The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

RedHack deface 1000 sites for Turkey #AntiSec RedHack Hackers Group deface more than 1000 websites today. The complete list of hacked sites are here  . The hack is done in support of Anonymous and Operation Antisec. The hackers also release a press Release as below with Reason of this hack.  Press Release By Redhack : Our people from all nationalities and Revolutionary, Democrat, Patriotic and Opposition Comrades, Since 1997 our objective is, to be the "common voice" of revolutionaries in digital arena and have carried out our actions according to this strategy. On the anniversary of Sivas Massacre which took place on 2nd July 1993 and resulted in death of thirty-five intellectuals, singer, authors and poets; we have hacked hundreds of websites belongs to Adnan Oktar also known as Harun Yahya bigot and collaborating fascist websites in order to announce that we have not forgotten this massacre and will not let it be forgotten.  We have also taken opportunity to ...

FOX News Twitter Account Hacked by 5CR1PT K1DD3S Fox News Politics Twitter account @foxnewspolitics  hacked last night.  The account's icon had been changed from the Fox News Politics logo and featured the following new description: " H4CK3D BY TH3 5CR1PT K1DD3S. " Hacker's Personal account was  @TheScriptKiddie on twitter, but After hack, Twitter has suspended his account. Then hacker made another announcement via  Fox News Politics Twitter account  that " twitter has suspended TheScriptKiddie please follow @ScriptKiddi3 for future releases. we have confirmed Fox News is aware of the attack. " THN talk with " The Script Kiddies " Group. They Reply : " We are a new group called The Script Kiddies. As i have stated in past interviews we do have connections to anonymous, however this does not represent them in anyway. personally I have been part of many hacks leading back to HBgary and #operationPyaback with anonymous . we will not ...

Microsoft.com.br (Brasil) hacked by TG hacker Microsoft Brasil https://microsoft.com.br/ Got defaced by Hacker named " TG ". Hacker redirect  server address microsoft.com.br  to the page of Microsoft Brazil. Instead of being sent to the developer page of Windows, the Internet user that accesses the address is faced with a message published by hackers as  " Ms Brazil 0wn3d by TG " .  The forwarding service is hosted on an external server.

I had the honor of hosting the first episode of the Xposure Podcast live from Xposure Summit 2025. And I couldn't have asked for a better kickoff panel: three cybersecurity leaders who don't just talk security, they live it. Let me introduce them. Alex Delay , CISO at IDB Bank, knows what it means to defend a highly regulated environment. Ben Mead , Director of Cybersecurity at Avidity Biosciences, brings a forward-thinking security perspective that reflects the innovation behind Avidity's targeted RNA therapeutics. Last but not least, Michael Francess , Director of Cybersecurity Advanced Threat at Wyndham Hotels and Resorts, leads the charge in protecting the franchise. Each brought a unique vantage point to a common challenge: applying Continuous Threat Exposure Management (CTEM) to complex production environments. Gartner made waves in 2023 with a bold prediction: organizations that prioritize CTEM will be three times less likely to be breached by 2026. But here's the kicker -...

Oracle website vulnerable to SQL injection vulnerability Oracle database website itself vulnerable to SQL injection attack. The website having a loophole by which any attacker can easily hack into it. The vulnerability is found and submitted by Hacker " m@m@ ". Oracle provides the world's most complete, open, and integrated business software and hardware systems to more than 370,000 customers including 100 of the Fortune 100 that represent a variety of sizes and industries in more than 145 countries around the globe. The combination of Oracle and Sun means that customers can benefit from fully integrated systems the entire stack, from applications to disk that are faster, more reliable, and lower cost. But the website now itself compromised with SQL injection attack. I am providing the link and a screen sort show that you can easily sort out the vulnerability.  Here is the link:  https://labs.oracle.com/dmp/patents.php?uid=mherlihy'%20and%201=0%20union%20sele...

Iframe Injection & Blind SQL Injection vulnerability on Apple.com exposed by Idahc(lebanese hacker) After Sony hacks, Idahc(lebanese hacker) is back to strike Apple.com . He found two vulnerability on  https://consultants.apple.com/  as listed below. Iframe Injection : Click here Blind SQL INjection: C lick Here Examples of the injections: Example One Example two Two days before Another sub-domain of Apple's database was hacked with SQL injection by Anonymous : Read Here Hacker Expose the Database ,extracted using Blind Sql injection on a pastebin link .  According to Hacker " I am Idahc(lebanese hacker) I found a Blind SQLI and Iframe Injection on AppleI am not one of Anonymous or Lulzsecand I am against The ANTISEC OPERATIONBUt this is a poc with not confidential informationI didn't dump users,emails,passwords........ ".

Stuxnet Source Code Released Online - Download Now Stuxnet is a Microsoft Windows computer worm discovered in July 2010 that targets industrial software and equipment. While it is not the first time that crackers have targeted industrial systems,it is the first discovered malware that spies on and subverts industrial systems,and the first to include a programmable logic controller (PLC) rootkit. Stuxnet is designed to programmatically alter Programmable Logic Controllers (PLCs) used in those facilities. In an ICS environment, the PLCs automate industrial type tasks such as regulating flow rate to maintain pressure and temperature controls. Source Code Download Another Video Presentation on Stuxnet by Hungry Beast .

Apple database hacked with SQL injection by Anonymous Anonymous hackers announce on twitter that Apple can be there next target. They expose one SQL vulnerability on Apple domain with One table "Users" data. Vulnerable Link :   https://abs.apple.com:8080/ssurvey/survey?id= Exposure Link :   https://pastebin.com/tkmZDG9m These all hacks now consider under Operation Antisec by Anonymous and Lulzsec Members.

4 big business sites database backup leaked by Serious BLack  ! One of the Indian hacker "Serious BLack " found the SQL database backup on the 4 big business sites. These SQL dumps are hosted by Site admins on FTP that has been leaked. Sites are:  https://www.assembla.com/   =>  https://pastebin.com/YpdfGsQN https://www.nganhoa.co.cc/hoa.sql https://www.seoguru.co.uk/seogurl.sql https://www.33photo.com/backup.sql

WebSurgery v0.5 - Web app testing tool Released WebSurgery is a suite of tools for security testing of web applications. Itwas designed for security auditors to help them with the web applicationplanning and exploitation. Currently, it uses an efficient, fast and stableWeb Crawler, File/Dir Bruteforcer and Fuzzer for advanced exploitation ofknown and unusual vulnerabilities such as SQL Injections, Cross sitescripting (XSS), brute-force for login forms, identification offirewall-filtered rules etc. Download Setup Download Portable Documentation

Pepper (Dating site) hacked by Anonymous #Antisec One of the Biggest Online dating website Pepper  https://www.pepper.nl/  hacked by Anonymous Hackers for Operation Antisec. Huge Data breached, 52000 users/passwords of users leaked by Anonymous on twitter on  https://privatepaste.com/af59e5a969

TriNity (Indian Girl Hacker) Strikes again to server with 690 websites Indian hacker girl, TriNity Strikes After along time. This time she  hack a windows server with 690+ Sites at 66.113.131.74 . Site attacked : https://www.coin.info/ https://catapult.coop/ Mirror of some sites on the same server : https://mirror.sec-t.net/defacements/?id=49702 https://mirror.sec-t.net/defacements/?id=49698 Complete List of Site : https://pastebin.com/4sF7ZQAB

UP Rajarshi Tandon Open University Allahabad Website Hacked Website of UP Rajarshi Tandon Open University Allahabad Hacked last night. Link  https://www.uprtou.ac.in/ Hacker wrote message on the site " SECURE YOUR WEBSITE.. OR ELSE GET HACKED BY SOMEONE...The Education system in India sucks.. Till when we would be learning all the bullshit physics, chem, history and commerce.. We need some real knowledge.. Baccha, kabil bano.. kamyaabi jhak marke peeche aayegi.. lol. .sorry admin.. just resotre your site..Don't worry.. nothing has been deleted... " Legend H mirror : https://legend-h.org/mirror/187224/uprtou.ac.in

Nmap 5.59 BETA1 - 40 new NSE scripts & improved IPv6 Official Change Log: o [NSE] Added 40 scripts, bringing the total to 217!  You can learn  more about any of them at https://nmap.org/nsedoc/. Here are the new  ones (authors listed in brackets):  + afp-ls: Lists files and their attributes from Apple Filing    Protocol (AFP) volumes. [Patrik Karlsson]  + backorifice-brute: Performs brute force password auditing against    the BackOrifice remote administration (trojan) service. [Gorjan    Petrovski]  + backorifice-info: Connects to a BackOrifice service and gathers    information about the host and the BackOrifice service    itself. [Gorjan Petrovski]  + broadcast-avahi-dos: Attempts to discover hosts in the local    network using the DNS Service Discovery protocol, then tests    whether each host is vulnerable to the Avahi NULL UDP packet    denial...

Official Website of Amy Winehouse - Songer/Songwriter Defaced Amy Jade Winehouse official website  https://www.amywinehouse.com/   defaced by Anonymous hackers for Antisec . Amy Jade Winehouse  (born 14 September 1983) is an English singer-songwriter, known for her powerful contralto vocals and her eclectic mix of various musical genres including R&B, soul, and jazz. She has received publicity over her substance abuse and mental health issues. Related hack => Meggit - US Military and Law Enforcement equipment supplier hacked for #Antisec - Read here

Meggit Database Hacked - US Military and Law Enforcement equipment supplier for #Antisec Database of www.meggitttrainingsystems.com a US Military and Law Enforcement equipment supplier has been hacked and exposed by Anonymous ( The Bash Crew ) .  Hackers said " People of the USA your government puts there trust and your money into these people and we got into there database useing a google dork and a simple sql injection.Any ways we hope this will cause many lulz atleast in spamming heads of the corp's and government that choose such a poorly secured site. " vUNL link :  https://www.meggitttrainingsystems.com/main.php?id=119 Hackers Release database on Pastebin :  https://pastebin.com/0r4A9DVR

Mesa Arizona Fraternal Order of Police website hacked, Data exposed ! Anonymous Hackers deface Mesa Arizona Fraternal Order of Police website -  https://mesafop.com/  . This hack is done for Operation Antisec. The Post a message and All data of  Arizona Police on the deface page. Alternate you can see written part on :  https://pastebin.com/RakyZgJE  . Hackers claim to deface following domains : azfop.com, azfop78.com, azfop5.com, tucsonfop.com, mesafop.com,azfop32.com, azfop50.com, azfop44.com, azfop62.com, azfop58.com Hackers expose Credit Card details and Email/Passwords of lots of officers Not only this, They also expose the usernames and passwords for 1200 FOP members in deface page.

SQL Injection Vulnerability in Google Lab Database System Very Big & Critical Vulnerability detected in Google Lab System. Vendor is already reported by hackers, But they don't take positive step in this case, so finally hackers exposed  the vulnerability in public by  Bangladesh Cyber Army Admin - Shadman Tanjim on their Forum . Google Lab Website has SQL Injection Vulnerability and Dangerous thing is this Vulnerability is Exploitable. Hackers are able to get Tables, columns and data from Database. Google Lab Database has his own customize DB system. But Interesting things is their database system is Similar as Ms Access database. In this case Ms Access SQL Injection System is Also Work on Google Lab Database system. Statement By Hacker : I already contact with Google Corporation but they don't give positive response, I think this is their big fault,  and will suffer for that. But if they give Positive response t...

MasterCard downed by ISP, not Anonymous hackers Two days before Anonymous declare that MasterCard again down by Ddos attack in support of Wikileaks & Anonymous via twitter . It was shortly after MasterCard went down that someone on Twitter, known as ibomhacktivist, promoted " MasterCard.com DOWN!!! ", adding the site was down for messing with WikiLeaks and Anonymous. But in actual, MasterCard.com was offline, and shortly after the outage was noticed by the public, someone on Twitter claimed credit. In a statement, MasterCard blamed the outage on an ISP issue, without discounting that they were attacked upstream. " MasterCard's corporate, public-facing Website experienced intermittent service disruption, due to a telecommunications/Internet Service Provider outage that impacted multiple users. It is important to note that no cardholder data has been impacted and that cardholders can continue to use their cards securely. We are continuing to monitor the situation c...

Indonesian and Australian police launched Cyber Crime Investigation Center Indonesian and Australian police officially launched a joint project called the Cyber Crime Investigation Center. The center was officiated by Indonesian National Police chief Gen. Timur Pradopo and Australian Federal Police chief Comr. Tony Negus at the National Police Headquarters in Jakarta on Thursday. Timur said the center had been planned since six months ago. " Today, we launch the center, which will be equipped with tools needed to carry out cyber crime investigation ," Timur said, adding that its communication technology equipment was being provided by the Australian government." Of course, this [center] will improve our capacity to detect and [investigate cyber] crimes, particularly transnational crimes ," he said. Negus said the center would allow the Indonesian National Police to deal with technology and IT-related crimes. He added that the Australian police force was looki...

OpenSSH 3.5p1 Remote Root Exploit for FreeBSD OpenSSH 3.5p1 Remote Root Exploit for FreeBSD has been shared by kcope on twitter . The Released note is as given below : OpenSSH 3.5p1 Remote Root Exploit for FreeBSD Discovered and Exploited By Kingcope Year 2011 -- The last two days I have been investigating a vulnerability in OpenSSH affecting at least FreeBSD 4.9 and 4.11. These FreeBSD versions run OpenSSH 3.5p1 in the default install. The sshd banner for 4.11-RELEASE is "SSH-1.99-OpenSSH_3.5p1 FreeBSD-20060930". A working Remote Exploit which spawns a root shell remotely and previous to authentication was developed. The bug can be triggered both through ssh version 1 and ssh version 2 using a modified ssh client. During the investigation of the vulnerability it was found that the bug resides in the source code file "auth2-pam-freebsd.c". https://www.freebsd.org/cgi/cvsweb.cgi/src/crypto/openssh/Attic/auth2-pam-freebsd.c This file does not exist in Fre...