such that you will be able to Hack almost ANYTHING ! There is a small patch released , that will make your db_autopwn fully loaded and powerful . With which you will be able to hack almost anything... Lets have a look : Index: lib/msf/ui/console/command_dispatcher/db.rb =================================================================== --- lib/msf/ui/console/command_dispatcher/db.rb (revision 12572) +++ lib/msf/ui/console/command_dispatcher/db.rb (working copy) @@ -775,6 +775,9 @@ def cmd_db_autopwn(*args) return unless active? + puts 'https://www.pentest-standard.org/index.php/PTES_Technical_Guidelines' + return + stamp = Time.now.to_f vcnt = 0 rcnt = 0

Ethical Hacking Services - Appin Security hacked By 133t Indian h4x0rs ! Hacked Site 1. :  https://appinlabs.com Mirror 1. :  https://legend-h.org/mirror/157460/appinlabs.com Hacked Site 2. :  https://blog.appinonline.com Mirror 2. :  https://legend-h.org/mirror/158222/blog.appinonline.com

Scammers looking to flog cheap software have hacked Web pages on high-profile websites, including those belonging to NASA and Stanford University. NASA, just a week away from its penultimate space shuttle launch, has now removed dozens of Web pages that popped up on its Jet Propulsion Laboratory website. They were used to flog low-cost versions of Adobe's Creative Suite and other products, according to cached versions of the pages, still viewable on Google. The scammers loaded up the Web pages with nonsense text (a sample: "Edit buy adobe premiere pro cs4 some callouts and balloons to make this time it took you and saved you a long time") and links to many other hacked pages. Affected sites included those for NASA, Stanford University, Syracuse University and Northeastern University. NASA had cleaned up its site Monday, but others, including Stanford, had not. Visitors to those sites could encounter the hacked pages even if they weren't looking for cheap softwar...

Hackers release usernames, passwords of several FOX.com affiliate employees ! Hackers Post complete Usernames/Password of Fox.com users at : https://pastebin.com/zDMHmmAr