Lucene search
K
ThnMost viewed

20894 matches found

The Hacker News
The Hacker News
added 2018/11/25 6:46 p.m.1021 views

How to Hack WiFi Password Easily Using New Attack On WPA/WPA2

Looking for how to hack WiFi password OR WiFi hacking software? Well, a security researcher has revealed a new WiFi hacking technique that makes it easier for hackers to crack WiFi passwords of most modern routers. Discovered by the lead developer of the popular password-cracking tool Hashcat, Je...

0.4AI score
Exploits0
The Hacker News
The Hacker News
added 2018/05/08 1:5 p.m.975 views

A Simple Tool Released to Protect Dasan GPON Routers from Remote Hacking

Since hackers have started exploiting two recently disclosed unpatched critical vulnerabilities found in GPON home routers, security researchers have now released an unofficial patch to help millions of affected users left vulnerable by their device manufacturer. Last week, researchers at vpnMent...

9.8CVSS0.1AI score0.99948EPSS
Exploits10
The Hacker News
The Hacker News
added 2018/11/08 11:13 a.m.970 views

StatCounter Analytics Code Hijacked to Steal Bitcoins from Cryptocurrency Users

Late last week an unknown hacker or a group of hackers successfully targeted a cryptocurrency exchange with an aim to steal Bitcoins by compromising the web analytics service it was using. ESET malware researcher Matthieu Faou this weekend spotted malicious JavaScript code on up to 700,000 websit...

0.2AI score
Exploits0
The Hacker News
The Hacker News
added 2017/08/14 7:44 a.m.944 views

How Just Opening A Malicious PowerPoint File Could Compromise Your PC

A few months back we reported how opening a simple MS Word file could compromise your computer using a critical vulnerability in Microsoft Office. The Microsoft Office remote code execution vulnerability CVE-2017-0199 resided in the Windows Object Linking and Embedding OLE interface for which a...

9.3CVSS8.4AI score0.99933EPSS
Exploits29
The Hacker News
The Hacker News
added 2019/05/14 6:19 p.m.943 views

Microsoft Releases Patches For A Critical 'Wormable Flaw' and 78 Other Issues

It's Patch Tuesday—the day when Microsoft releases monthly security updates for its software. Microsoft has software updates to address a total of 79 CVE-listed vulnerabilities in its Windows operating systems and other products, including a critical wormable flaw that can propagate malware from...

10CVSS2.3AI score0.99999EPSS
Exploits124
The Hacker News
The Hacker News
added 2018/09/28 8:35 a.m.934 views

Google Hacker Discloses New Linux Kernel Vulnerability and PoC Exploit

A cybersecurity researcher with Google Project Zero has released the details, and a proof-of-concept PoC exploit for a high severity vulnerability that exists in Linux kernel since kernel version 3.16 through 4.18.8. Discovered by white hat hacker Jann Horn, the kernel vulnerability CVE-2018-1718...

7.8CVSS8.4AI score0.03206EPSS
Exploits4
The Hacker News
The Hacker News
added 2019/06/07 9:13 a.m.922 views

New Brute-Force Botnet Targeting Over 1.5 Million RDP Servers Worldwide

Security researchers have discovered an ongoing sophisticated botnet campaign that is currently brute-forcing more than 1.5 million publicly accessible Windows RDP servers on the Internet. Dubbed GoldBrute, the botnet scheme has been designed in a way to escalate gradually by adding every new...

10CVSS1.2AI score0.99999EPSS
Exploits123
The Hacker News
The Hacker News
added 2017/05/19 1:52 a.m.898 views

More Hacking Groups Found Exploiting SMB Flaw Weeks Before WannaCry

Since the Shadow Brokers released the zero-day software vulnerabilities and hacking tools – allegedly belonged to the NSA's elite hacking team Equation Group – several hacking groups and individual hackers have started using them in their own way. The April's data dump was believed to be the most...

9.3CVSS8.4AI score0.93307EPSS
Exploits47
The Hacker News
The Hacker News
added 2020/01/14 6:40 p.m.867 views

Update Windows 10 Immediately to Patch a Flaw Discovered by the NSA

After Adobe today releases its first Patch Tuesday updates for 2020, Microsoft has now also published its January security advisories warning billions of users of 49 new vulnerabilities in its various products. What's so special about the latest Patch Tuesday is that one of the updates fixes a...

10CVSS0.5AI score0.89436EPSS
Exploits23
The Hacker News
The Hacker News
added 2019/01/01 11:54 a.m.832 views

New Kickass Torrents Site: List of New 2024 Proxies and Alternatives

Kickass Torrents KAT cr was once a hugely popular online portal, renowned for its vast archive of movies, music, TV shows, and other media. It was a treasure trove for those seeking rare content and for users looking to share their creations. However, Kickass Torrents faced significant opposition...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2022/09/07 2:42 p.m.826 views

Some Members of Conti Group Targeting Ukraine in Financially Motivated Attacks

Former members of the Conti cybercrime cartel have been implicated in five different campaigns targeting Ukraine from April to August 2022. The findings, which come from Google's Threat Analysis Group TAG, builds upon a prior report published in July 2022 detailing the continued cyber activity...

9.3CVSS0.1AI score0.99374EPSS
Exploits62
The Hacker News
The Hacker News
added 2020/07/17 10:20 a.m.814 views

Iranian Hackers Accidentally Exposed Their Training Videos (40 GB) Online

An OPSEC error by an Iranian threat actor has laid bare the inner workings of the hacking group by providing a rare insight into the "behind-the-scenes look into their methods." IBM's X-Force Incident Response Intelligence Services IRIS got hold of nearly five hours worth of video recordings of t...

0.2AI score
Exploits0
The Hacker News
The Hacker News
added 2018/05/10 2:38 p.m.804 views

5 Powerful Botnets Found Exploiting Unpatched GPON Router Flaws

Well, that did not take long. Within just 10 days of the disclosure of two critical vulnerabilities in GPON router at least 5 botnet families have been found exploiting the flaws to build an army of million devices. Security researchers from Chinese-based cybersecurity firm Qihoo 360 Netlab have...

9.8CVSS0.1AI score0.99948EPSS
Exploits10
The Hacker News
The Hacker News
added 2018/10/24 8:50 a.m.801 views

Hacker Discloses New Windows Zero-Day Exploit On Twitter

A security researcher with Twitter alias SandboxEscaper—who two months ago publicly dropped a zero-day exploit for Microsoft Windows Task Scheduler—has yesterday released another proof-of-concept exploit for a new Windows zero-day vulnerability. SandboxEscaper posted a link to a Github page hosti...

2.5AI score
Exploits0
The Hacker News
The Hacker News
added 2019/07/25 9:38 a.m.798 views

Linux Botnet Adding BlueKeep-Flawed Windows RDP Servers to Its Target List

Cybersecurity researchers have discovered a new variant of WatchBog, a Linux-based cryptocurrency mining malware botnet, which now also includes a module to scan the Internet for Windows RDP servers vulnerable to the Bluekeep flaw. BlueKeep is a highly-critical, wormable, remote code execution...

10CVSS2.6AI score0.99999EPSS
Exploits181
The Hacker News
The Hacker News
added 2018/07/27 8:31 a.m.784 views

NetSpectre — New Remote Spectre Attack Steals Data Over the Network

A team of security researchers has discovered a new Spectre attack that can be launched over the network, unlike all other Spectre variants that require some form of local code execution on the target system. Dubbed "NetSpectre," the new remote side-channel attack, which is related to Spectre...

5.6CVSS2.5AI score0.93838EPSS
Exploits9
The Hacker News
The Hacker News
added 2018/09/21 5:32 p.m.782 views

Researcher Discloses New Zero-Day Affecting All Versions of Windows

A security researcher has publicly disclosed an unpatched zero-day vulnerability in all supported versions of Microsoft Windows operating system including server editions after the company failed to patch a responsibly disclosed bug within the 120-days deadline. Discovered by Lucas Leong of the...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2022/04/06 11:11 a.m.771 views

Ukraine Warns of Cyber attack Aiming to Hack Users' Telegram Messenger Accounts

Ukraine's technical security and intelligence service is warning of a new wave of cyber attacks that are aimed at gaining access to users' Telegram accounts. "The criminals sent messages with malicious links to the Telegram website in order to gain unauthorized access to the records, including th...

0.5AI score
Exploits0
The Hacker News
The Hacker News
added 2018/11/04 9:24 a.m.771 views

New Intel CPU Flaw Exploits Hyper-Threading to Steal Encrypted Data

A team of security researchers has discovered another serious side-channel vulnerability in Intel CPUs that could allow an attacker to sniff out sensitive protected data, like passwords and cryptographic keys, from other processes running in the same CPU core with simultaneous multi-threading...

4.7CVSS6.3AI score0.03418EPSS
Exploits4
The Hacker News
The Hacker News
added 2018/10/26 1:58 p.m.767 views

New Privilege Escalation Flaw Affects Most Linux Distributions

An Indian security researcher has discovered a highly critical flaw in X.Org Server package that impacts OpenBSD and most Linux distributions, including Debian, Ubuntu, CentOS, Red Hat, and Fedora. Xorg X server is a popular open-source implementation of the X11 system display server that offers ...

7.2CVSS2.2AI score0.2704EPSS
Exploits39
The Hacker News
The Hacker News
added 2021/06/14 1:34 p.m.760 views

NoxPlayer Supply-Chain Attack is Likely the Work of Gelsemium Hackers

A new cyber espionage group named Gelsemium has been linked to a supply chain attack targeting the NoxPlayer Android emulator that was disclosed earlier this year. The findings come from a systematic analysis of multiple campaigns undertaken by the APT crew, with evidence of the earliest attack...

9.3CVSS8.2AI score0.99966EPSS
Exploits42
The Hacker News
The Hacker News
added 2018/09/11 6:34 p.m.760 views

Microsoft Issues Software Updates for 17 Critical Vulnerabilities

Times to gear up your systems and software. Just a few minutes ago Microsoft released its latest monthly Patch Tuesday update for September 2018, patching a total of 61 security vulnerabilities, 17 of which are rated as critical, 43 are rated Important, and one Moderate in severity. This month's...

8.8CVSS0.7AI score0.18386EPSS
Exploits7
The Hacker News
The Hacker News
added 2022/06/17 9:39 a.m.759 views

Chinese Hackers Exploited Sophos Firewall Zero-Day Flaw to Target South Asian Entity

A sophisticated Chinese advanced persistent threat APT actor exploited a critical security vulnerability in Sophos' firewall product that came to light earlier this year to infiltrate an unnamed South Asian target as part of a highly-targeted attack. "The attacker implemented an interesting web...

9.8CVSS10AI score0.99999EPSS
Exploits85
The Hacker News
The Hacker News
added 2021/09/09 7:16 a.m.752 views

Hackers Leak VPN Account Passwords From 87,000 Fortinet FortiGate Devices

Network security solutions provider Fortinet confirmed that a malicious actor had unauthorizedly disclosed VPN login names and passwords associated with 87,000 FortiGate SSL-VPN devices. "These credentials were obtained from systems that remained unpatched against CVE-2018-13379 at the time of th...

9.8CVSS0.1AI score0.99999EPSS
Exploits22
The Hacker News
The Hacker News
added 2014/12/27 3:53 a.m.751 views

Hackers leak 13,000 Passwords Of Amazon, Walmart and Brazzers Users

Hackers claiming affiliation with the hacktivist group "Anonymous" have allegedly leaked more than 13,000 username and password combinations for some of the worlds most popular websites, including Amazon, Xbox Live and Playstation Network. The stolen personal information was released in a massive...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2013/01/03 9:6 p.m.750 views

Anonymous Hackers leaks video of Steubenville rape case

Two high school football players in Steubenville, Ohio are under arrest for the sexual assault of a 16-year-old girl. Newly leaked video sheds more light on what may have happened to a girl who told police she was raped by these high school football players in August. Trent Mays and Ma'lik...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2019/04/10 6:30 p.m.740 views

Security Flaws in WPA3 Protocol Let Attackers Hack WiFi Password

🔥 Breaking — It has been close to just one year since the launch of next-generation Wi-Fi security standard WPA3 and researchers have unveiled several serious vulnerabilities in the wireless security protocol that could allow attackers to recover the password of the Wi-Fi network. WPA, or Wi-Fi...

5.9CVSS0.6AI score0.03739EPSS
Exploits0
The Hacker News
The Hacker News
added 2018/04/06 7:58 a.m.738 views

Remote Execution Flaw Threatens Apps Built Using Spring Framework — Patch Now

Security researchers have discovered three vulnerabilities in the Spring Development Framework, one of which is a critical remote code execution flaw that could allow remote attackers to execute arbitrary code against applications built with it. Spring Framework is a popular, lightweight and an...

9.8CVSS9.5AI score0.77245EPSS
Exploits6
The Hacker News
The Hacker News
added 2018/06/05 4:11 p.m.727 views

'Zip Slip' Vulnerability Affects Thousands of Projects Across Many Ecosystems

Security researchers at British software firm Snyk have revealed details of a critical vulnerability that affects thousands of projects across many ecosystems and can be exploited by attackers to achieve code execution on the target systems. Dubbed "Zip Slip," the issue is an arbitrary file...

0.5AI score
Exploits0
The Hacker News
The Hacker News
added 2021/11/25 8:10 a.m.725 views

Warning — Hackers Exploiting New Windows Installer Zero-Day Exploit in the Wild

Attackers are actively making efforts to exploit a new variant of a recently disclosed privilege escalation vulnerability to potentially execute arbitrary code on fully-patched systems, once again demonstrating how adversaries move quickly to weaponize a publicly available exploit. Cisco Talos...

7.8CVSS8.4AI score0.20099EPSS
Exploits0
The Hacker News
The Hacker News
added 2018/11/01 6:27 p.m.719 views

Two New Bluetooth Chip Flaws Expose Millions of Devices to Remote Attacks

Security researchers have unveiled details of two critical vulnerabilities in Bluetooth Low Energy BLE chips embedded in millions of access points and networking devices used by enterprises around the world. Dubbed BleedingBit, the set of two vulnerabilities could allow remote attackers to execut...

8.8CVSS0.9AI score0.02981EPSS
Exploits0
The Hacker News
The Hacker News
added 2022/10/11 6:21 a.m.716 views

Fortinet Warns of Active Exploitation of Newly Discovered Critical Auth Bypass Bug

Fortinet on Monday revealed that the newly patched critical security vulnerability impacting its firewall and proxy products is being actively exploited in the wild. Tracked as CVE-2022-40684 CVSS score: 9.6, the flaw relates to an authentication bypass in FortiOS, FortiProxy, and...

9.8CVSS0.3AI score0.99999EPSS
Exploits45
The Hacker News
The Hacker News
added 2021/03/16 6:6 a.m.700 views

Use This One-Click Mitigation Tool from Microsoft to Prevent Exchange Attacks

Microsoft on Monday released a one-click mitigation software that applies all the necessary countermeasures to secure vulnerable environments against the ongoing widespread ProxyLogon Exchange Server cyberattacks. Called Exchange On-premises Mitigation Tool EOMT, the PowerShell-based script serve...

9.8CVSS0.2AI score0.99999EPSS
Exploits63
The Hacker News
The Hacker News
added 2021/08/10 9:27 a.m.691 views

Hackers Exploiting New Auth Bypass Bug Affecting Millions of Arcadyan Routers

Unidentified threat actors are actively exploiting a critical authentication bypass vulnerability to hijack home routers as part of an effort to co-opt them to a Mirai-variant botnet used for carrying out DDoS attacks, merely two days after its public disclosure. Tracked as CVE-2021-20090 CVSS...

10CVSS0.8AI score0.99999EPSS
Exploits17
The Hacker News
The Hacker News
added 2021/06/05 10:58 a.m.686 views

ALERT: Critical RCE Bug in VMware vCenter Server Under Active Attack

Malicious actors are actively mass scanning the internet for vulnerable VMware vCenter servers that are unpatched against a critical remote code execution flaw, which the company addressed late last month. The ongoing activity was detected by Bad Packets on June 3 and corroborated yesterday by...

10CVSS1AI score0.99999EPSS
Exploits58
The Hacker News
The Hacker News
added 2018/10/19 2:12 p.m.679 views

Critical Code Execution Flaw Found in LIVE555 Streaming Library

Security researchers have discovered a serious code execution vulnerability in the LIVE555 streaming media library—which is being used by popular media players, along with a number of embedded devices capable of streaming media. LIVE555 streaming media, developed and maintained by Live Networks, ...

10CVSS2.4AI score0.09487EPSS
Exploits3
The Hacker News
The Hacker News
added 2022/08/17 12:2 p.m.658 views

New Google Chrome Zero-Day Vulnerability Being Exploited in the Wild

Google on Tuesday rolled out patches for Chrome browser for desktops to contain an actively exploited high-severity zero-day flaw in the wild. Tracked as CVE-2022-2856, the issue has been described as a case of insufficient validation of untrusted input in Intents. Security researchers Ashley She...

8.8CVSS1.1AI score0.70461EPSS
Exploits4
The Hacker News
The Hacker News
added 2020/12/02 7:18 a.m.657 views

Google Hacker Details Zero-Click 'Wormable' Wi-Fi Exploit to Hack iPhones

Google Project Zero white-hat hacker Ian Beer on Tuesday disclosed details of a now-patched critical "wormable" iOS bug that could have made it possible for a remote attacker to gain complete control of any device in the vicinity over Wi-Fi. The exploit makes it possible to "view all the photos,...

9.3CVSS8.1AI score0.1652EPSS
Exploits3
The Hacker News
The Hacker News
added 2021/06/03 5:1 p.m.642 views

Necro Python Malware Upgrades With New Exploits and Crypto Mining Capabilities

New upgrades have been made to a Python-based "self-replicating, polymorphic bot" called Necro in what's seen as an attempt to improve its chances of infecting vulnerable systems and evading detection. "Although the bot was originally discovered earlier this year, the latest activity shows numero...

10CVSS10AI score0.9957EPSS
Exploits103
The Hacker News
The Hacker News
added 2021/03/11 5:56 a.m.642 views

Critical Pre-Auth RCE Flaw Found in F5 Big-IP Platform — Patch ASAP!

Application security company F5 Networks on Wednesday published an advisory warning of four critical vulnerabilities impacting multiple products that could result in a denial of service DoS attack and even unauthenticated remote code execution on target networks. The patches concern a total of...

10CVSS0.5AI score0.99999EPSS
Exploits79
The Hacker News
The Hacker News
added 2019/01/28 11:31 a.m.639 views

New Exploit Threatens Over 9,000 Hackable Cisco RV320/RV325 Routers Worldwide

If the connectivity and security of your organization rely on Cisco RV320 or RV325 Dual Gigabit WAN VPN routers, then you need to immediately install the latest firmware update released by the vendor last week. Cyber attackers have actively been exploiting two newly patched high-severity router...

9CVSS1.2AI score0.99876EPSS
Exploits26
The Hacker News
The Hacker News
added 2022/10/04 8:5 a.m.636 views

ProxyNotShell – the New Proxy Hell?

Nicknamed ProxyNotShell, a new exploit used in the wild takes advantage of the recently published Microsoft Server-Side Request Forgery SSRF vulnerability CVE-2022-41040 and a second vulnerability, CVE-2022-41082 that allows Remote Code Execution RCE when PowerShell is available to unidentified...

10CVSS0.3AI score0.99999EPSS
Exploits34
The Hacker News
The Hacker News
added 2021/06/28 6:39 a.m.626 views

Cisco ASA Flaw Under Active Attack After PoC Exploit Posted Online

A security vulnerability in Cisco Adaptive Security Appliance ASA that was addressed by the company last October, and again earlier this April, has been subjected to active in-the-wild attacks following the release of proof-of-concept PoC exploit code. The PoC was published by researchers from...

7.5CVSS1.6AI score0.99992EPSS
Exploits26
The Hacker News
The Hacker News
added 2022/02/03 2:5 p.m.623 views

Critical Flaws Discovered in Cisco Small Business RV Series Routers

Cisco has patched multiple critical security vulnerabilities impacting its RV Series routers that could be weaponized to elevate privileges and execute arbitrary code on affected systems, while also warning of the existence of proof-of-concept PoC exploit code targeting some of these bugs. Three ...

10CVSS0.8AI score0.80031EPSS
Exploits10
The Hacker News
The Hacker News
added 2024/01/18 9:19 a.m.622 views

PixieFail UEFI Flaws Expose Millions of Computers to RCE, DoS, and Data Theft

Multiple security vulnerabilities have been disclosed in the TCP/IP network protocol stack of an open-source reference implementation of the Unified Extensible Firmware Interface UEFI specification used widely in modern computers. Collectively dubbed PixieFail by Quarkslab, the nine issues reside...

8.8CVSS8.2AI score0.02084EPSS
Exploits1
The Hacker News
The Hacker News
added 2018/10/19 1:12 p.m.616 views

8 Popular Courses to Learn Ethical Hacking – 2018 Bundle

Update Oct 2018 — Over 30,000 students from all around the world have joined this training program so far. Due to the growing number of threats in the computer world, ethical hackers have become the most important player for not only governments but also private companies and IT firms in order to...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2022/05/03 5:50 a.m.615 views

AvosLocker Ransomware Variant Using New Trick to Disable Antivirus Protection

Cybersecurity researchers have disclosed a new variant of the AvosLocker ransomware that disables antivirus solutions to evade detection after breaching target networks by taking advantage of unpatched security flaws. "This is the first sample we observed from the U.S. with the capability to...

10CVSS0.5AI score0.99999EPSS
Exploits362
The Hacker News
The Hacker News
added 2022/02/17 5:42 a.m.614 views

U.S. Says Russian Hackers Stealing Sensitive Data from Defense Contractors

State-sponsored actors backed by the Russian government regularly targeted the networks of several U.S. cleared defense contractors CDCs to acquire proprietary documents and other confidential information pertaining to the country's defense and intelligence programs and capabilities. The sustaine...

9.8CVSS0.8AI score0.99999EPSS
Exploits56
The Hacker News
The Hacker News
added 2020/07/14 5:13 p.m.613 views

17-Year-Old Critical 'Wormable' RCE Vulnerability Impacts Windows DNS Servers

Cybersecurity researchers today disclosed a new highly critical "wormable" vulnerability—carrying a severity score of 10 out of 10 on the CVSS scale—affecting Windows Server versions 2003 to 2019. The 17-year-old remote code execution flaw CVE-2020-1350, dubbed 'SigRed' by Check Point, could allo...

10CVSS10.1AI score0.92178EPSS
Exploits21
The Hacker News
The Hacker News
added 2021/03/11 3:4 p.m.612 views

ProxyLogon PoC Exploit Released; Likely to Fuel More Disruptive Cyber Attacks

The U.S. Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of Investigation FBI on Wednesday issued a joint advisory warning of active exploitation of vulnerabilities in Microsoft Exchange on-premises products by nation-state actors and cybercriminals. "CISA and FBI...

9.8CVSS10AI score0.99999EPSS
Exploits63
Total number of security vulnerabilities5000