Archive for the ‘website hacking’ Category

Critical Flaw Reported in Popular Evernote Extension for Chrome Users

June 13th, 2019
Cybersecurity researchers discover a critical flaw in the popular Evernote Chrome extension that could have allowed hackers to hijack your browser and steal sensitive information from any website you accessed. Evernote is a popular service that helps people taking notes and organize their to-do task lists, and over 4,610,000 users have been using its Evernote Web Clipper Extension for Chrome

Posted in Browser extensions, chrome, chrome extension, Cross site scripting, cyber security, Universal XSS, Web Application Security, Web Application Vulnerability, website hacking | Comments (0)

In-Depth Analysis of JS Sniffers Uncovers New Families of Credit Card-Skimming Code

April 3rd, 2019
In a world that's growing increasingly digital, Magecart attacks have emerged as a key cybersecurity threat to e-commerce sites. Magecart, which is in the news a lot lately, is an umbrella term given to 12 different cyber criminal groups that are specialized in secretly implanting a special piece of code on compromised e-commerce sites with an intent to steal payment card details of their

Posted in credit card breach, credit card hacking, Credit Card Skimmers, eCommerce Software, hacking credit cards, JS Sniffers, magecart, website hacking | Comments (0)

Critical Magento SQL Injection Vulnerability Discovered – Patch Your Sites

March 29th, 2019
If your online e-commerce business is running over the Magento platform, you must pay attention to this information. Magento yesterday released new versions of its content management software to address a total of 37 newly-discovered security vulnerabilities. Owned by Adobe since mid-2018, Magento is one of the most popular content management system (CMS) platform that powers 28% of

Posted in eCommerce Software, hacking news, Magento, Magento Ecommerce Website, Magento Hacking, Magento Vulnerability, SQL injection, Vulnerability, website hacking, website security | Comments (0)

New MageCart Attacks Target Bedding Retailers My Pillow and Amerisleep

March 20th, 2019
Cybersecurity researchers today disclosed details of two newly identified Magecart attacks targeting online shoppers of bedding retailers MyPillow and Amerisleep. Magecart is an umbrella term researchers gave to at least 11 different hacking groups that are specialized in implanting malware code on e-commerce websites with an intent to steal payment card details of their customers silently.

Posted in banking security, credit card hacking, credit card security, Credit Card Skimmers, Credit card skimming, digital skimmer, magecart, Online Security, website hacking, website security | Comments (0)

Hacker Breaches Dozens of Sites, Puts 127 Million New Records Up for Sale

February 15th, 2019
A hacker who was selling details of nearly 620 million online accounts stolen from 16 popular websites has now put up a second batch of 127 million records originating from 8 other sites for sale on the dark web. Last week, The Hacker News received an email from a Pakistani hacker who claims to have hacked dozens of popular websites (listed below) and selling their stolen databases online. <!

Posted in data breach, hacking news, hacking passwords, password hacking, website hacked, website hacking | Comments (0)

Someone Hacked PHP PEAR Site and Replaced the Official Package Manager

January 23rd, 2019
Beware! If you have downloaded PHP PEAR package manager from its official website in past 6 months, we are sorry to say that your server might have been compromised. Last week, the maintainers at PEAR took down the official website of the PEAR ( after they found that someone has replaced original PHP PEAR package manager (go-pear.phar) with a modified version in the core PEAR file

Posted in Cyber Attack, hacking news, php libraries, PHP PEAR, PHP PEAR packages, php programming language, php website, website development, website hacking | Comments (0)

Flight Booking System Flaw Affected Customers of 141 Airlines Worldwide

January 16th, 2019
Almost half of the fight travelers around the world were found exposed to a critical security vulnerability discovered in online flight ticket booking system that allowed remote hackers to access and modify their travel details and even claim their frequent flyer miles. Israeli network security researcher Noam Rotem discovered the vulnerability when he booked a flight on the Israeli airline

Posted in airline hacking, flight booking, flight hacking, flight tickets, hacking news, Vulnerability, website hacking | Comments (0)

Critical WordPress REST API Bug: Prevent Your Blog From Being Hacked!

February 2nd, 2017

Last week, WordPress patched three security flaws, but just yesterday the company disclosed about a nasty then-secret zero-day vulnerability that let remote unauthorized hackers modify the content of any post or page within a WordPress site.

The nasty bug resides in WordPress REST API that would lead to the creation of two new vulnerabilities: Remote privilege escalation and Content injection

Posted in hacking news, hacking wordpress, SQL injection, website hacking, WordPress, WordPress exploit, Wordpress Security | Comments (0)

Over 199,500 Websites Are Still Vulnerable to Heartbleed OpenSSL Bug

January 23rd, 2017

It’s more than two and half years since the discovery of the critical OpenSSL Heartbleed vulnerability, but the flaw is still alive as it appears that many organizations did not remediate properly to the serious security glitch.

It was one of the biggest flaws in the Internet’s history that affected the core security of as many as two-thirds of the world’s servers i.e. half a million servers at

Posted in hacking news, Heartbleed bug, Heartbleed OpenSSL Venerability, OpenSSL, OpenSSL Heartbleed, OpenSSL vulnerability, server hacking, Shodan search engine, website hacking | Comments (0)

Donald Trump appoints a CyberSecurity Advisor Whose Own Site is Damn Vulnerable

January 13th, 2017

Former New York City Mayor Rudolph W. Giuliani has been appointed as a cyber security advisor for the President-elect Donald Trump, but it appears that he never actually checked the security defenses of his own company’s website.

Giuliani is going to head a new Cybersecurity Working group for the President-elect, and “will be sharing his expertise and insight as a trusted friend concerning

Posted in Donald Trump, freebsd, hacking news, Joomla, Rudolph W. Giuliani, US President, website hacking | Comments (0)