The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Over 130,000 Finnish citizens have had their credentials compromised in what appears to be third largest data breach ever faced by the country, local media reports . Finnish Communications Regulatory Authority (FICORA) is warning users of a large-scale data breach in a website maintained by the New Business Center in Helsinki ("Helsingin Uusyrityskeskus"), a company that provides business advice to entrepreneurs and help them create right business plans. Unknown attackers managed to hack the website ( https://liiketoimintasuunnitelma.com ) and stole over 130,000 users' login usernames and passwords, which were stored on the site in plain-text without using any cryptographic hash. Right after knowing of the breach on 3rd April, the company took down the affected website, which is currently showing "under maintenance" notice with a press release about the incident on its homepage. "We are very sorry for all the people who have been subjected to crime a...

Ransomware has been around for a few years, but it has become an albatross around everyone's neck, targeting big businesses, hospitals, financial institutions and individuals worldwide and extorting millions of dollars. Last year, we saw some major ransomware outbreaks, including WannaCry  and  NotPetya , which wreaked havoc across the world, hitting hundreds of thousands of computers and business networks worldwide. From small to mid-range businesses, Microsoft Office 365 remains the most widely used and fastest-growing work office suite, so it's no surprise that it has become a primary target for viruses, ransomware, and phishing scams. In fact, most strains of ransomware target Microsoft productivity apps such as Word, Excel and encrypt sensitive data to hold the company hostage until the ransom is paid. Now, to combat such cyber attacks, Microsoft has announced some new security features for Office 365 that can help users mitigate the damage done by ransomware ...

Security researchers have discovered three vulnerabilities in the Spring Development Framework, one of which is a critical remote code execution flaw that could allow remote attackers to execute arbitrary code against applications built with it. Spring Framework is a popular, lightweight and an open source framework for developing Java-based enterprise applications. In an advisory released today by Pivotal, the company detailed following three vulnerabilities discovered in Spring Framework versions 5.0 to 5.0.4, 4.3 to 4.3.14, and older unsupported versions: Critical : Remote Code Execution with spring-messaging (CVE-2018-1270) High : Directory Traversal with Spring MVC on Windows (CVE-2018-1271) Low : Multipart Content Pollution with Spring Framework (CVE-2018-1272) Vulnerable Spring Framework versions expose STOMP clients over WebSocket endpoints with an in-memory STOMP broker through the 'spring-messaging' module, which could allow an attacker to send a mali...

A newly released report by cybersecurity firm CTM360 reveals a large-scale scam operation utilizing fake news websites—known as Baiting News Sites (BNS)—to deceive users into online investment fraud across 50 countries. These BNS pages are made to look like real news outlets: CNN, BBC, CNBC, or regional media. They publish fake stories that feature public figures, central banks, or financial brands, all claiming to back new ways to earn passive income. The goal? Build trust quickly and steer readers toward professional-looking scam platforms like Trap10, Solara Vynex, or Eclipse Earn. Scammers use sponsored ads on Google, Meta, and blog networks to push traffic to these sites. Ads often carry clickbait headlines—"You won't believe what a prominent public figure just revealed"—paired with official photos or national flags to make them feel legit. Clicking the ad directs users to a fake article, which then redirects them to a fraudulent trading platform. Many of these scams follow a...

One of the biggest and most popular multi-antivirus scanning engine service has today launched a new Android sandbox service, dubbed VirusTotal Droidy , to help security researchers detect malicious apps based on behavioral analysis. VirusTotal, owned by Google, is a free online service that allows anyone to upload files to check them for viruses against dozens of antivirus engines simultaneously. Android Sandbox performs both static and dynamic analysis to automatically detect suspicious applications by executing and monitoring applications in a simulated Android OS environment. Behavioral reports for Android applications (APKs) is not new to VirusTotal, as the website already had service since 2013 that worked based on Cuckoo Sandbox , an open source automated malware analysis system. Replacing this existing system, VirusTotal Droidy has been integrated in the context of the multi-sandbox project and can extract "juicy" details, such as: Network communicatio...

Facebook dropped another bombshell on its users by admitting that all of its 2.2 billion users should assume malicious third-party scrapers have compromised their public profile information. On Wednesday, Facebook CEO Mark Zuckerberg revealed that "malicious actors" took advantage of "Search" tools on its platform to discover the identities and collect information on most of its 2 billion users worldwide. The revelation once again underlines the failure of the social-media giant to protect users' privacy while generating billions of dollars in revenue from the same information. The revelation came weeks after the disclosure of the Cambridge Analytica scandal , wherein personal data of 77 million users was improperly gathered and misused by the political consultancy firm, who reportedly also helped Donald Trump win the US presidency in 2016. However, the latest scam revealed by the social media giant about the abuse of Facebook's search tools over the...

Security researchers at Embedi have disclosed a critical vulnerability in Cisco IOS Software and Cisco IOS XE Software that could allow an unauthenticated, remote attacker to execute arbitrary code, take full control over the vulnerable network equipment and intercept traffic. The stack-based buffer overflow vulnerability (CVE-2018-0171) resides due to improper validation of packet data in Smart Install Client, a plug-and-play configuration and image-management feature that helps administrators to deploy (client) network switches easily. Embedi has published technical details and Proof-of-Concept (PoC) code after Cisco today released patch updates to address this remote code execution vulnerability, which has been given a base Common Vulnerability Scoring System (CVSS) score of 9.8 (critical). Researchers found a total of 8.5 million devices with the vulnerable port open on the Internet, leaving approximately 250,000 unpatched devices open to hackers. To exploit this vu...