The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Germany's democracy is in danger, as the upcoming federal elections in the country, where nearly 61.5 million citizens are going to vote on September 24th, could be hijacked. Hackers have disclosed how to hack the German voting software to tamper with votes and alter the outcome of an election. Yes, election hacking is no theory—it is happening. A team of researchers from German hacking group Chaos Computer Club (CCC) has discovered several critical vulnerabilities in PC-Wahl—software used to capture, tabulate and transfer the votes from local polling centres to the state level during all parliamentary elections for decades. According to the CCC analysis, vulnerabilities could lead to multiple practicable attack scenarios that eventually allow malicious agents in the electoral office to change total vote counts. Critical Flaws Found In German Voting-Software The hacker collective found that the automatic software update module of PC-Wahl downloads packages over in...

The notorious hacking group that has been in operation since at least 2011 has re-emerged and is still interested in targeting the United States and European companies in the energy sector. Yes, I am talking about the ' Dragonfly ,' a well-resourced, Eastern European hacking group responsible for sophisticated cyber-espionage campaigns against the critical infrastructure of energy companies in different countries in past years. In 2014, we reported about the Dragonfly groups ability to mount sabotage operations against their targets—mainly petroleum pipeline operators, electricity generation firms and other Industrial Control Systems (ICS) equipment providers for the energy sector. Researchers from cyber security firm Symantec who discovered the previous campaign is now warning of a new campaign, which they dubbed Dragonfly 2.0 , saying "the group now potentially has the ability to sabotage or gain control of these systems should it decide to do so" and has ...

Every week since March Wikileaks has been leaking secrets from the United States Central Intelligence Agency (CIA), which mainly focus on surveillance techniques and hacking tools employed by its agents. However this time, the whistleblower organisation has released something different from its previous Vault 7 leaks , because it's not about hacking and spying; instead, it's a—Missile Control System. Dubbed Project Protego , the PIC-based missile control system is installed on-board a Pratt and Whitney Aircraft (PWA) equipped with missile launch system, which gives it ability to hit air-to-air and air-to-ground targets. The latest leak contains four secret documents in total from the project Protego, along with "37 related documents (proprietary hardware/software manuals from Microchip Technology Inc)," WikiLeaks says. Leaked documents reveal system design, a guide on how to configure and build Protego images, and also suggest that all micro-controller un...

I had the honor of hosting the first episode of the Xposure Podcast live from Xposure Summit 2025. And I couldn't have asked for a better kickoff panel: three cybersecurity leaders who don't just talk security, they live it. Let me introduce them. Alex Delay , CISO at IDB Bank, knows what it means to defend a highly regulated environment. Ben Mead , Director of Cybersecurity at Avidity Biosciences, brings a forward-thinking security perspective that reflects the innovation behind Avidity's targeted RNA therapeutics. Last but not least, Michael Francess , Director of Cybersecurity Advanced Threat at Wyndham Hotels and Resorts, leads the charge in protecting the franchise. Each brought a unique vantage point to a common challenge: applying Continuous Threat Exposure Management (CTEM) to complex production environments. Gartner made waves in 2023 with a bold prediction: organizations that prioritize CTEM will be three times less likely to be breached by 2026. But here's the kicker -...

What if your smartphone starts making calls, sending text messages, and browsing malicious websites on the Internet itself without even asking you? This is no imaginations, as hackers can make this possible using your smartphone's personal assistant like Siri or Google Now. A team of security researchers from China's Zhejiang University have discovered a clever way of activating your voice recognition systems without speaking a word by exploiting a security vulnerability that is apparently common across all major voice assistants. DolphinAttack (Demo): How It Works Dubbed DolphinAttack , the attack technique works by feeding the AI assistants commands in ultrasonic frequencies, which are too high for humans to hear but are perfectly audible to the microphones on your smart devices. With this technique, cyber criminals can "silently" whisper commands into your smartphones to hijack Siri and Alexa, and could force them to open malicious websites and even ...

Nothing is free in this world. If you are searching for free ready-made hacking tools on the Internet, then beware—most freely available tools, claiming to be the swiss army knife for hackers, are nothing but a hoax. Last year, we reported about one such Facebook hacking tool that actually had the capability to hack a Facebook account, but yours and not the one you desire to hack. Now, a Remote Access Trojan (RAT) builder kit that was recently spotted on multiple underground hacking forums for free found containing a backdoored module that aims to provide the kit's authors access to all of the victim's data. Dubbed Cobian RAT , the malware has been in circulation since February of this year and has some similarities with the njRAT and H-Worm family of malware, which has been around since at least 2013. According to ThreatLabZ researchers from Zscaler, who discovered the backdoored nature of the malware kit, the "free malware builder" is likely capable of...

It's been close to five years since we last looked at Incapsula , a security-focused CDN service known for its DDoS mitigation and web application security features. As one would expect, during these five years the company has expanded and improved, introducing lots of new features and even several new products. Most recently, Incapsula underwent an extensive network expansion that includes new PoPs in Asia including two new data centers in New Delhi and Mumbai. This seems like an excellent opportunity to revisit the service and see how it has evolved. Acquisition, Award and Growth Before we jump into Incapsula's service upgrades, we want to mention the changes in the company itself briefly. The most notable of those is Incapsula's 2014 acquisition by Imperva—an authority in web application security and a four-time Gartner Magic Quadrant leader for web application firewalls. The acquisition boosted Incapsula's security capabilities, resulting in its own cloud...

Security researchers have discovered several severe zero-day vulnerabilities in the mobile bootloaders from at least four popular device manufacturers that could allow an attacker to gain persistent root access on the device. A team of nine security researchers from the University of California Santa Barbara created a special static binary tool called BootStomp that automatically detects security vulnerabilities in bootloaders. Since bootloaders are usually closed source and hard to reverse-engineer, performing analysis on them is difficult, especially because hardware dependencies hinder dynamic analysis. Therefore, the researchers created BootStomp, which "uses a novel combination of static analysis techniques and underconstrained symbolic execution to build a multi-tag taint analysis capable of identifying bootloader vulnerabilities." The tool helped the researchers discover six previously-unknown critical security bugs across bootloaders from HiSilicon (Huawe...

Security researchers have discovered a critical remote code execution vulnerability in the popular Apache Struts web application framework, allowing a remote attacker to run malicious code on the affected servers. Apache Struts is a free, open-source, Model-View-Controller (MVC) framework for developing web applications in the Java programming language, which supports REST, AJAX, and JSON. The vulnerability (CVE-2017-9805) is a programming blunder that resides in the way Struts processes data from an untrusted source. Specifically, Struts REST plugin fails to handle XML payloads while deserializing them properly. All versions of Apache Struts since 2008 (Struts 2.1.2 - Struts 2.3.33, Struts 2.5 - Struts 2.5.12) are affected, leaving all web applications using the framework's REST plugin vulnerable to remote attackers. According to one of the security researchers at LGTM, who discovered this flaw, the Struts framework is being used by "an incredibly large number and va...

Finally, European companies must inform employees in advance if their work email accounts are being monitored. The European Court of Human Rights (ECHR) on Tuesday gave a landmark judgement concerning privacy in the workplace by overturning an earlier ruling that gave employers the right to spy on workplace communications. The new ruling came in judging the case of Romanian engineer Bogdan Barbulescu, who was fired ten years ago for sending messages to his fianceé and brother using his workplace Yahoo Messenger account. Earlier Romanian courts had rejected Barbulescu's complaint that his employer had violated his right to correspondence—including in January last year when it was ruled that it was not " unreasonable for an employer to want to verify that the employees are completing their professional tasks during working hours. " But now, the European court ruled by an 11-6 majority that Romanian judges failed to protect Barbulescu's right to private life and cor...

Image source: goldenfrog In an effort to continue its crackdown on VPNs, Chinese authorities have arrested a 26-year-old man for selling VPN software on the Internet. China's Supreme Court has sentenced Deng Jiewei from Dongguan in Guangdong province, close to Hong Kong, to nine months in prison for selling virtual private network (VPN) software through his own small independent website. VPN encrypts users' Internet traffic and routes it through a distant connection so that web surfers can hide their identities and location data while accessing websites that are usually restricted or censored by any country. Chinese citizens usually make use of VPNs to bypass the Great Firewall of China , also known as the Golden Shield project, which employs a variety of tricks to censor the Internet in the country. The project already blocked access to some 171 out of the world's 1,000 top websites, including Google, Facebook, Twitter, Tumblr, Dropbox, and The Pirate Bay in...

China's central bank today announced an immediate ban on all ICO—Initial Coin Offering—fundraising, to prevent fraud and illegal fundraising. ICO is the hottest new thing in the blockchain world, which is an alternative to crowdfunding that lets a firm raise funding from multiple sources. The People's Bank of China (PBoC), the country's central bank and financial regulator, has issued an official notice on Monday, forbidding "all types of currency issuance financing activities" that have "seriously disrupted the economic and financial order." This PBoC's bold move has been backed by many other Chinese government administrators and regulators including the China Securities Regulatory Commission, China Insurance Regulatory Commission and the Ministry of Industry and Commerce, and China Banking Regulatory Commission. This move marks the end of an era of ICO fundraising in China. The regulator claims that ICOs are being misused for "...

Exclusive — If you have an account on Taringa , also known as "The Latin American Reddit," your account details may have compromised in a massive data breach that leaked login details of almost all of its over 28 million users. Taringa is a popluar social network geared toward Latin American users, who create and share thousands of posts every day on general interest topics like life hacks, tutorials, recipes, reviews, and art. The Hacker News has been informed by LeakBase , a breach notification service, who has obtained a copy of the hacked database containing details on 28,722,877 accounts, which includes usernames, email addresses and hashed passwords for Taringa users. The hashed passwords use an ageing algorithm called MD5 – which has been considered outdated even before 2012 – that can easily be cracked, making Taringa users open to hackers. Wanna know how weak is MD5?, LeakBase team has already cracked 93.79 percent (nearly 27 Million) of hashed passwords s...