Search results for CN NEWS | Breaking Cybersecurity News | The Hacker News

Dehuajie.gov.cn Hacked by Anarchy Cr3w (Kurdish Hackers) ! Hacked Site :   https://www.dehuajie.gov.cn/ News Source : Anarchy Cr3w (Kurdish Hackers)

Telecommunication providers in the Middle East are the subject of new cyber attacks that commenced in the first quarter of 2023. The intrusion set has been attributed to a Chinese cyber espionage actor associated with a long-running campaign dubbed  Operation Soft Cell  based on tooling overlaps. "The initial attack phase involves infiltrating Internet-facing Microsoft Exchange servers to deploy web shells used for command execution," researchers from SentinelOne and QGroup said in a  new technical report  shared with The Hacker News. "Once a foothold is established, the attackers conduct a variety of reconnaissance, credential theft, lateral movement, and data exfiltration activities." Operation Soft Cell, according to  Cybereason , refers to malicious activities undertaken by China-affiliated actors targeting telecommunications providers since at least 2012. The Soft Cell threat actor, also tracked by Microsoft as  Gallium , is known to target unpa...

16 Websites Hacked by Tejas (Indian Hacker) Hacked Sites : https://lumjsoft.com/tejas.html https://coachcall.com.cn/tejas. html https://shanzhaipc.org/tejas. html https://dataio.com/tejas.html https://gogou.org/tejas.html https://huhao.org/tejas.html https://zgxlzxw.com/tejas.html https://blsfw.com/tejas.html https://byerdental.com/tejas. html https://cibits.com/tejas.html https://315pu.com/tejas.html https://250360.com/tejas.html https://aspirantsouls.com/ tejas.html https://authorswritenow.com/ tejas.html https://bjname.com/tejas.html https://yjwz.cn/tejas.html News Source : Tejas (Indian Hacker) | Via Email

One million pages infected by Lilupophilupop SQL injection ISC (Internet Storm Center) reported that   lilupophilupop.com SQL injection attacks. There were about 80 pages infected according to Google searches few weeks back and now it raise to over 1 million . sites being injected with string : "></title><script src="https://lilupop******.com/**.php"></script>          Recommended Read :  The Hacker News Hacking Awards : Best of Year 2011            Infections are shows on .com, .de, & .uk as the most affected regions. ISC posted stats just to give you a rough idea of where the pages are: UK - 56,300 NL - 123,000 DE - 49,700 FR - 68,100 DK - 31,000 CN - 505 CA - 16,600 COM - 30,500 RU - 32,000 JP - 23,200 ORG - 2,690 If you want to find out if you have a problem just search for " <script src="https://lilupophi*****p.com/ " in google and use the site: parameter to hone in on yo...

GO SMS Pro, a popular messaging app for Android with over 100 million installs, has been found to have an unpatched security flaw that publicly exposes media transferred between users, including private voice messages, photos, and videos. "This means any sensitive media shared between users of this messenger app is at risk of being compromised by an unauthenticated attacker or curious user," Trustwave Senior Security Consultant Richard Tan said in a report shared with The Hacker News. According to Trustwave SpiderLabs, the shortcoming was spotted in version 7.91 of the app, which was released on the Google Play Store on February 18, 2020. The cybersecurity firm said it attempted to contact the app makers multiple times since August 18, 2020, without receiving a response. But checking the app's changelog, GO SMS Pro received an update (v7.92) on September 29, followed by another subsequent update, which was published yesterday. The latest updates to the app, however...

A software package available from the official NPM repository has been revealed to be actually a front for a tool that's designed to steal saved passwords from the Chrome web browser. The package in question, named " nodejs_net_server " and downloaded over 1,283 times since February 2019, was last updated seven months ago (version 1.1.2), with its corresponding repository leading to non-existent locations hosted on GitHub.  "It isn't malicious by itself, but it can be when put into the malicious use context," ReversingLabs researcher Karlo Zanki  said  in an analysis shared with The Hacker News. "For instance, this package uses it to perform malicious password stealing and credential exfiltration. Even though this off-the-shelf password recovery tool comes with a graphical user interface, malware authors like to use it as it can also be run from the command line." While the first version of the package was put out just to test the process of p...

The same security vulnerabilities that were recently reported in Zoom for macOS also affect two other popular video conferencing software that under the hood, are just a rebranded version of Zoom video conferencing software. Security researchers confirmed The Hacker News that RingCentral, used by over 350,000 businesses, and Zhumu, a Chinese version of Zoom, also runs a hidden local web server on users' computers, just like Zoom for macOS. The controversial local web server that has been designed to offer an automatic click-to-join feature was found vulnerable to remote command injection attacks through 3rd-party websites. Security researcher Jonathan Leitschuh initially provided a proof-of-concept demonstrating how the vulnerable web server  could eventually allow attackers to turn on users laptop's webcam and microphone remotely. The flaw was later escalated to remote code execution attack by another security researcher, Karan Lyons , who has now published a new v...

Github – a popular coding website used by programmers to collaborate on software development – was hit by a large-scale distributed denial of service (DDoS) attack for more than 24 hours late Thursday night. It seems like when users from outside countries visit different websites on the Internet that serve advertisements and tracking code from Chinese Internet giant Baidu , the assailants on Chinese border quietly inject malicious JavaScript code into the pages of those websites. The code instructs browsers of visitors to those websites to rapidly connect to GitHub.com every two seconds in a way that visitors couldn't smell, creating "an extremely large amount of traffic," according to a researcher who goes by the name A nthr@x . "A certain device at the border of China's inner network and the Internet has hijacked the HTTP connections went into China, replaced some JavaScript files from Baidu with malicious ones," A nthr@x wrote at Insight La...

Update: Microsoft's search engine Bing has been restored in China after being inaccessible in the country for almost two days. According to sources familiar with the matter, Bing was blocked due to an accidental technical error and not due to an attempt at censorship. China has blocked Microsoft-owned search engine Bing , the company confirmed after receiving complaints from users throughout the country who took to social media beginning late Wednesday to express concerns. So, Bing becomes the latest service to be shut down by Chinese government behind its so-called Great Firewall of China , which blocks thousands of websites originating in the west including Facebook, WhatsApp , Twitter, Yahoo, and Google. The news came as a surprise because Microsoft's search engine actually followed China's strict rules on censoring search results. Online service WebSitePulse that tracks outages in China also confirmed that cn.bing.com—the web address for Bing in China since ...

A set of five critical security shortcomings have been disclosed in the Ingress NGINX Controller for Kubernetes that could result in unauthenticated remote code execution, putting over 6,500 clusters at immediate risk by exposing the component to the public internet. The vulnerabilities (CVE-2025-24513, CVE-2025-24514, CVE-2025-1097, CVE-2025-1098, and CVE-2025-1974 ), assigned a CVSS score of 9.8, have been collectively codenamed IngressNightmare by cloud security firm Wiz. It's worth noting that the shortcomings do not impact NGINX Ingress Controller , which is another ingress controller implementation for NGINX and NGINX Plus. "Exploitation of these vulnerabilities leads to unauthorized access to all secrets stored across all namespaces in the Kubernetes cluster by attackers, which can result in cluster takeover," the company said in a report shared with The Hacker News. IngressNightmare, at its core, affects the admission controller component of the Ingress N...

Tianya,  China's biggest online forum 40 million users data leaked Tianya.cn , China's biggest online forum confirmed on Sunday that private information for 40 million users had been leaked, three days after the country's largest programmers' website CSDN reported a similar leak . Tianya is one of the most popular sites in China; it's the nexus of China's online communications, a collection of simple forums, blogs, and groups; due to uber-popularity Tianya is the best place in China's web to find public opinion on social issues, cultural experience, and original fresh content from millions of Chinese users. Based on netizen comments, the Tianya community meets the need for personal interaction, creation and expression. In a family oriented society, Tianya is China's dinner table, where news of the day is discussed in an open, personal fashion. The user account information of several other popular websites in China such as Dodonew.com, 7K7K, Duowan.com, and 178.com ...

The npm package registry has emerged as the target of yet another highly targeted attack campaign that aims to entice developers into downloading malevolent modules. Software supply chain security firm Phylum told The Hacker News the activity exhibits similar behaviors to that of a previous attack wave  uncovered in June , which has since been  linked to North Korean threat actors . As many as nine packages have been identified as uploaded to npm between August 9 and 12, 2023. This includes: ws-paso-jssdk, pingan-vue-floating, srm-front-util, cloud-room-video, progress-player, ynf-core-loader, ynf-core-renderer, ynf-dx-scripts, and ynf-dx-webpack-plugins. "Due to the sophisticated nature of the attack and the small number of affected packages, we suspect this is another highly targeted attack, likely with a social engineering aspect involved in order to get targets to install these packages," the company  said . The attack chain commences with the package.json file ...

3 websites hacked By Rao Assasin Hacker ! Hacked sites :  https://www.zooguiden.com/index.html https://www.ridleder.com/index.html https://www.bcwater.gov.cn/index.html News Source : Rao Assasin Hacker

China Government Site Hacked By Team Grey Hat ! Hacked Site :  www.jssjj.gov.cn News Source : Napster 

3 websites hacked by Indian Girl Hacker - TriNitY ! Till now we was just listen about that, some Hackers (boys) do hacks and sites defacements, But wait ! Here we have an Indian Girl with codename " TriNitY " .TriNitY is I think 1st Indian hacker who is in news for defacing some websites. The list of websites hacked by her : https://demo-l.jahoma.de/administrator/images/index.html https://www.upes.edu.vn/trinity.htm https://www.xzdm.gov.cn/trinity.htm  Sites may get recover, You can check deface page mirror at : https://mirror.sec-t.net/defacements/?id=28312   https://mirror.sec-t.net/defacements/?id=27353

China has something very impressive that we are not aware of. The country has a powerful and previously unknown weapon that its government is using to bolster their cyber attack capabilities: Dubbed " The Great Cannon. " INTERNET CENSORSHIP IN CHINA When I talk about Internet censorship, it is incomplete if I don't mention China. China is famous for its Great Wall of China and Great Firewall of China . The censoring of Internet access and blocking an individual website in China by its government, known as the Great Firewall of China. But, why the Chinese government does that? The answer is very simple: The Chinese government restricts those contents it deems sensitive for its country's so-called democracy. It illegalize certain online speech and activities, block selected websites, and filter keywords out of searches initiated from computers located in Mainland China. The worse: Those Chinese citizens who offend authorities against Int...

Wufeng County Procuratorat ( China Government ) website Hacked ! Hacked site :  https://www.wufeng.jcy.gov.cn/ News Source : Kai Farmer

The operators of the mysterious Quad7 botnet are actively evolving by compromising several brands of SOHO routers and VPN appliances by leveraging a combination of both known and unknown security flaws. Targets include devices from TP-LINK, Zyxel, Asus, Axentra, D-Link, and NETGEAR, according to a new report by French cybersecurity company Sekoia. "The Quad7 botnet operators appear to be evolving their toolset, introducing a new backdoor and exploring new protocols, with the aim of enhancing stealth and evading the tracking capabilities of their operational relay boxes (ORBs)," researchers Felix Aimé, Pierre-Antoine D., and Charles M. said .  Quad7, also called 7777, was first publicly documented by independent researcher Gi7w0rm in October 2023, highlighting the activity cluster's pattern of ensnaring TP-Link routers and Dahua digital video recorders (DVRs) into a botnet. The botnet, which gets its name from the fact it opens TCP port 7777 on compromised devices, ...

A China-linked unnamed threat actor dubbed Chaya_004 has been observed exploiting a recently disclosed security flaw in SAP NetWeaver. Forescout Vedere Labs, in a report published Thursday, said it uncovered a malicious infrastructure likely associated with the hacking group weaponizing CVE-2025-31324 (CVSS score: 10.0) since April 29, 2025. CVE-2025-31324 refers to a critical SAP NetWeaver flaw that allows attackers to achieve remote code execution (RCE) by uploading web shells through a susceptible "/developmentserver/metadatauploader" endpoint. The vulnerability was first flagged by ReliaQuest late last month when it found the shortcoming being abused in real-world attacks by unknown threat actors to drop web shells and the Brute Ratel C4 post-exploitation framework. According to Onapsis, hundreds of SAP systems globally have fallen victim to attacks spanning industries and geographies, including energy and utilities, manufacturing, media and entertainment, oil an...