The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

The Pirate Bay — a widely popular file-sharing website predominantly used to share copyrighted material free of charge — is once again in trouble, this time in Europe. The European Union Court of Justice (ECJ) ruled today that Dutch ISPs can block access to The Pirate Bay, as the Swedish file-hosting website facilitates an "act of communication" by allowing users to post and obtain torrents for pirated films, TV shows and music for free. Dutch anti-piracy group Stichting Brein (BREIN) in 2009 filed a case against local Internet Service Providers (ISPs) Ziggo and XS4ALL, and in 2012, the District Court of The Hague ruled that the ISPs must block users from accessing The Pirate Bay. However, Ziggo and XS4ALL, ISPs successfully overturned the decision two years later with the court ruling against BREIN and concluding that the blockade restricted the internet providers entrepreneurial freedoms. BREIN group then took the same case to the Supreme Court, who eventually r...

The United States government has released a rare alert about an ongoing, eight-year-long North Korean state-sponsored hacking operation. The joint report from the FBI and U.S. Department of Homeland Security (DHS) provided details on " DeltaCharlie ," a malware variant used by " Hidden Cobra " hacking group to infect hundreds of thousands of computers globally as part of its DDoS botnet network. According to the report, the Hidden Cobra group of hackers are believed to be backed by the North Korean government and are known to launch cyber attacks against global institutions, including media organizations, aerospace and financial sectors, and critical infrastructure. While the US government has labeled the North Korean hacking group Hidden Cobra, it is often known as Lazarus Group and Guardians of Peace – the one allegedly linked to the devastating WannaCry ransomware menace that shut down hospitals and businesses worldwide. DeltaCharlie – DDoS Botnet M...

As part of June's Patch Tuesday, Microsoft has released security patches for a total of 96 security vulnerabilities across its products, including fixes for two vulnerabilities being actively exploited in the wild. This month's patch release also includes emergency patches for unsupported versions of Windows platform the company no longer officially supports to fix three Windows hacking exploits leaked by the Shadow Brokers in the April's data dump of NSA hacking arsenal . The June 2017 Patch Tuesday brings patches for several remote code execution flaws in Windows, Office, and Edge, which could be exploited remotely by hackers to take complete control over vulnerable machines with little or no interaction from the user. While two of the vulnerabilities have been exploited in live attacks, another three flaws have publicly available proof-of-concept (POC) exploits that anyone could use to target Windows users. Vulnerabilities Under Active Attack The two vul...

While phishing and ransomware dominate headlines, another critical risk quietly persists across most enterprises: exposed Git repositories leaking sensitive data. A risk that silently creates shadow access into core systems Git is the backbone of modern software development, hosting millions of repositories and serving thousands of organizations worldwide. Yet, amid the daily hustle of shipping code, developers may inadvertently leave behind API keys, tokens, or passwords in configuration files and code files, effectively handing attackers the keys to the kingdom. This isn't just about poor hygiene; it's a systemic and growing supply chain risk. As cyber threats become more sophisticated, so do compliance requirements. Security frameworks like NIS2, SOC2, and ISO 27001 now demand proof that software delivery pipelines are hardened and third-party risk is controlled. The message is clear: securing your Git repositories is no longer optional, it's essential. Below, we look at the ris...

Did you know… last month's widespread WannaCry ransomware attack forced Microsoft to release security updates against EternalBlue SMB exploit for unsupported versions of Windows, but the company left other three Windows zero-day exploits unpatched? For those unaware, EternalBlue is a Windows SMB flaw that was leaked by the Shadow Brokers in April and then abused by the WannaCry ransomware to infect nearly 300,000 computers in more than 150 countries within just 72 hours on 12th of May. Shortly after WannaCry outbreak, we reported that three unpatched Windows exploits , codenamed " EsteemAudit, " " ExplodingCan ," and " EnglishmanDentist ," were also being exploited by individuals and state-sponsored hackers in the wild. Specially EsteemAudit , one of the dangerous Windows hacking tool that targets remote desktop protocol (RDP) service on Microsoft Windows Server 2003 and Windows XP machines, while ExplodingCan exploits bugs in IIS 6.0 and E...

In this year's annual event, Apple announced that the company had paid out $70 Billion to developers in the App Store's lifetime and that $21 Billion of the amount was paid in the last year alone. But has all this money gone to the legitimate app developers? Probably not, as app developer Johnny Lin last week analyzed the Apple's App Store and discovered that most of the trending apps on the app store are completely fake and are earning their makers hundreds of thousands of dollars through in-app purchases and subscriptions. Scammers Use 'Search Ads' Platform to Boost App Ranking Shady developers are abusing Apple's relatively new and immature App Store Search Ads, which was launched at last year's Worldwide Developers Conference (WWDC), to promote their app in the store by using a few strategically chosen search ads and a bit of SEO. "They're taking advantage of the fact that there's no filtering or approval process for ads, and ...

Over 800 different Android apps that have been downloaded millions of times from Google Play Store found to be infected with malicious ad library that silently collects sensitive user data and can perform dangerous operations. Dubbed " Xavier ," the malicious ad library, initially emerged in September 2016, is a member of AdDown malware family, potentially posing a severe threat to millions of Android users. Since 90 percent of Android apps are free for anyone to download, advertising on them is a key revenue source for their developers. For this, they integrate Android SDK Ads Library in their apps, which usually doesn't affect an app's core functionality. According to security researchers at Trend Micro , the malicious ad library comes pre-installed on a wide range of Android applications, including photo editors, wallpapers and ringtone changers, Phone tracking, Volume Booster, Ram Optimizer and music-video player. Features of Xavier Info-Stealing Malware...