Search results for hacker ali | Breaking Cybersecurity News | The Hacker News

Two college students from Kohat, missing since October, have been formally charged by the Federal Investigation Agency (FIA) for allegedly sharing information about the Chief Justice of the Supreme Court of Pakistan with an Indian hacker, officials and parents have reported. The FIA's Cyber Crime Wing registered a case against Saim Ali Shah, son of Zulfiqar Ali Shah, and Salal Ali Shah, son of Sajid Ali Shah. The charges were filed in the Rawalpindi circle under Sections 419, 420, 468, and 41 of the Pakistan Penal Code and the Anti-Terrorism Ordinance (ATO) related to cyber crimes. On October 13, 2010, a special unit of FIA, Rawalpindi, raided a house in Garhi Banoorian. They took both cousins, along with their computers and CDs, without informing the local police or their parents. Zulfiqar Ali Shah, speaking to this scribe, explained that his son and nephew had developed an online friendship with an Indian national in August. This individual claimed to have hacked the official ...

The United States has freed 4 Iranian nationals ( including one Hacker ) and reduced the sentences of 3 others in exchange for the release of 5 Americans formerly held by Iran as part of a prisoner swap or Prisoner Exchange Program. The Iranian citizens released from the United States custody through a side deal to the Iran nuclear agreement. Iran released five Americans, including: Washington Post reporter Jason Rezaian Former U.S. Marine Amir Hekmati Student Matthew Trevithick Christian pastor Saeed Abedini Pastor Nosratollah Khosravi-Roodsari The United States pardoned seven Iranian nationals, including: Nader Modanlou Bahram Mechanic Khosrow Afqahi Arash Ghahreman Touraj Faridi Nima Golestaneh (Hacker) Ali Sabounchi "These individuals weren't charged with terrorism or any violent offenses. They are civilians, and their release is a one-time gesture to Iran given the unique opportunity offered by this moment and the larger circumstance...

It's not been more than 36 hours since eBay revealed it was hacked and we just come to know about three more critical vulnerabilities in eBay website that could allow an attacker to compromise users' account once again, even if you have already reset your account password after the last announcement. Yesterday eBay admitted to the massive data breach that affected 145 million registered users worldwide after its database was compromised. eBay urged its 145 million users to change their passwords after the cyber attack, but are passwords enough? eBay Data breach happened mainly because of their vulnerable infrastructure, not weak passwords. I think eBay's morning just going to be bad to worse as today, three Security researchers came forward with three more different types of critical flaws in eBay website that leave its 145 million users vulnerable to hackers. HACKER UPLOADED SHELL ON eBAY SERVER (UNPATCHED) A critical security flaw in the eBay website for i...

On Tuesday, Indian and Pakistani army forces continued to exchange fire along the Line of Control (LoC) in Jammu and Kashmir, which was started when Pakistan’s military fired machine guns and mortars at about 60 Indian army posts during last week. Tensions between the two countries have intensified since Bilawal Bhutto Zardari, the only son of former Pakistani President Asif Ali Zardari and former Prime Minister Benazir Bhutto, made a statement that his Pakistan People's Party (PPP) would take back entire Kashmir from India. However, the Indian political party described his statement as " childish " and " irresponsible ." Different reactions came from different people out there from India for the chairman of Pakistan People’s Party and Central Executive Committee Bilawal Bhutto, but Hackers have their own way of expressing their part. Here Bilawal Bhutto said that he would not leave an inch of Kashmir with India, and there an Indian Hacker defac...

The United States Department of Justice has announced criminal charges and sanctions against 9 Iranians involved in hacking universities, tech companies, and government organisations worldwide to steal scientific research resources and academic papers. According to the FBI officials, the individuals are connected to the Mabna Institute , an Iran-based company created in 2013 whose members were allegedly hired by the Iranian government for gathering intelligence. Though the content of the papers is not yet known, investigators believe it might have helped Iranian scientists to develop nuclear weapons. In past four years, the state-sponsored hacking group has allegedly infiltrated more than 320 universities in 22 countries—144 of which were in the United States—and stolen over 30 terabytes of academic data and intellectual property. The group used spear-phishing attacks to target more than 100,000 e-mail accounts and computer systems of the professors around the world, and suc...

Jessica Alba, Scarlett Johansson, Christina Aguilera Reportedly Hit; Some Had Nude Photos FBI agents are reportedly closing in on a ring of hackers thought to be responsible for stealing nude photos and videos from at least 50 female celebrities. According to TMZ.com, the ring broke into the accounts of stars' cell phones and other computerized devices to obtain the compromising photos and videos. Among the celebrities reportedly hacked: Jessica Alba, Selena Gomez, Demi Lovato, Christina Aguilera, Vanessa Hudgens, Scarlett Johansson, Ali Larter, and Miley Cyrus. TMZ reported that Hudgens met with FBI agents on Thursday to discuss the hacking of her Gmail account. The FBI declined ABCNews.com's requests for comment; representatives for Hudgens did not immediately respond. One report suggested that Alexa Nikolas, an actress on the now-canceled Nickelodeon TV series "Zoey 101," is responsible for leaking one of the personal photos, a shot of her kissing Hudgens. ...

Four month ago, a massive data breach on the eBay website affected 145 million registered users worldwide after its database was compromised. Meanwhile, another critical vulnerability on the eBay website was reported, allowing an attacker to hijack millions of user accounts in bulk. An Egyptian security researcher ‘ Yasser H. Ali ’ informed The Hacker News about this vulnerability 4 months ago, which could be used by the cyber criminals in the targeted attacks. At that time, Mr.Yasser secretly demonstrated the vulnerability step-by-step to ‘ The Hacker News ’ team and we confirmed - IT WORKS . Since it was not addressed by the eBay security team, we kept the technical details of this vulnerability hidden from our readers. But, as we promised to share the technical details of this interesting flaw, once after eBay team patch it. So, Here we go! The vulnerability Yasser found could allow you to Reset Password of any eBay user account and that too without any user interaction or d...

Hacktivists are militant hackers attacking sites in Egypt, Morocco, Spain, and Israel. Their screen messages resemble banners used in protests, supporting various political, social, or religious ideologies. Active in Morocco, they often hack sensitive security systems. Behind their computer screens, these hackers meticulously encode and decode IT security systems, seeking the slightest vulnerability to launch attacks. Known as hackers in Morocco, they relentlessly penetrate local and foreign sites. Egypt, Kuwait, and Israel have all fallen victim to their actions. Rise of Hacktivism These hackers are not casual credit card thieves but belong to a new category of activists known as "hacktivists." The Internet fuels this underground movement, but their ideological beliefs keep it alive. "It is the oldest form of hacking. Many developing countries resort to this mode of protest," says Ali El Azzouzi, a Moroccan IT security expert. Recently, Morocco, like many other ...

In cybersecurity, precision matters—and there’s little room for error. A small mistake, missed setting, or quiet misconfiguration can quickly lead to much bigger problems. The signs we’re seeing this week highlight deeper issues behind what might look like routine incidents: outdated tools, slow response to risks, and the ongoing gap between compliance and real security. For anyone responsible for protecting systems, the key isn’t just reacting to alerts—it’s recognizing the larger patterns and hidden weak spots they reveal. Here’s a breakdown of what’s unfolding across the cybersecurity world this week. ⚡ Threat of the Week NCA Arrests for Alleged Scattered Spider Members — The U.K. National Crime Agency (NCA) announced that four people have been arrested in connection with cyber attacks targeting major retailers Marks & Spencer, Co-op, and Harrods. The arrested individuals include two men aged 19, a third aged 17, and a 20-year-old woman. They were apprehended in the West...

The Federal Bureau of Investigation (FBI) is reportedly investigating a hacker ring that is targeting phones and computers of celebrities and stealing nude photos and other personal items. The probe stems from nude photos of Vanessa Hudgens that were recently leaked online, reports the New York Daily News.  According to TMZ.com, the federal investigators met Hudgens Wednesday to discuss her latest nude photo scandal and believe she might be the latest victim of a notorious hacker crew that has targeted scores of celebrities, including Scarlett Johansson, Ali Larter, Busy Philipps and Miley Cyrus. A source told the website that one ringleader had fingerprints on every job and the primary motivation appeared to be the thrill and challenge - not money. The new round of Hudgens' photos surfaced on the Internet Monday after similar full-frontal nudes appeared online in 2007 and 2009. Hudgens, 22, is seen kissing 'Zoey 101' actress Alexa Nikolas in one of the new photos. ...

If this had been a security drill, someone would’ve said it went too far. But it wasn’t a drill—it was real. The access? Everything looked normal. The tools? Easy to find. The detection? Came too late. This is how attacks happen now—quiet, convincing, and fast. Defenders aren’t just chasing hackers anymore—they’re struggling to trust what their systems are telling them. The problem isn’t too few alerts. It’s too many, with no clear meaning. One thing is clear: if your defense still waits for obvious signs, you’re not protecting anything. You’re just watching it happen. This recap highlights the moments that mattered—and why they’re worth your attention. ⚡ Threat of the Week APT41 Exploits Google Calendar for Command-and-Control — The Chinese state-sponsored threat actor known as APT41 deployed a malware called TOUGHPROGRESS that uses Google Calendar for command-and-control (C2). Google said it observed the spear-phishing attacks in October 2024 and that the malware was hosted on...

Two former employees of Twitter have been charged with spying on thousands of Twitter user accounts on behalf of the Saudi Arabian government, likely with the purpose of unmasking the identity of dissidents. According to an indictment filed on November 5 and unsealed just yesterday, one of the charged Twitter employees, American citizen Ahmad Abouammo , left the company in May 2015 and the other, Saudi citizen Ali Alzabarah , left the company in December 2015. Both ex-employees were recruited in 2014 by Saudi government officials with close ties to the Saudi crown prince, Mohammed bin Salman, to access sensitive and non-public information of Twitter accounts associated with known Saudi critics. The information Abouammo and Alzabarah illegally accessed about Twitter users include their email addresses, devices used, browser information, user-provided biographical information, birthdates, and other info that can be used to know a user's location, like IP addresses associate...

The eBay owned popular digital payment and money transfer service, PayPal has been found to be vulnerable to a critical web application vulnerability that could allow an attacker to take control over users' PayPal account with just a click , affecting more than 156 millions PayPal users. An Egyptian security researcher, Yasser H. Ali has discovered  three critical vulnerabilities in PayPal website including CSRF , Auth token bypass and Resetting the security question, which could be used by cybercriminals in the targeted attacks. Cross-Site Request Forgery ( CSRF or XSRF) is a method of attacking a website in which an attacker need to convince the victim to click on a specially crafted HTML exploit page that will make a request to the vulnerable website on their behalf. Mr.Yasser demonstrated the vulnerability step-by-step in the Proof-of-Concept (PoC) video using a single exploit that combines all the three vulnerabilities. According to the demo, using ...

An Independent Security Researcher from Egypt has discovered a critical vulnerability in Uber app that could allow an attacker to brute force Uber promo code value and get valid codes with the high amount of up to $25,000 for more than one free rides. Mohamed M.Fouad has discovered a " promo codes brute-force attack " vulnerability in the sign-up invitation link for Uber that allows any user to invite another user to join the service and get one or more than one free rides based on the promotion code value. Fouad realized that the Uber app did not have any kind of protection against brute-force attacks, allowing him to generate promo codes ( that start with 'uber+code_name' ) until he found valid ones. The brute force attempt helped Fouad find several numbers of valid promo codes with high value in US dollar between $5,000 to $25,000, which would have helped him get a number of free rides between one to three. Fouad has also provided a video demonstration...

The emergence of cyber-crime, which transcends man-made boundaries, has underscored the urgent need for global cooperation among law enforcement agencies to prevent and solve these crimes, according to a senior Dubai Police official. At the Third International Conference on Interpol for the Middle East and North Africa, Major General Khamis Mattar Al Mazeina, Dubai Police Deputy Commander-in-Chief, highlighted the importance of international cooperation. He cited an example where such cooperation enabled Dubai to arrest a child molester accused of crimes in a European country while the perpetrator was in the UAE. Dubai Police have made significant progress in combating cyber-crime, particularly after establishing a dedicated department to address high-tech crimes emerging alongside rapid technological growth. Speaking at the conference held at the Dubai Police Academy, Al Mazeina emphasized Interpol's interest in leveraging global police resources, given the far-reaching impact o...

An official with Iran’s Revolutionary Guard has said that Iran welcomes hackers who are willing to work for the Islamic Republic.  “Regarding the cyber issue, we welcome the presence of those hackers who are willing to work for the goals of the Islamic Republic with good will and revolutionary activities,” said Brigadier General Gholamreza Jalali, adding that those hackers who he said are working against people will be dealt with. Jalali, who heads the country’s Passive Defense Organization, made the comments in an  interview with “Bultannews,”  a website said to be close to the Intelligence Ministry. Was Jalali trying to recruit new staff for the “Iranian Cyber Army” or for Iran’s newly launched cyber police? Or for a new entity called the “Cyber War Base “? Jalali said the "base" will be launched in the near future and will fight against cyber attacks. The  Iranian Cyber Army  has been responsible for hacking and bringing down a number of websites in ...

Software hacker group "Anonymous" launched attacks Sunday against the Italian government's website citing political grievances, ANSA news agency reported. "Anonymous" announced its distributed denial-of-service (DDoS) assaults earlier in the day, saying they were launched because "the political and economic situation in Italy has become unstable." The website (www.governo.it) did not immediately appear to be blocked. DDoS attacks are efforts to overload websites with so many simultaneous requests that computer servers can't handle the load and freeze or crash. Police had alerted the site and its manager of the potential attack ahead of time, allowing them to put counter measures in place. A loose-knit group of online global hackers, "Anonymous" previously attacked government websites in Egypt and Tunisia, both roiled by anti-government protests, among other sites. Last Thursday, it apparently zeroed in on Yemen, where the website o...

As you may be aware, you need an Android smartphone to use an Android Wear smartwatch , but if you carry an Apple iPhone or iPad, you’ll soon be able to use the same Android Wear smartwatch, without relying on unofficial third-party app support. Google is reportedly going to release its a new iOS app over to the App Store that will allow iPhone and iPad users to pair Android Wear devices such as Moto 360 and LG G Watch with their Apple products, French outlet 01net claimed . OFFICIAL ANDROID WEAR APP FOR iOS Google’s new move to go cross-platform with an iOS app would expand support for the wearable platform beyond Android devices and target the potential market of tens of Millions of Apple users that may not be interested in purchasing an Apple Watch. As well as, with lower prices and strong design, a fair amount of Android Wear smartwatch demand would likely be there. The search engine giant is possibly planning to launch the Android Wear app for iOS at Google’s annual develop...

An Iranian nation-state group sanctioned by the U.S. government has been attributed to the hack of the French satirical magazine Charlie Hebdo in early January 2023. Microsoft, which disclosed details of the incident, is tracking the activity cluster under its chemical element-themed moniker  NEPTUNIUM , which is an Iran-based company known as Emennet Pasargad. In January 2022, the U.S. Federal Bureau of Investigation (FBI)  tied  the state-backed cyber unit to a sophisticated influence campaign carried out to  interfere  with the 2020 presidential elections. Two Iranian nationals have been indicted for their role in the disinformation and threat campaign. Microsoft's disclosure comes after a "hacktivist" group named Holy Souls (now identified as NEPTUNIUM) claimed to be in possession of the personal information of more than 200,000 Charlie Hebdo customers, including their full names, telephone numbers, and home and email addresses. The breach, which allow...

Pakistan president 's website hacking case adjourned ! A court here has adjourned the case of a man who hacked into the Pakistan president's website and uploaded material defaming Asif Ali Zardari. Additional Sessions Judge Tanveer Meer Wednesday adjourned the cyber crime case, reported the Daily Times. According to Federal Investigation Agency (FIA) enquiry, the hacker, Shahbaz Khan, had the username ADIL/Th3-penetrator and defaced the website www.president-of-pakistan.com and uploaded material defaming Zardari and the country. Khan was arrested and he told investigators that the president's website was hacked by some international hackers. He claimed he had added the following lines: " THIS SITE GOT HACKED BY ADIL WHERE IS YOUR SECURITY? HUH DON'T TELL ME TO STOP!" THANKS 2= FBI, MASTERMIND, SALMAN, EJA2SALAM PK, CODE5, SHER, SAIF "