The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Richard Kirk Kirk hacked into more than 300 eBay users' e-mail accounts after cracking their passwords. He then was able to steal money from his victims' usually secure PayPal accounts. He transferred money from PayPal into hundreds of his own accounts, and then used the stolen cash to buy valuable items, including gold bars. On Friday he was jailed for three and a half years for fraud and theft committed between 2008 and 2010. Nottingham Crown Court heard he stole more than £180,000 from his victims to buy gold jewellery, gold bullion bars and a Mitsubishi Shogun car on eBay. Victims were mainly individual account holders from Mansfield, Nottingham, Australia and Sweden. One account belonged to a special school in the North West for children with a short life expectancy. Kirk used the school's website, which sold memorabilia, to sell gold bars. After he agreed a sale of £3,000, the gold was never sent to the buyer. "Richard Kirk is a professional eBa...

Anonymous Apologize for their Kindness & Effort,   Anonymous Press Release 20 Feb,2011 (Must Read) ! NOTE :  One More Press Released By Anonymous Hackers on there official site/Facebook/Twitter. We are Publishing This news, just as the Media of "Hacking Field" . These is No relation b/w 'The Hacker News' & 'Anonymous Hackers'. The Complete Message Written by them is as given Following : Ladies and gentlemen around the world, We are writing to you today to inform you of a great realization that has come to fruition throughout the ranks of Anonymous. It is a sad revelation indeed that Anonymous, as a whole, has turned into nothing more than trolls trolling on trolls. It is due to that fact, and the recent outburst and outcry on the Westboro Baptist Church that select members within the group are apologizing for our brethren’s outbursts. We realize that many in the media and across the globe have followed our group, our legion of comrades in hopes tha...

Devil Shell v1.1 [new Release] Download ! Nice to share next version of shell with all of you with new features * DDoS * Information area [server ip,server port,etc] * Design new * Download any File * Remove some Bugs Comming Soon in Next Version * Mail Bomb * SQL Query You can Download at :Download Devil Shell v1.1 *Note: Only for testing purpose awl are work properly but still will do more updates sooner but enjoy this version secure fast and reliable only for hacknuts members Shell Username: ugdevil Shell Password: 1234567  download link  https://www.filefactory.com/file/b581cff/n/ugdevil.rar Archie Password is : hacknuts News Source :  UNDERGROUND DEVIL

AI agents promise to automate everything from financial reconciliations to incident response. Yet every time an AI agent spins up a workflow, it has to authenticate somewhere; often with a high-privilege API key, OAuth token, or service account that defenders can't easily see. These "invisible" non-human identities (NHIs) now outnumber human accounts in most cloud environments, and they have become one of the ripest targets for attackers. Astrix's Field CTO Jonathan Sander put it bluntly in a recent Hacker News webinar : "One dangerous habit we've had for a long time is trusting application logic to act as the guardrails. That doesn't work when your AI agent is powered by LLMs that don't stop and think when they're about to do something wrong. They just do it." Why AI Agents Redefine Identity Risk Autonomy changes everything: An AI agent can chain multiple API calls and modify data without a human in the loop. If the underlying credential is exposed or overprivileged, each addit...

Phone tapping in India has become a national concern with a leading operator revealing that at peak there are upto 100 phone tapping requests a day. In India there are ten major operators, at a conservative average of 50 taps a day per operator, there would be 182,000 authorized phone taps each year.  Not a significant number for a country of 500 million cell phones considering the real need to tap corrupt officials, drug dealers, suspected terrorists, mafia and other antisocial elements. To meet this requirement over 2000 such phone tapping equipment was imported by private security agencies, large businesses besides police and government agencies. Since phone taps are authorized only by the government, it is quite probable that some of the equipment in private hands is being used illegally for spying on politicians and businessmen.  There are six ways in which modern phone systems can be illegally tapped for corporate espionage and spying: 1)   Use of Over the Air t...

A group of hacktivists acting under the banner, " Anonymous ," has warned a church with a controversial history that unspoken retribution will follow it continues its practice of inflammatory protests. In an open letter to the Westboro Baptist Church, Anonymous has put the anti-gay, fundamentalist church on notice that "the damage incurred will be irreversible," and that "neither your institution nor your congregation will ever be able to fully recover." The Westboro Baptist Church is led by Rev. Fred Phelps. It has drawn particular attention for carrying out anti-gay protests at funerals of military servicemen with signs celebrating the deaths of the soldiers with signs like " God Hates the USA " or " Thank God for 9/11. " The group operates a  website  with the URL godhatesfags.com. In its letter, Anonymous wrote the following: Open Letter to Westboro Baptist Church AN OPEN LETTER FROM ANONYMOUS February 16, 2011 TO THE CONGREGAN...

Following in the steps of the HTC Evo before it, the Motorola Atrix 4G has been hacked to give root privileges before the phone is even available to buy. In more evidence that Android hackers are frequently out-pacing the creators of the phones themselves, the third post in the xda-developers thread where the root was announced was a half-sarcastic "why did it take so long?" Right now, this is more of an academic achievement than a practical one for two reasons. First, the actual steps to obtain root privileges haven't even been released to the public. Second, there is still a good chance that one of the main draws of rooted phones, custom ROMs, will be difficult to install thanks to an encrypted and locked bootloader. While rooting your phone is highly discouraged (as it's likely to cause an increased security risk, break all kinds of terms of service and make your carrier very unhappy) the speed of this announcement is nothing short of astounding. If the amount o...

A security researcher has released proof-of-concept code for an unpatched security vulnerability affecting all versions of Windows, prompting a warning from Microsoft that remote code execution attacks are theoretically possible. Details on the vulnerability were released on the Full Disclosure mailing list earlier this week and Microsoft followed up with two separate blog posts discussing the ramifications of the problem and suggesting workarounds until a patch can be created and released. According to Microsoft's Mark Wodrich, the vulnerability was identified in the BROWSER protocol and although all versions of Windows are vulnerable, the issue is more likely to affect server systems running as the Primary Domain Controller (PDC). "In environments following best practices, the BROWSER protocol should be blocked at the edge firewalls thus limiting attacks to the local network," Wodrich said. Wodrich provided technical confirmation of the buffer overrun vulnerability and expla...

An 'ethical' hacker demonstrates how one can break into the civic corporation's e-governance site and I P Gautam's official domain to access confidential info. The state government's websites are under threat of being hacked. A BCA student, who calls himself an 'ethical' hacker, demonstrated how it was possible to hack into the e-governance site of the Ahmedabad Municipal Corporation and civic chief I P Gautam's official domain.  Falgun Rathod showed on his home PC how these websites are vulnerable to misuse, poking the bubble of the state government that prides itself in winning three National e-Governance Awards recently.  Rathod also demonstrated how one can access the balance sheet of all nagarpalikas in the state that use the double entry accounting system. He pointed out that one can easily update any file on the website or change the face of the websites by using defacer websites.  While checking the AMC website, the 20-year-old student came across the 'Administ...