Search results for JAVA | Breaking Cybersecurity News | The Hacker News

Open Source is the Future of the computer science world! On Wednesday, the popular coding website GitHub shared a graph that gives a closer look at the popularity of different programming languages used on its code sharing website that lets anyone edit, store, and collaborate on software code. Since its launch in 2008, GitHub saw various programming languages picking up momentum, as shown in the graph below. An insight into what GitHub is… GitHub is a web-based repository that operates on the functionality of a 'Git,' which is strictly a command-line tool. With 10 Million users as of today, the platform has become the primary source of housing open source software that is free of cost available to the world at large. A look at the picture of programming trends on GitHub over recent years is actually a look at how the computer world is evolving. Top 10 Programming Languages Here are the Top 10 Programming Languages on GitHub today: JavaS...

Security researchers have discovered a number of critical vulnerabilities in the Java environment of the Google App Engine (GAE) that enables attackers to bypass critical security sandbox defenses. Google App Engine is Google's PaaS (Platform as a Service) Cloud computing Platform for developing and hosting web applications in Google-managed data centers. GAE offers to run custom-built programs using a wide variety of popular languages and frameworks, out of which many are built on the Java environment. The vulnerabilities was reported by Security Explorations, the same security research company that carried out multiple researches related to Java in past. The discovery was announced on the Full Disclosure security mailing list by Adam Gowdiak , founder and CEO of Security Explorations. According to the security firm, the flaws can be exploited by attackers to achieve a complete Java VM security sandbox escape, as well as to execute an arbitrary code. The researchers ...

Threat actors are weaponizing exposed Java Debug Wire Protocol ( JDWP ) interfaces to obtain code execution capabilities and deploy cryptocurrency miners on compromised hosts. "The attacker used a modified version of XMRig with a hard-"coded configuration, allowing them to avoid suspicious command-line arguments that are often flagged by defenders," Wiz researchers Yaara Shriki and Gili Tikochinski said in a report published this week. "The payload used mining pool proxies to hide their cryptocurrency wallet address, thereby preventing investigators from pivoting on it." The cloud security firm, which is being acquired by Google Cloud, said it observed the activity against its honeypot servers running TeamCity, a popular continuous integration and continuous delivery (CI/CD) tool. JDWP is a communication protocol used in Java for debugging purposes. With JDWP, users can leverage a debugger to work in a different process, a Java application, on the same com...

Oracle released an emergency patch on Thursday for previously unknown Java vulnerabilities that cybercriminals had targeted with popular exploit kits within hours after the bugs' existence became public, security researchers found yet another vulnerability that can be exploited to run arbitrary code on systems that have the runtime installed. Security researchers from Poland-based security firm Security Explorations claim to have discovered a vulnerability in the Java 7 security update released Thursday that can be exploited to escape the Java sandbox and execute arbitrary code on the underlying system. While so far the vulnerability has only been found being used against Windows, other platforms such as the Mac OS could potentially be targeted through the same exploit. Security Explorations sent a report about the vulnerability to Oracle on Friday together with a proof-of-concept exploit, Adam Gowdiak, the security company's founder and CEO said Friday via email. The compa...

Imagine someone getting access to your computer, encrypting all your family photos and other priceless files, and then demanding a ransom for their safe return. That is what ransomware is all about. Symantec's latest research report suggests police-themed ransomware could be a replacement to the once-lucrative fake antivirus scareware trade. According to  report , Ransomware distributors are raking in around $5 million dollars a year and the spoils are being spread among just 16 crime groups. Symantec's estimates suggest a significant but not yet thriving crime business, which delivers each operation, on average, $300,000 a year. Reticently identified Oracle Java SE Remote Java Run time Environment vulnerability (  CVE-2012-5076 ) leads to  Geo located   Ransomware Malware . Java vulnerability actually can allows attacker to unauthorized disclosure of information, unauthorized modification and disruption of service. This R...

Netflix, the world's largest Internet Video Subscription service with more than 35.7 million customers in U.S alone, that runs on the Microsoft Silverlight platform, has now become a popular target for cybercriminals, as public awareness of Java and Flash flaws is increasing. Silverlight is a Microsoft's plug-in for streaming media on browsers, similar to Adobe Flash Player , that handles multimedia contents on Microsoft Windows and Mac OS X Web Browsers, and is popularly known for being used in Netflix's streaming video service. But, Netflix isn't the only service that works on Silverlight, many other multimedia services supports Silverlight. Malware and Exploit Kit developers are targeting Silverlight users as they aren't aware of the increasing proliferation of malware for the platform. Silverlight vulnerabilities are mostly exploited using drive-by download attacks to compromise victim's computers with malware, especially through malicious ads. A recent...

Google last month addressed a high-severity flaw in its OAuth client library for Java that could be abused by a malicious actor with a compromised token to deploy arbitrary payloads. Tracked as  CVE-2021-22573 , the vulnerability is rated 8.7 out of 10 for severity and relates to an authentication bypass in the library that stems from an improper verification of the cryptographic signature. Credited with discovering and reporting the flaw on March 12 is  Tamjid Al Rahat , a fourth-year Ph.D. student of Computer Science at the University of Virginia, who has been awarded $5,000 as part of Google's bug bounty program. "The vulnerability is that the IDToken verifier does not verify if the token is properly signed," an  advisory  for the flaw reads. "Signature verification makes sure that the token's payload comes from a valid provider, not from someone else. An attacker can provide a compromised token with custom payload. The token will pass the validation on ...

Almost two years back, Apple introduced Swift programming language at its World Wide Developers Conference (WWDC) to the developers who build software applications for Apple devices. Swift was designed to make it easier for developers to create apps for Apple's mobile platform. Usually developers write complete app code and then compile it to see output, but Swift helps them see results in real time instantly while writing code. Now, reports have been emerged that the search engine giant is also considering making Swift programming language a "first class" language choice for programmers making apps for its Android platform. In between an ongoing legal battle with Oracle over Android, Google is planning to bring Swift into the Android platform with at least two major third-party developers — Facebook and Uber, reports The Next Web. Around the time when Apple officially made Swift an open source language, executives from Google, Facebook and Uber attended a m...

The Apache Software Foundation (ASF) has released a security update to address an important vulnerability in its Tomcat server software that could result in remote code execution (RCE) under certain conditions. The vulnerability, tracked as CVE-2024-56337 , has been described as an incomplete mitigation for CVE-2024-50379 (CVSS score: 9.8), another critical security flaw in the same product that was previously addressed on December 17, 2024. "Users running Tomcat on a case insensitive file system with the default servlet write enabled (readonly initialisation parameter set to the non-default value of false) may need additional configuration to fully mitigate CVE-2024-50379 depending on which version of Java they are using with Tomcat," the project maintainers said in an advisory last week. Both the flaws are Time-of-check Time-of-use ( TOCTOU ) race condition vulnerabilities that could result in code execution on case-insensitive file systems when the default servlet is...

During the first day of Pwn2Own competition at the CanSecWest conference in Vancouver , latest versions of all major browsers were exploited by hackers.  Chrome, Firefox and Internet Explorer 10 on Windows 8 were successfully pwned by various competitors, bringing them tens of thousands of dollars in prizes.  French vulnerability research and bug selling firm ' Vupen ' brought down IE10 running on a Windows 8 powered Surface Pro tablet by exploiting a pair of flaws. Researchers Jon Butler and Nils from MWR Labs managed to exploit Google Chrome on Windows 7 and also used a kernel bug to bypass the sandbox. " By visiting a malicious webpage, it was possible to exploit a vulnerability which allowed us to gain code execution in the context of the sandboxed renderer process. We also used a kernel vulnerability in the underlying operating system in order to gain elevated privileges and to execute arbitrary commands outside of the sandbox with s...

The "hotpatch" released by Amazon Web Services (AWS) in response to the  Log4Shell  vulnerabilities could be leveraged for container escape and privilege escalation, allowing an attacker to seize control of the underlying host. "Aside from containers, unprivileged processes can also exploit the patch to escalate privileges and gain root code execution," Palo Alto Networks Unit 42 researcher Yuval Avrahami  said  in a report published this week. The issues —  CVE-2021-3100 ,  CVE-2021-3101 ,  CVE-2022-0070 , and  CVE-2022-0071  (CVSS scores: 8.8) — affect the  hotfix solutions  shipped by AWS, and stem from the fact that they are designed to search for Java processes and patch them against the Log4j flaw on the fly but without ensuring that the new Java processes are run within the restrictions imposed on the container. "Any process running a binary named 'java' – inside or outside of a container – is considered a candidate for...

A new multi-stage malware campaign is targeting Minecraft users with a Java-based malware that employs a distribution-as-service (DaaS) offering called Stargazers Ghost Network . "The campaigns resulted in a multi-stage attack chain targeting Minecraft users specifically," Check Point researchers Jaromír Hořejší and Antonis Terefos said in a report shared with The Hacker News. "The malware was impersonating Oringo and Taunahi, which are 'Scripts and macros tools' (aka cheats). Both the first and second stages are developed in Java and can only be executed if the Minecraft runtime is installed on the host machine." The end goal of the attack is to trick players into downloading a Minecraft mod from GitHub and deliver a .NET information stealer with comprehensive data theft capabilities. The campaign was first detected by the cybersecurity company in March 2025. What makes the activity notable is its use of an illicit offering called the Stargazers Ghost...

Struggling to learn how to code? If you're looking to 'learn how to code' and seeking a career as an expert-level programmer, you should know how to play with codes and make your own. It's no secret that mastering a coding language or two can put you at the top of the job market – thanks to the boom in technology. Today, you can elevate your programming skills straight from the Internet to become an actual coder, but getting into a heavy subject like coding involves a lot of time and money. 'Learn to Code' 2017 Bundle: Get 10 Courses in 1 Pack Fortunately for you, this week's THN Deal Store brings the Ultimate Learn to Code 2017 Bundle that gives you access to 10 online training courses in 1 single account at just $49, instead of $1,186. This 95% discount is valid for next few days. The Ultimate Learn to Code 2017 Bundle, comes with lifetime access, offers you professional training courses on Python, Ruby, Java, iOS, HTML, CSS, AngularJS and other programmin...

Cybersecurity researchers have detailed two now-patched security flaws in SAP Graphical User Interface (GUI) for Windows and Java that, if successfully exploited, could have enabled attackers to access sensitive information under certain conditions. The vulnerabilities, tracked as CVE-2025-0055 and CVE-2025-0056 (CVSS scores: 6.0), were patched by SAP as part of its monthly updates for January 2025 . "The research discovered that SAP GUI input history is stored insecurely, both in the Java and Windows versions," Pathlock researcher Jonathan Stross said in a report shared with The Hacker News. SAP GUI user history allows users to access previously entered values in input fields with the goal of saving time and reducing errors. This historical information is stored locally on devices. This can include usernames, national IDs, social security numbers (SSNs), bank account numbers, and internal SAP table names. The vulnerabilities identified by Pathlock are rooted in th...

A critical security vulnerability has been disclosed in the Quarkus Java framework that could be potentially exploited to achieve remote code execution on affected systems. Tracked as  CVE-2022-4116  (CVSS score: 9.8), the shortcoming could be trivially abused by a malicious actor without any privileges. "The vulnerability is found in the Dev UI Config Editor, which is vulnerable to drive-by localhost attacks that could lead to remote-code execution (RCE)," Contrast Security researcher Joseph Beeton, who reported the bug,  said  in a write-up. Quarkus, developed by Red Hat, is an  open source project  that's used for creating Java applications in  containerized  and serverless environments. It's worth pointing out that the  issue  only impacts developers who are running Quarkus and are tricked into visiting a specially crafted website, which is embedded with malicious JavaScript code designed to install or execute arbitrary payload...

A zero-day remote code execution (RCE) vulnerability has come to light in the Spring framework shortly after a Chinese security researcher  briefly leaked  a  proof-of-concept  (PoC)  exploit  on GitHub before deleting their account. According to cybersecurity firm Praetorian, the unpatched flaw impacts Spring Core on Java Development Kit ( JDK ) versions 9 and later and is a bypass for another vulnerability tracked as  CVE-2010-1622 , enabling an unauthenticated attacker to execute arbitrary code on the target system. Spring is a  software framework  for building Java applications, including web apps on top of the Java EE (Enterprise Edition) platform. "In certain configurations, exploitation of this issue is straightforward, as it only requires an attacker to send a crafted HTTP request to a vulnerable system," researchers Anthony Weems and Dallas Kaman  said . "However, exploitation of different configurations will require the at...

The Apache Tomcat team has recently patched several security vulnerabilities in Apache Tomcat, one of which could allow an unauthorised attacker to execute malicious code on affected servers remotely. Apache Tomcat, developed by the Apache Software Foundation (ASF), is an open source web server and servlet system, which uses several Java EE specifications like Java Servlet, JavaServer Pages (JSP), Expression Language, and WebSocket, and provides a "pure Java" HTTP web server environment for Java concept to run in. Unlike Apache Struts2 vulnerabilities , which have recently been exploited to breach the systems of American credit reporting agency Equifax , Apache Tomcat flaws are less likely to be exploited. The critical Remote Code Execution (RCE) vulnerability (CVE-2017-12617) discovered in Apache Tomcat is due to insufficient validation of user-supplied input by the affected software. Only systems with HTTP PUTs enabled (via setting the "read-only" initi...

FireEye's Malware Intelligence Lab is making the claim that there is a new zero day vulnerability in the wild that affects the latest version of Java.Researcher. Atif Mushtaq wrote on the company's blog that he spotted the initial exploit on a domain that pointed to an IP address in China. The vulnerability allows computers to be infected by simply visiting a specially crafted web page, and the malware served in the current attacks contacts a C&C server in Singapore. Researchers from heise Security have also created a PoC page using information that is publicly available. A separate post published on Monday by researchers Andre M. DiMino and Mila Parkour said the number of attacks, which appear to install the Poison Ivy Remote Access Trojan, were low. But they went on to note that the typical delay in issuing Java patches, combined with the circulation of exploit code, meant it was only a matter of time until the vulnerability is exploited more widely by other attackers. ...