The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

When I was in school, I used to play outdoor games like basketball and badminton. When I was in college, I started taking more interest in playing computer games rather going out. But nowadays, children have completely changed their hobbies to programming, hacking, bug bounties in such a ways that just in half an hour of lunch break between classes they hacked ATM machine . A pair of ninth grade students, Caleb Turon and Matthew Hewlett , both 14 year old broke into a Bank of Montreal ATM during their lunch hours between classes by following an old ATM operators manual found online. The duo used the online manual to access the operator mode of the ATM machine in Winnipeg. They didn't use the accessed data to steal any amount from the ATM, rather they simply broke into the ATM machine and printed off information including users' transaction data, surcharge profits and the total cash held in the unit. HOW THEY HACKED INTO ATM MACHINE? Turon and Hewlett were not expectin...

A cyber campaign that was targeting iPhone and iPad owners with a sophisticated Ransomware in Australia and New Zealand last month, drawn special attention of online media and security analysts. Russian Authorities have arrested two young hackers from Moscow for their alleged involvement in compromising Apple ID accounts and then using ' Apple's Find My iPhone ' service to hold iOS devices for ransom. A Russian man aged 23 and a teenager aged 17 had been taken into custody in the Southern Administrative District of Moscow for their part in " blocking of Apple devices to extort funds ," claims the press release on the Russian Interior Ministry's website on Tuesday. According to the authorities, one of the suspects used phishing websites to trick victims into giving up their Apple ID username and password. The second suspect's activities are exactly same of the ' Oleg Pliss attack '. " The first involved gaining access to the victim's Apple ID by means of the c...

Yesterday, the most popular RSS reader Feedly was down as a result of a large scale distributed-denial-of service (DDoS) attack carried by the cybercriminals to extort money. On Wednesday, the Feedly was temporarily unavailable for its users. Feedly posted details of the attack at 5:00 AM ET on its blog saying that they were under a Distributed Denial of Service (DDoS) attack and cyber-criminals were demanding money in return for returning the service to its normal operations. " Criminals are attacking feedly with a distributed denial of service attack (DDoS). The attacker is trying to extort us money to make it stop, " Edwin Khodabakchian, founder and CEO of Feedly said in a statement on Wednesday. He also expressed regret, " We want to apologize for the inconvenience. Please know that you data is safe and you will be able to re-access your feedly as soon as the attack is neutralized. " Feedly is a very popular RSS feed service which is available for desktop, iOS and...

While phishing and ransomware dominate headlines, another critical risk quietly persists across most enterprises: exposed Git repositories leaking sensitive data. A risk that silently creates shadow access into core systems Git is the backbone of modern software development, hosting millions of repositories and serving thousands of organizations worldwide. Yet, amid the daily hustle of shipping code, developers may inadvertently leave behind API keys, tokens, or passwords in configuration files and code files, effectively handing attackers the keys to the kingdom. This isn't just about poor hygiene; it's a systemic and growing supply chain risk. As cyber threats become more sophisticated, so do compliance requirements. Security frameworks like NIS2, SOC2, and ISO 27001 now demand proof that software delivery pipelines are hardened and third-party risk is controlled. The message is clear: securing your Git repositories is no longer optional, it's essential. Below, we look at the ris...

Yahoo offers a web browser toolbar which includes apps for leading sites like Facebook, Yahoo! Mail, Weather and News. Yahoo Toolbar also known as Y! Toolbar is available for Internet Explorer, Firefox and Google Chrome web browsers. Yahoo Toolbar is one of the most popular and widely installed web browser add-on/extension. Many popular softwares like Java Update and thousands of free software including some Antivirus products promote Yahoo toolbar and bundled it into their installer files. A vulnerability has been reported in Yahoo Toolbar by Security Researcher Behrouz SAdeghipour , which causes cross site scripting flaw on popular websites like Flickr, Yahoo, Google, Pinterest, Youtube, Amazon, Twitter and many more. Yahoo Toolbar vulnerability triggers all previous non-exploitable XSS payloads on popular websites as shown below in multiple screenshots provided by Behrouz to The Hacker News .  The vulnerability resides in the way Toolbar intercept...

A quiet change in the privacy setting of its forthcoming iOS 8 smartphone Operating System, Apple could effectively block the path for advertisers, marketers, and other snoopers looking to collect data about you and your location from your Smartphone devices. When your mobile device scan for a free Wi-Fi network, whether at the shopping complex, airport, or restaurant, it sends out the MAC address which is a unique identifier of the device that allows devices to distinguish between one another on a network. Routers need this identifier to connect you to a network. Advertisers and retailers have been seeking to track these identifiers to help offer personalized advertisements to customers based on where they've been. Thanks to Apple's upcoming feature which will enhance users privacy to one step higher than other smartphone providers. Apple announced the change during its annual Worldwide Developers Conference (WWDC) in Cupertino last week, revealing that the feature will restrict ...

While shopping online we need to first surf through number of pages and then finally have to fill credit and debit cards details manually into the browser, which is the annoying for most of the user. But now the new Safari feature in iOS 8 solves this problem by integrating camera-based Credit and Debit card reader. Apple will soon introduce this feature to Safari in its latest Operating System iOS 8 that will allow its iPhone/iPad users to scan their physical credit and debit cards with their device camera and optical character recognition, according to 9to5Mac . So when a user has to shop online using their iPhone or iPad and reach the payment screen for payment, safari browser will automatically display this " Scan Credit Card " option. This option will help your camera to capture the image of your credit card, which the device will analyze by using the optical character recognition to input the card number into the appropriate text field in the online payment form ...