The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Ever registered on StarBucks website? Change your passwords now! If you are one of those Millions Starbucks customers who have registered their accounts and credit card details on StarBucks website, then your banking details are vulnerable to hackers. An Independent Security Researcher, Mohamed M. Fouad from Egypt, has found three critical vulnerabilities on StarBucks website that could have allowed attackers to take over your account in just one click. The vulnerabilities include: Remote Code Execution Remote File Inclusion lead to Phishing Attacks CSRF (Cross Site Request Forgery) Stealing Credit Cards Details In case of Remote File Inclusion flaw, an attacker can inject a file from any location into the target page, which includes as a source code for parsing and execution, allowing attacker to perform: Remote Code Execution on the company's web server Remote Code Execution on the client-side, potentially allowing attacker to perform othe...

Whenever you go to Buy any Electronic Gadget — Phone, Tablet, Laptop, Watch — the most important specification isn't its processor speed or its camera quality. It's how long the device's battery backup is. Imagine easy access to such batteries that provide more battery power after charging it once, do not give up in less time and have a life of many years. To achieve this, the researchers at Massachusetts Institute of Technology (MIT) and Samsung , have developed a new material that could potentially revolutionize the Battery industry. Researchers have solved all these Battery issues with just one weird practical approach, called Solid-State Electrolytes . Today the cells we depend on contain Liquid-State Electrolyte , the researchers thought of replacing the one with a Solid form of electrolyte. Solid-State Electrolytes could simultaneously address the greatest challenges associated with improving lithium-ion batteries (LIB) , with the possibility to increas...

A Critical vulnerability discovered in Mozilla's popular Bugzilla bug-tracking software , used by hundreds of thousands of prominent software organizations, could potentially expose details of their non-public security vulnerabilities to the Hackers. So it's time for developers and organizations that use Bugzilla open source bug tracking system to upgrade to the latest patched versions – namely 5.0.1, 4.4.10, or 4.2.15 . Bugzilla is a vulnerability database used by Mozilla as well as many open-source projects and private organizations. Besides patched flaws, these databases also contain sensitive information related to unpatched vulnerabilities reported to organizations. Unfortunately, the researchers at security firm PerimeterX have discovered a vulnerability ( CVE-2015-4499 ) in Bugzilla's email-based permissions process that allowed them to gain high-level permissions on Bugzilla. As a result, it is potentially possible for an attacker to easily access u...

Is Managing Customer Logins and Data Giving You Headaches? You're Not Alone! Today, we all expect super-fast, secure, and personalized online experiences. But let's be honest, we're also more careful about how our data is used. If something feels off, trust can vanish in an instant. Add to that the lightning-fast changes AI is bringing to everything from how we log in to spotting online fraud, and it's a whole new ball game! If you're dealing with logins, data privacy, bringing new users on board, or building digital trust, this webinar is for you . Join us for " Navigating Customer Identity in the AI Era ," where we'll dive into the Auth0 2025 Customer Identity Trends Report . We'll show you what's working, what's not, and how to tweak your strategy for the year ahead. In just one session, you'll get practical answers to real-world challenges like: How AI is changing what users expect – and where they're starting to push ba...

iOS 9 is out, and it's time to update your iPhone or iPad to the latest version of Apple's mobile operating system. The new iOS is better, faster, and more efficient than its predecessors, with a number of new features and improvements including enhanced multitasking for iPad, Proactive Assistant Siri, new Low Power mode, Transit directions in Maps and many more. You need to download iOS 9 right away. But, after installing it on your iOS device, you should immediately change these security settings to protect your privacy. Besides various new features, iOS 9 also comes with a handful of security and privacy improvements. So, before doing anything like loading new apps, customizing your phone, or syncing your data, you need to check these settings – and if necessary, changed. 1. Locking the Door Boost iOS 9 Security by Setting a Longer 6-digit Passcode When you set up an iOS device, you are asked to create a passcode to encrypt your entire iPho...

The Existing Infrastructure used by Financial institutions like Banks is Archaic, Slow, and Costly, with hardly any innovation in the past three decades. Nine of the World's renowned Banks, including JPMorgan , Royal Bank of Scotland , Goldman Sachs and Barclays , are collaborating with New York-based financial tech firm R3 to create a new framework based on Bitcoin's Blockchain. Yes, they are back in the game yet again, but this time officially! Blockchain — the public and decentralized ledger technology that underpins all Bitcoin transactions has been now recognized as " the future for financial services infrastructure ". The blockchain technology is a way of keeping records by listing the owner's name with all the previous and present transaction the client was involved. It is a public ledger where a list of all the transactions ever executed is maintained. The Banks are planning to develop and implement Blockchain-like Technology where distributed/shared ...