The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Registry Decoder - Digital Forensics Tool Digital forensics deals with the analysis of artifacts on all types of digital devices. One of the most prevalent analysis techniques performed is that of the registry hives contained in Microsoft Windows operating systems. Registry Decoder was developed with the purpose of providing a single tool for the acquisition, analysis, and reporting of registry contents. Download Here

20 Famous websites vulnerable to Cross Site Scripting (XSS) Attack Most of the biggest and Famous sites are found to be Vulnerable to XSS attack . Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications which allow code injection by malicious web users into the web pages viewed by other users. Examples of such code include HTML code and client-side scripts. An exploited cross-site scripting vulnerability can be used by attackers to bypass access controls such as the same origin policy. Recently, vulnerabilities of this kind have been exploited to craft powerful phishing attacks and browser exploits. Cross-site scripting was originally referred to as CSS, although this usage has been largely discontinued. Hacker with code name " Invectus " list some such famous sites with XSS vulnerability as listed below : 1.) https://video.state.gov/en/search/img-srchttp-i55tinypiccom-witu7dpng-height650-width1000/Ij48aW1nIHNyYz0iaHR0cD...

Games.com XSS Vulnerability by Cyber4rt One of the Biggest site for Hasbro Games, Video Games & Online Games - Games.com having XSS Vulnerability as shown in screenshot and Discovered by " Acizninja DeadcOde " at  Cyber4rt .

Python supply chain attacks are surging in 2025. Join our webinar to learn how to secure your code, dependencies, and runtime with modern tools and strategies.

ComodoHacker  responsible for DigiNotar Attack The hacker warns the Internet community that he has access to 4 other high-profile CAs, among them being GlobalSign, a certification authority from the U.S. He threatens that he will use his power over the companies to issue false certificates, which will later become the weapon of his revenge against countries who deserve it.In his own words, he said " I won't talk so many detail for now, just I wanted to let the world know that ANYTHING you do will have consequences, ANYTHING your country did in past, you have to pay for it... ". Complete Message here . An Iranian hacker posting a message on a Pastebin account boasting of his exploits and claiming to have access to more CAs. As a proof to show that he really did infiltrate DigiNotar, he shares the domain administrator password of the CA network:Pr0d@dm1n . Around 300.000 unique requesting IPs to google.com have been identified," Fox-IT said in the report. On Aug. 4 the ...

DDOs Tracer - 1.0 Released by MaxPainCode At most any time of the day, there's a distributed denial-of-service (DDOS) attack underway somewhere on the Internet. Yes, it's still true, despite reports that some ISPs have experienced fewer DDOS attacks overall during the last six months. It's a matter of quality, not quantity: " When DDOSes do occur, they are done with much greater purpose than they used to be ," says Rodney Joffe, senior vice president and senior technologist for Neustar, a directory services and clearinghouse provider for Internet industry. " They are usually to obscure what's [really] happening in the background ." So if you want to be safe and trace someone like a pro here is the tool that is being used by tracing the ms per second and then if the site goes down or just get lot of traffic it will report the time that the attacker started his web attack, that is really good as you can report the attack and give to police more inf...