Archive for the ‘website security’ Category
Note: We have updated this story to reflect new information after Stack Overflow changed its original announcement and shared more details on the security incident.
Stack Overflow, one of the largest question and answer site for programmers, revealed today that unknown hackers managed to exploit a bug in its development tier and then almost a week after they gained unauthorized access to its
Posted in Cyber Attack, cyber security, data breach, data security, hacking news, stack overflow, website security | Comments (0)
A team of security researchers at Microsoft discovered a potentially serious vulnerability in the Bluetooth-supported version of Google's Titan Security Keys that could not be patched with a software update.
However, users do not need to worry as Google has announced to offer a free replacement for the affected Titan Security Key dongles.
In a security advisory published Wednesday, Google
Posted in cybersecurity tool, FIDO U2F Security Key, Google Titan Key, Google Titan Security Keys, Online Security, password security, phishing, physical security key, titan security keys, website security | Comments (0)
If you own an eCommerce website built on WordPress and powered by WooCommerce plugin, then beware of a new, unpatched vulnerability that has been made public and could allow attackers to compromise your online store.
A WordPress security company—called "Plugin Vulnerabilities"—that recently gone rogue in order to protest against moderators of the WordPress’s official support forum has once
Posted in cyber security, hacking news, hacking wordpress website, website hacked, website security, WooCommerce, WordPress, Wordpress hacking, Wordpress Security | Comments (0)
Hackers have been found exploiting a pair of critical security vulnerabilities in one of the popular social media sharing plugins to take control over WordPress websites that are still running a vulnerable version of the plugin.
The vulnerable plugin in question is Social Warfare which is a popular and widely deployed WordPress plugin with more than 900,000 downloads. It is used to add social
Posted in cyber security, hack wordpress, hacking news, php security, remote code execution, website security, WordPress, Wordpress hacking, Wordpress Security | Comments (0)
Drupal, the popular open-source content management system, has released security updates to address multiple "moderately critical" vulnerabilities in Drupal Core that could allow remote attackers to compromise the security of hundreds of thousands of websites.
According to the advisories published today by the Drupal developers, all security vulnerabilities Drupal patched this month reside in
Posted in Cross site scripting, cybersecurity, Drupal, Drupal hacking, hacking news, JQuery, php security, remote code execution, Vulnerability, website security | Comments (0)
An unprotected database belonging to JustDial, India's largest local search service, is leaking personally identifiable information of its every customer in real-time who accessed the service via its website, mobile app, or even by calling on its fancy "88888 88888" customer care number, The Hacker News has learned and independently verified.
Founded over two decades ago, JustDial (JD) is the
Posted in API Security, cyber security, data breach, data leaked, Database Security, hacking news, Just dial, mobile api security, server security, unprotected database, website security | Comments (0)
If your online e-commerce business is running over the Magento platform, you must pay attention to this information.
Magento yesterday released new versions of its content management software to address a total of 37 newly-discovered security vulnerabilities.
Owned by Adobe since mid-2018, Magento is one of the most popular content management system (CMS) platform that powers 28% of
Posted in eCommerce Software, hacking news, Magento, Magento Ecommerce Website, Magento Hacking, Magento Vulnerability, SQL injection, Vulnerability, website hacking, website security | Comments (0)
Cybersecurity researchers today disclosed details of two newly identified Magecart attacks targeting online shoppers of bedding retailers MyPillow and Amerisleep.
Magecart is an umbrella term researchers gave to at least 11 different hacking groups that are specialized in implanting malware code on e-commerce websites with an intent to steal payment card details of their customers silently.
Posted in banking security, credit card hacking, credit card security, Credit Card Skimmers, Credit card skimming, digital skimmer, magecart, Online Security, website hacking, website security | Comments (0)
If for some reason your WordPress-based website has not yet been automatically updated to the latest version 5.1.1, it's highly recommended to immediately upgrade it before hackers could take advantage of a newly disclosed vulnerability to hack your website.
Simon Scannell, a researcher at RIPS Technologies GmbH, who previously reported multiple critical vulnerabilities in WordPress, has once
Posted in hack wordpress, hacking news, website security, WordPress, WordPress exploit, Wordpress hacking, WordPress Vulnerability | Comments (0)