Search results for hacker click | Breaking Cybersecurity News | The Hacker News

Your Mac computer running the Apple's latest High Sierra operating system can be hacked by tweaking just two lines of code, a researcher demonstrated at the Def Con security conference on Sunday. Patrick Wardle, an ex-NSA hacker and now Chief Research Officer of Digita Security, uncovered a critical zero-day vulnerability in the macOS operating system that could allow a malicious application installed in the targeted system to virtually "click" objects without any user interaction or consent. To know, how dangerous it can go, Wardle explains : "Via a single click, countless security mechanisms may be completely bypassed. Run untrusted app? Click...allowed. Authorize keychain access? Click...allowed. Load 3rd-party kernel extension? Click...allowed. Authorize outgoing network connection? click ...allowed." Wardle described his research into "synthetic" interactions with a user interface (UI) as "The Mouse is Mightier than the Sword," ...

Likes.com, one of the emerging social networking site and popular image browsing platform, is found vulnerable to several critical vulnerabilities that could allow an attacker to completely delete users' account in just one click. Likes.com is a social networking website that helps you to connect with people you like and make new friends for free. Just like any other social place, users can always follow their favorite tag or people who catch their fancy. It is much easier to use and is designed for those who want to look at pictures different people upload. An independent security researcher Mohamed M. Fouad from Egypt has found a series of critical security vulnerabilities in the Likes website that really pose danger to its users. The vulnerabilities he found not only have capability to add any post, comment to users' account as well as delete users' account, but the vulnerabilities can be escalated to deface entire website by posting malicious URLs and delete all use...

A popular iOS software development kit (SDK) used by over 1,200 apps—with a total of more than a billion mobile users—is said to contain malicious code with the goal of perpetrating mobile ad-click fraud and capturing sensitive information. According to a report published by cybersecurity firm Snyk , Mintegral — a mobile programmatic advertising platform owned by Chinese mobile ad tech company Mobvista — includes an SDK component that allows it to collect URLs, device identifiers, IP Address, operating system version, and other user sensitive data from compromised apps to a remote logging server. The malicious iOS SDK has been named "SourMint" by Snyk researchers. "The malicious code can spy on user activity by logging URL-based requests made through the app," Snyk's Alyssa Miller said in a Monday analysis. "This activity is logged to a third-party server and could potentially include personally identifiable information (PII) and other sensitive in...

Another phishing campaign come in action recently targeting Facebook accounts and company pages with millions of followers. Phishers continue to devise new fake apps for the purpose of harvesting confidential information. Not a new method, but very creative phishing example in Facebook hacking scene, where hacker host a phishing page on Facebook app sub domain itself. Designed very similar to Facebook Security team with title ' Facebook Page Verification ' and using Facebook Security Logo as shown in the screenshot posted above. Phishing app URL: https://apps.facebook.com/verify-pages/ Application hosted on:   https://talksms.co.uk/ The phishing page asking users to enter Page URL and Page Name that victim own and his Facebook login email ID with password. Once victim trapped in hacker web, the phisher records your information. Another interesting fact is that, the phishing domain https://talksms.co.uk/ is a HTTPS site with with verifi...

[Hurry Up] Hacker Halted 2011 Special Offer For The Hacker News Readers Special for all The Hacker News subscribers (Offer ends Sep 30, 2011) Attend EC-Council's signature event in Miami - Hacker Halted USA - and  Get an iPad 2 + 2 nights hotel +  an additional 10% discount , when signing up for the conference pass at public prevailing rates, or for selected training. Held at the Intercontinental Miami from Oct 21 - 27, Hacker Halted USA will feature some of the best infosec superstars including  Bruce Schneier (Internationally acclaimed security guru), Philippe Courtot (Chairman - Qualys), Jeremiah Grossman (CTO - WhiteHat Security),  George Kurtz (Global CTO - McAfee), Dr. Charlie Miller (Accuvant), Moxie Marlinspike, Barnaby Jack and many others. There are a total of more than 70 speakers this year, and a very comprehensive agenda covering the major hot topics surrounding information security across 4 dedicated tracks. There is also a wide sele...

Now that we have enough details about how the NSA's Surveillance program, running for a long time against almost each country of this planet.  Hundreds of top-secret NSA documents provided by whistleblower Edward Snowden already exposed that Spying projects like PRISM and MUSCULAR are tapping directly into Google and Yahoo internal networks to access our Emails. NSA's tactics are even capable to defeat the SSL encryption, so unsecured email can easily be monitored and even altered as it travels through the Internet. One major point on which all of us are worrying is about the privacy of communication among each other and If you're looking for a little personal privacy in your communications you will need to encrypt your messages. To avoid privacy breaches; rather I should say to make it more difficult for the NSA or British GCHQ surveillance program to read our communication, we should use PGP encryption (Pretty Good Privacy). Why we should Enc...

A security researcher who last year bypassed Apple 's then-newly introduced macOS privacy feature has once again found a new way to bypass security warnings by performing 'Synthetic Clicks' on behalf of users without requiring their interaction. Last June, Apple introduced a core security feature in MacOS that made it mandatory for all applications to take permission ("allow" or "deny") from users before accessing sensitive data or components on the system, including the device camera or microphone, location data, messages, and browsing history. For those unaware, 'Synthetic Clicks' are programmatic and invisible mouse clicks that are generated by a software program rather than a human. MacOS itself has built-in functionality for synthetic clicks, but as an accessibility feature for disabled people to interact with the system interface in non-traditional ways. So, the feature is only available for Apple-approved apps, preventing ma...

Cybersecurity researchers have uncovered a jailbreak technique to bypass ethical guardrails erected by OpenAI in its latest large language model (LLM) GPT-5 and produce illicit instructions. Generative artificial intelligence (AI) security platform NeuralTrust said it combined a known technique called Echo Chamber with narrative-driven steering to trick the model into producing undesirable responses. "We use Echo Chamber to seed and reinforce a subtly poisonous conversational context, then guide the model with low-salience storytelling that avoids explicit intent signaling," security researcher Martí Jordà said . "This combination nudges the model toward the objective while minimizing triggerable refusal cues." Echo Chamber is a jailbreak approach that was detailed by the company back in June 2025 as a way to deceive an LLM into generating responses to prohibited topics using indirect references, semantic steering, and multi-step inference. In recent weeks, the...

One of the most awaited occasions in a year is your birthday, same way we are today celebrating ' The Hacker News ' 2nd Birthday week from on 28th October-3rd November 2012. Originally founded on 1st November 2010 by Mohit Kumar , ' The Hacker News ' was the very First dedicated Hacking and Security News website available on Internet, Now been internationally recognized as a leading news source dedicated to promoting awareness for security experts and hackers. We are happy to announce that this project is now Supported and endorsed by thousands of Security Experts, administrators and members of various underground hacking groups and communities worldwide.  With the need for information security solutions becoming more critical, In these two years we served updates to over 30 Million Readers through various projects including Daily happenings of Hacking & Security community via The Hacker News , A most comprehensive and inf...

Iframe Injection & Blind SQL Injection vulnerability on Apple.com exposed by Idahc(lebanese hacker) After Sony hacks, Idahc(lebanese hacker) is back to strike Apple.com . He found two vulnerability on  https://consultants.apple.com/  as listed below. Iframe Injection : Click here Blind SQL INjection: C lick Here Examples of the injections: Example One Example two Two days before Another sub-domain of Apple's database was hacked with SQL injection by Anonymous : Read Here Hacker Expose the Database ,extracted using Blind Sql injection on a pastebin link .  According to Hacker " I am Idahc(lebanese hacker) I found a Blind SQLI and Iframe Injection on AppleI am not one of Anonymous or Lulzsecand I am against The ANTISEC OPERATIONBUt this is a poc with not confidential informationI didn't dump users,emails,passwords........ ".

Bug Bounty program, where white hat hackers and researchers hunt for serious security vulnerabilities and disclosing them only to the vendor for a patch , In return vendors rewards them with money. Various famous websites like Facebook , Google , Paypal , Mozilla, Barracuda Networks and more other giving away bug bounties in thousands of Dollars to hackers for finding vulnerabilities. Most common vulnerabilities reported maximum time on various sites is Cross site scripting and each month hackers submit lots of such vulnerabilities to companies. In case  your report is duplicate, i.e. Someone else before you submit the same vulnerability - company will reject you from the bug bounty program. But there is no proof or an open Panel where hacker can verify that is someone already reported for same bug before or not. If company reply you - " The bug was already discovered by another researcher" , can you do anything  even af...

If you want to get the most out of your computer, you need to get the most out of your hard drive, where all your data is stored. Today hard drives are larger than ever, so it makes sense for you to partition your hard disk to effectively use all of its space and manage all your important information. Partitioning is also useful if you intend to install and use more than one operating system on the same computer. There is a vast business of partition manager software out there, and today we are reviewing one of the most popular partition management tools available in the market: EaseUS Partition Master Professional . EaseUS Partition Master Professional offers you the complete package with capabilities for organizing and resizing your drive, restoring and backing up your information, improving system performance, installing and managing several operating systems on the same computer, along with recovering and cloning data files. Let's dig deep into the capabilities pro...

Yesterday WikiLeaks published thousands of documents revealing top CIA hacking secrets , including the agency's ability to break into iPhones, Android phones, smart TVs, and Microsoft, Mac and Linux operating systems. It dubbed the first release as Vault 7 . Vault 7 is just the first part of leak series " Year Zero " that WikiLeaks will be releasing in coming days. Vault 7 is all about a covert global hacking operation being run by the US Central Intelligence Agency (CIA). According to the whistleblower organization, the CIA did not inform the companies about the security issues of their products; instead held on to security bugs in software and devices, including iPhones, Android phones, and Samsung TVs, that millions of people around the world rely on. One leaked document suggested that the CIA was even looking for tools to remotely control smart cars and trucks, allowing the agency to cause "accidents" which would effectively be "nearly undetectable assas...