The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

FOX News Twitter Account Hacked by 5CR1PT K1DD3S Fox News Politics Twitter account @foxnewspolitics  hacked last night.  The account's icon had been changed from the Fox News Politics logo and featured the following new description: " H4CK3D BY TH3 5CR1PT K1DD3S. " Hacker's Personal account was  @TheScriptKiddie on twitter, but After hack, Twitter has suspended his account. Then hacker made another announcement via  Fox News Politics Twitter account  that " twitter has suspended TheScriptKiddie please follow @ScriptKiddi3 for future releases. we have confirmed Fox News is aware of the attack. " THN talk with " The Script Kiddies " Group. They Reply : " We are a new group called The Script Kiddies. As i have stated in past interviews we do have connections to anonymous, however this does not represent them in anyway. personally I have been part of many hacks leading back to HBgary and #operationPyaback with anonymous . we will not

Microsoft.com.br (Brasil) hacked by TG hacker Microsoft Brasil https://microsoft.com.br/ Got defaced by Hacker named " TG ". Hacker redirect  server address microsoft.com.br  to the page of Microsoft Brazil. Instead of being sent to the developer page of Windows, the Internet user that accesses the address is faced with a message published by hackers as  " Ms Brazil 0wn3d by TG " .  The forwarding service is hosted on an external server.

The introduction of Open AI's ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI. Among a wide range of uses, GenAI tools make it easier for developers to build software, assist sales teams in mundane email writing, help marketers produce unique content at low cost, and enable teams and creatives to brainstorm new ideas.  Recent significant GenAI product launches include Microsoft 365 Copilot, GitHub Copilot, and Salesforce Einstein GPT. Notably, these GenAI tools from leading SaaS providers are paid enhancements, a clear sign that no SaaS provider will want to miss out on cashing in on the GenAI transformation. Google will soon launch its SGE "Search Generative Experience" platform for premium AI-generated summaries rather than a list of websites.  At this pace, it's just a matter of a short time befo

Oracle website vulnerable to SQL injection vulnerability Oracle database website itself vulnerable to SQL injection attack. The website having a loophole by which any attacker can easily hack into it. The vulnerability is found and submitted by Hacker " m@m@ ". Oracle provides the world's most complete, open, and integrated business software and hardware systems to more than 370,000 customers including 100 of the Fortune 100 that represent a variety of sizes and industries in more than 145 countries around the globe. The combination of Oracle and Sun means that customers can benefit from fully integrated systems the entire stack, from applications to disk that are faster, more reliable, and lower cost. But the website now itself compromised with SQL injection attack. I am providing the link and a screen sort show that you can easily sort out the vulnerability.  Here is the link:  https://labs.oracle.com/dmp/patents.php?uid=mherlihy'%20and%201=0%20union%20sele

Iframe Injection & Blind SQL Injection vulnerability on Apple.com exposed by Idahc(lebanese hacker) After Sony hacks, Idahc(lebanese hacker) is back to strike Apple.com . He found two vulnerability on  https://consultants.apple.com/  as listed below. Iframe Injection : Click here Blind SQL INjection: C lick Here Examples of the injections: Example One Example two Two days before Another sub-domain of Apple's database was hacked with SQL injection by Anonymous : Read Here Hacker Expose the Database ,extracted using Blind Sql injection on a pastebin link .  According to Hacker " I am Idahc(lebanese hacker) I found a Blind SQLI and Iframe Injection on AppleI am not one of Anonymous or Lulzsecand I am against The ANTISEC OPERATIONBUt this is a poc with not confidential informationI didn't dump users,emails,passwords........ ".

Stuxnet Source Code Released Online - Download Now Stuxnet is a Microsoft Windows computer worm discovered in July 2010 that targets industrial software and equipment. While it is not the first time that crackers have targeted industrial systems,it is the first discovered malware that spies on and subverts industrial systems,and the first to include a programmable logic controller (PLC) rootkit. Stuxnet is designed to programmatically alter Programmable Logic Controllers (PLCs) used in those facilities. In an ICS environment, the PLCs automate industrial type tasks such as regulating flow rate to maintain pressure and temperature controls. Source Code Download Another Video Presentation on Stuxnet by Hungry Beast .

Apple database hacked with SQL injection by Anonymous Anonymous hackers announce on twitter that Apple can be there next target. They expose one SQL vulnerability on Apple domain with One table "Users" data. Vulnerable Link :   https://abs.apple.com:8080/ssurvey/survey?id= Exposure Link :   https://pastebin.com/tkmZDG9m These all hacks now consider under Operation Antisec by Anonymous and Lulzsec Members.

4 big business sites database backup leaked by Serious BLack  ! One of the Indian hacker "Serious BLack " found the SQL database backup on the 4 big business sites. These SQL dumps are hosted by Site admins on FTP that has been leaked. Sites are:  https://www.assembla.com/   =>  https://pastebin.com/YpdfGsQN https://www.nganhoa.co.cc/hoa.sql https://www.seoguru.co.uk/seogurl.sql https://www.33photo.com/backup.sql

WebSurgery v0.5 - Web app testing tool Released WebSurgery is a suite of tools for security testing of web applications. Itwas designed for security auditors to help them with the web applicationplanning and exploitation. Currently, it uses an efficient, fast and stableWeb Crawler, File/Dir Bruteforcer and Fuzzer for advanced exploitation ofknown and unusual vulnerabilities such as SQL Injections, Cross sitescripting (XSS), brute-force for login forms, identification offirewall-filtered rules etc. Download Setup Download Portable Documentation

Pepper (Dating site) hacked by Anonymous #Antisec One of the Biggest Online dating website Pepper  https://www.pepper.nl/  hacked by Anonymous Hackers for Operation Antisec. Huge Data breached, 52000 users/passwords of users leaked by Anonymous on twitter on  https://privatepaste.com/af59e5a969

TriNity (Indian Girl Hacker) Strikes again to server with 690 websites Indian hacker girl, TriNity Strikes After along time. This time she  hack a windows server with 690+ Sites at 66.113.131.74 . Site attacked : https://www.coin.info/ https://catapult.coop/ Mirror of some sites on the same server : https://mirror.sec-t.net/defacements/?id=49702 https://mirror.sec-t.net/defacements/?id=49698 Complete List of Site : https://pastebin.com/4sF7ZQAB

UP Rajarshi Tandon Open University Allahabad Website Hacked Website of UP Rajarshi Tandon Open University Allahabad Hacked last night. Link  https://www.uprtou.ac.in/ Hacker wrote message on the site " SECURE YOUR WEBSITE.. OR ELSE GET HACKED BY SOMEONE...The Education system in India sucks.. Till when we would be learning all the bullshit physics, chem, history and commerce.. We need some real knowledge.. Baccha, kabil bano.. kamyaabi jhak marke peeche aayegi.. lol. .sorry admin.. just resotre your site..Don't worry.. nothing has been deleted... " Legend H mirror : https://legend-h.org/mirror/187224/uprtou.ac.in

Nmap 5.59 BETA1 - 40 new NSE scripts & improved IPv6 Official Change Log: o [NSE] Added 40 scripts, bringing the total to 217!  You can learn  more about any of them at https://nmap.org/nsedoc/. Here are the new  ones (authors listed in brackets):  + afp-ls: Lists files and their attributes from Apple Filing    Protocol (AFP) volumes. [Patrik Karlsson]  + backorifice-brute: Performs brute force password auditing against    the BackOrifice remote administration (trojan) service. [Gorjan    Petrovski]  + backorifice-info: Connects to a BackOrifice service and gathers    information about the host and the BackOrifice service    itself. [Gorjan Petrovski]  + broadcast-avahi-dos: Attempts to discover hosts in the local    network using the DNS Service Discovery protocol, then tests    whether each host is vulnerable to the Avahi NULL UDP packet    denial of service bug (CVE-2011-1002). [Djalal Harouni]  + broadcast-netbios-master-browser: Attempts to discover mast