The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

MTPuTTY 1.0 Beta - Multi-Tabbed PuTTY Released MTPuTTY (Multi-tabbed PuTTY) helps you to manage different PuTTY connections in one tabbed GUI interface. Every PuTTY connection runs in a separate tab and you can switch between PuTTYs as easy as you switch between opened pages in web browsers. When you need, you can detach PuTTY window from tab and convert it back into normal PuTTY application. MTPuTTY Features All PuTTY features Supports all PuTTY protocols - SSH, Telnet, Rlogin, Raw. Supports PuTTY session. You can control and change PuTTY command line parameters. You can run PuTTY configuration from within the program. Automation :  Can automatically login the remote servers and "type" your passwords. Can run any script after login. Can "type" a script in several PuTTY tabs simultaneously. Easy to use :  Clear tabbed user interface. Servers are grouped in a sidebar. Taskbar to quick access to basic program tasks. Any PuTTY tab can be detached and converte...

Philippine Nuclear Research Institute (PNRI) Hacked by PrivateX PrivateX hackers defaced the website of the Philippine Nuclear Research Institute (PNRI) and left a message accusing another government agency of corruption. The " PrivateX " group redirected visitors to the PNRI website to a custom Pastehtml page featuring its logo. PNRI website was hacked to support President Benigno Aquino III and his State of the Nation Address (SONA). Message By Hackers : Message : LTO REGION 7 & Operations OFFICE MAGNANAKAW KURAKOT (Land Transportation Office Region 7 and Operations Office, thieves)!!!!" it said in its latest cyberattack.Nothing was harmed except your integrity... Corruption, lack of education, and lack of opportunity. [ Source ]

Rankmyhack got hacked by HaxOr Rankmyhack.com got hacked by " HaxOr ". Rankmyhack.com is a website, lets hackers submit and rate each others hacks in order to determine the world's best hacker. According to the New York Times , the site has picked up at least 700 members since it launched at the end of July. The bounty section of this site was created in an attempt to focus the abilities of talented hackers against political and government forces that need to be put back in line. Hax0r hack and upload a text file on server as shown. Message written in page " Greetz to all members of Team INTRA...Secure your shit! ". We ( THN ) check " Upload " folder on FTP of same site, which list all image files uploaded there. One of the Image file with name " jodete.jpg " is supposed to be PHP SHELL uploaded by Hacker for Hacking attempt. UPDATE :  Rankmyhack.com Server also got hacked by T H E N 4 7 7 :  https://pastebin.com/bq8xJPMn

While phishing and ransomware dominate headlines, another critical risk quietly persists across most enterprises: exposed Git repositories leaking sensitive data. A risk that silently creates shadow access into core systems Git is the backbone of modern software development, hosting millions of repositories and serving thousands of organizations worldwide. Yet, amid the daily hustle of shipping code, developers may inadvertently leave behind API keys, tokens, or passwords in configuration files and code files, effectively handing attackers the keys to the kingdom. This isn't just about poor hygiene; it's a systemic and growing supply chain risk. As cyber threats become more sophisticated, so do compliance requirements. Security frameworks like NIS2, SOC2, and ISO 27001 now demand proof that software delivery pipelines are hardened and third-party risk is controlled. The message is clear: securing your Git repositories is no longer optional, it's essential. Below, we look at the ris...

CSLSecurity Hacked by TeaMp0isoN CSL Security hacked by TeaMp0isoN . CSL Security claim to be " New LulzSec " type hacking Group. Their goal is to show that most of the important websites are vulnerable,They claim to show that any system can be compromised, nothing is secure. They Hit Sites, generally hack the Govt sites. Hacked site :  https://www.cslsecurity.com/ Mirror of hack :  https://zone-h.org/mirror/id/14799769

Steve Jobs Resigns as Apple CEO Steve Jobs has resigned as chief executive officer of Apple (AAPL). The company has promoted chief operating officer Tim Cook to the position of CEO and said that Cook will join the company's board of directors. Jobs will become Apple's chairman. Here is a copy of Jobs' resignation letter: To the Apple Board of Directors and the Apple Community: I have always said if there ever came a day when I could no longer meet my duties and expectations as Apple''s CEO, I would be the first to let you know. Unfortunately, that day has come. I hereby resign as CEO of Apple. I would like to serve, if the Board sees fit, as Chairman of the Board, director and Apple employee. As far as my successor goes, I strongly recommend that we execute our succession plan and name Tim Cook as CEO of Apple. I believe Apple''s brightest and most innovative days are ahead of it. And I look forward to watching and contributing to its success in a n...

# Anonymous Leaks Nude Pics of # BART Spokesman A member of Anonymous has set up a blog (NSFW) exposing BART spokesman Linton Johnson's, uh, Johnson. The blog shows a couple photos (CAUTION: photos contain nudity) of Johnson cavorting at an outdoor party, pulling down his pants and revealing his dong. Also the message: " If you are going to be a dick to the public, then I'm sure you dont mind showing your dick to the public… " Linton became an Anonymous target after he revealed that he was the one who came up with the idea to shut down cell service at BART stations to prevent protests earlier this month over the shooting death of a homeless man at the hands of BART Police.

Cyber war against Israel have taken very dangerous turn The Cyber war between Egypt and Israel have taken very dangerous turn by setting normal internet users as target for botnet attacks. Since week ago some Egyptian hackers attacked so many Israeli's gov communities and organizations on the internet. Israeli prime minister Netanyahus for example . But yet it wasn't very scary attacks level , as it was far from the normal computer users. In Sudden escalation for the attack level , an Egyptian group launched computer worm which infected about 50000 personal computer in Israel and united states. Despite of my virtual machine security level , it was also infected by the same worm. I (Reuben Rayner) didn't notice that am infected till the attackers launched an exe file which viewed message in the full screen mode. Quits of the attackers message  they started with the word "Anti-Zionism"  " If u can see this message this mean that u either from israel o...

Egyptian Consulate in United Kingdom Defaced Cocain hackers Cocain Hacker deface the website of  Egyptian Consulate in United Kingdom. Mirror of hacked site is available on Zone-H .

Knock v1.5  - Subdomain Scanner , allows to bypass wildcard Knock is a python script, written by Gianni 'guelfoweb' Amato, designed to enumerate subdomains on a target domain through a wordlist. This program is self contained, doesn't need to be installed in any particular location. All it needs is a recent version of Python 2.xOnly for use the Zone Transfer option (-zt) you must install the module dnspython, otherwise you can do without. If the name server allows zone transfers to occur, all the DNS names and IP addresses hosted by the name server will be returned in human-readable ASCII text. Usage $ python knock.py <option> <url> Rapid Scan Scanning with internal wordlist: $ python knock.py <url> Scanning with external wordlist: $ python knock.py <url> <wordlist> Options -zt Zone Transfer discovery: $ python knock.py -zt <url> -dns Dns resolver: $ python knock.py -dns <url> -wc Wildcard testing: $ python knock.py ...

Thehacker12 Dumps Logins for 20,000 Customers and U.S. Employees ThEhAcKeR12  has hacked into an events management company and obtained sensitive information belonging to 20,000 individuals, many of whom were United States government employees or contractors. Hacker posted an Excel spreadsheet containing login credentials and personal information for 20,000 people obtained from allianceforbiz.com . Allianceforbiz.com is a professional trade show management company that manages conferences, meetings and trade shows for customers, according to the company Website. The list has been made public on Pastebin and Mediafire and a message posted on Twitter: " 20,000 email-passwords had been leaked consisting mostly of US Mill Army, Govern. & corporate giants ." The spreadsheet contains usernames, passwords, e-mail addresses. company name. The file also contained 17,668 company names, of which 14,739 were unique, and most had only one e-mail address associated with ...

German Gema website hacked by Anonymous Hackers The GEMA website was hacked by Anonymous. Here is a screenshot who was circulating now the whole web presence disappeared. Whoever wants to playback or perform music in public in Germany will become, as a rule by doing this, a customer of GEMA. GEMA (Society for musical performing and mechanical reproduction rights) is a performance rights organization from Germany. It is the only institution in Germany. GEMA represents some 60,000 composers, authors and music publishers and the rights of more than a million copyright owners internationally whose works are used in Germany.

XSS vulnerability in Bing.com Maps One of the Security Researcher " Juan Sacco (runlvl) " - Insecurity Research Labs expose the Cross Site vulnerability (XSS) in Bing.com Search Engine. BING.COM is prone to a XSS vulnerability because the application failsto properly perform adequate boundary checks on user-supplied data.An attacker can exploit this issue to execute arbitrary code in thevictim's browser. Details : The reflected XSS vulnerability is a variant of a cross-site scriptingflaw: it occurs when the data provided by the attacker is exectued bythe browser, and then displayed on "normal" pages returned to otherusers in the course of regular browsing, without proper HTML escaping. Aclassic example of this is with online message boards where users areallowed to post HTML formatted messages for other users to read. Vulnerable Link

Android Trojan GingerMaster  Uses Gingerbread Root Exploit As our smartphones become more ubiquitous and more powerful, they need to be protected in much the same way that you would protect your computer. Further to this, a malicious piece of malware has been discovered for devices powered by Android 2.3.3 Gingerbread, giving the hacker the ability to take complete control of the smartphone remotely. According to Assistant Professor Xuxian Jiang from the NCSU Department of Computer Science, the new threat, which his team has dubbed GingerMaster, is the first malware to use the root exploit for Android 2.3. " As this is the first time such malware has been identified, it is not surprising when our experiments show that it can successfully evade the detection of all tested (leading) mobile anti-virus software, " he writes . Once the GingerMaster malware is installed and has root privileges, it then reaches out to a remote command-and-control server and asks for instr...