The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

United Nations Sub-Domain of Swaziland hacked by Cocain Team Hackers Swaziland sub domain of United Nations website Got defaced by Cocain Team Hackers. Mirror of hack also posted on Zone-H. Last hacks By Cocain Team Hackers are : Official site of NDRRMC hacked by Cocain TeaM Egyptian Consulate in United Kingdom Defaced Cocain hackers NERC - National Syrian energy research center Defaced by Cocain Team Youth Peer Education Network (YPEER) Of Syria Defaced by Cocain TeaM

Theregister.co.uk , Vodafone, Telegraph, Acer, National Geographic got hacked by Turkguvenligi The Register  One of the Biggest British technology news and opinion website got hacked by Turkguvenligi . Not only this Vodafone , Telegraph , Acer , National Geographic , Ups.com  , betfair.com  also got hacked by him.  Turkguvenligi is also know with name " TG Hacker '. These hacks are done by DNS Hijacking  method. But still theregister.co.uk and other sites are accessible via the original IP address ( 68.68.20.116 ) from several places around the world. Nameserver lookup of the register has the following nameservers now: theregister.co.uk. 86129 IN NS ns4.yumurtakabugu.com. theregister.co.uk. 86129 IN NS ns2.yumurtakabugu.com. theregister.co.uk. 86129 IN NS ns1.yumurtakabugu.com. theregister.co.uk. 86129 IN NS ns3.yumurtakabugu.com. But, It should probably look something like: theregister.co.uk nameserver = ns1.theregister.co.uk theregister....

European Union hacked by Inj3ct0r Team One of the Sub domain of European Union hacked and Defaced by Exploit writers at  Inj3ct0r Team . Hacker deface the web page and wrote : We are against nuclear weapons.  We are against violence in Libya.  We are against the arrest of policy Tymoshenko's in Ukraine. We are opposed to Russian influence in the territory of Ukraine!  Fuck off Russian President Medvedev, Prime Minister Putin , and Ukraine President Yanukovich !  You are idiots! You are trying to scold the Slavic peoples.  Soon your conspiracy against Ukraine will be published on WikiLeaks !  Ukraine will never be a colony of Russia ! You can arrest me, but you do not arrest the idea.  I am not alone, we are legion. *** Незалежна Україна Від розпроданих банкірів, Партії продавших, Від гнучких політиків, Голоси віддавших, Від прем'єр-міністрів, Що мови не знають, І від зеків-президентів, Що опозицію саджають... *** Hacker P...

AI agents promise to automate everything from financial reconciliations to incident response. Yet every time an AI agent spins up a workflow, it has to authenticate somewhere; often with a high-privilege API key, OAuth token, or service account that defenders can't easily see. These "invisible" non-human identities (NHIs) now outnumber human accounts in most cloud environments, and they have become one of the ripest targets for attackers. Astrix's Field CTO Jonathan Sander put it bluntly in a recent Hacker News webinar : "One dangerous habit we've had for a long time is trusting application logic to act as the guardrails. That doesn't work when your AI agent is powered by LLMs that don't stop and think when they're about to do something wrong. They just do it." Why AI Agents Redefine Identity Risk Autonomy changes everything: An AI agent can chain multiple API calls and modify data without a human in the loop. If the underlying credential is exposed or overprivileged, each addit...

100's of Israel Websites Hacked By Cyber-Warrior / AKINCILAR Group Cyber-Warrior / AKINCILAR Group has started an attack about the political tension between Turkey and Israel (Ahmet Davutoglu - Dr. Michael Ben-Ari), and they still keep attacking. Cyber-Warrior / AKINCILAR Group made a name for themselves by hacking thousands of websites that insults their country, religion and nation. The group is called as " Virtual Castle of Turkey ". Within the context of attack the website of Dr. Michael Ben-Ari who attracted attention by saying " Turkey should be declared as enemy country ". To show their protest in the virtual world Cyber-Warrior / AKINCILAR Group has also hacked the free hosting service called 020.com 's all the websites. After the attack the personal website and thousands of other Israel websites' homepages changed with the same text. The following text have put on hacked websites' homepages: " Israel has to apologize from Turkey and all Islamic world because of ...

BackBox Linux 2 released The BackBox team is proud to announce the release of BackBox. Linux 2.BackBox 2 features the following upstream components: Ubuntu 11.04, Linux Kernel 2.6.38 and Xfce 4.8. BackBox is an Ubuntu-based distribution developed to perform penetration tests and security assessments. It is designed to be fast and easy to use. It provides a minimal yet complete desktop environment, thanks to its own software repositories, which are always updated to the latest stable versions of the most often used and best-known ethical hacking tools. What's new System upgrade Performance boost New look and feel Improved start menu Bug fixing Hacking tools new or updated Three new section: Vulnerabilty Assessment, Forensic Analysis and VoIP Analysis Much, much more! System requirements 32-bit or 64-bit processor 256 MB of system memory (RAM) 2 GB of disk space for installation Graphics card capable of 800×600 resolution DVD-ROM drive or USB port Download BackBox...

Mobile APP Network Forum Hacked, 15000 user accounts leaked Mobile APP Network Forum is Hacked by "Why So Serious?" hacker. He also hacked VBTeam.info and EA Game - Battlefield Heroes some days before. He leaked over 15.000 accounts of the community (Forum) on Pastebin in two parts. Part 1 Part 2

Pakistani Music site Database and Vulnerability Exposed by Maxt Breaker A hacker with name " Maxt Breaker " hack one of the Pakistani Music website and expose its  Database and Vulnerability via posting on public sites. Vulnerable Link is also shown in Image and some sample of database is also visible. Hacker claim to hack 996 User Email ID and Password from site and make them Public.

HDFC Bank Database Hacked by zSecure team using SQL injection vulnerability zSecure team is back in news again, this time they have discovered a critical SQL injection vulnerability in HDFC Bank's Web Portal. Using this critical flaw HDFC Bank's various databases can be accessed and dumped as well. This critical flaw really affects the customer realtions of HDFC Bank's and this really questions the existing security in place within bank. HDFC Bank is the leading bank in India but they lack behind the basic security that needs to be implemented. zSecure team claimed in their blog post that even after sending them complete details about the vulnerability and even after conducting the vulnerability assessment from the third party service provider they were not able to discover this critical falw which existed in their web portal. This really raises a big question on their existing security policy. What would have happened if somone else would have gained acceess to this c...

Anonymous Release Press Release for Operation Tarmageddon Early in July, Anonymous said it planned to attack oil firms and banks supporting the controversial extraction of oil from sand in Alberta, Canada. Exxon Mobil, ConocoPhillips, Canadian Oil Sands, Imperial Oil, and the Royal Bank of Scotland have been put on notice that they are likely to be targeted in Anonymous' latest operation, dubbed Project Tarmageddon. Complete Press Release : Early in July, deep below the radar of the Tar Sands Oil Industry, Anonymous and GreenSec boarded the LulzSub and began a journey of environmental justice. This journey had only one endpoint: success. With all the attention Anonymous recently had received , a sub was the sure choice to ensure maximum impact and minimum damage to the fleet. When Big Brother watches, you go under the surface. All July, we supported a protest against the Tar Sands oil industry, which ended in protesters dancing on the meeting table of the Governor of Montana...

Indian Government Computers are also Corrupted like Government One of the Indian Hacker named " nomcat " claim to hack into the Indian Prime Ministers Office Computers and install R.A.T (remote administration tool ) in them. He also Expose the Vulnerability in Income Tax website and Database Information. Press Release By Hacker : Our team wanted to release this information with interests of the people and to expose out to the world how corrupt the Indian Government and this is one of the best examples ... The IT department of India is vulnerable to SQL injection it allows the "attacker" to view and edit all the databases ,tables ,columns and data stored within them since there a LOT of tables we are not yet done fully exploring them and we are letting out only the data we think is the least affecting to our country's security , But what we should learn is that this is one of the simplest hacking methods and most of the work can be done by point and click ap...

Vulnerability Master 1.0 Released By MaxPain Video Demostartion Download Vulnerability Master 1.0

VBulletin Underground Website Hacked By ' Why So Serious ' Vbteam.info is underground vBulletin Hacking website. It provides free vBulletin. This website is hacked by a new hacker named as " Why So Serious? ". He also hacked EA Game - Battlefield Heroes Accounts . He leaked 1400+ accounts of the Vbteam.info forum in pastebin .

Persistent XSS vulnerability in eBuddy Web Messenger A team member from Virtual Luminous Security , Russian Federation, has discovered a persistent XSS vulnerability in eBuddy (the biggest web IM solution in the world) by transmitting messages with embedded encoded javascript code. In-depth detail eBuddy Web Messenger suffers from an encoded-Persistent XSS vulnerability in the messaging function. (while sendingA message with embedded code to another authorized user in eBuddy WebMessenger). Exploit example Plain XSS (Not going to store, nor execute) <script>alert('eBuddy Persistent XSS');</script> Encoded text=%3Cscript%3Ealert%28'eBuddy%20Persistent%20XSS'%29%3C/script%3E [*] The attacker sends the encoded embedded code in an IM message. [*] The victim receives the message with the encoded embedded code and it executes on the victims browser.