Hacker News with Generative AI: Hacking

Apple Patches Older iPhones Against 'Sophisticated' Hacker Attacks (bitdefender.com)
Apple is offering a batch of updates across its product lineup this week to address dozens of important security flaws, including some that criminals are already exploiting.

Security, Apple, iPhones, Hacking, Software Updates

7 points by walterbell 2 days ago | 0 comments

Furry hackers who leaked Heritage Foundation data feared raided by feds (dailydot.com)
Individuals with connections to SiegedSec, the now-defunct group of “gay furry hackers” who leaked data relating to the think tank behind Project 2025, believe their former leader may have been arrested in a raid by law enforcement.

Cybersecurity, Hacking, Politics, Law Enforcement

38 points by anigbrowl 3 days ago | 1 comments

FBI Alert Issued as Time Traveling Hackers Attack –Act Now (forbes.com)
Enable 2FA as time-traveling hackers strike.

Cybersecurity, Time Travel, Hacking

8 points by mfareed 4 days ago | 2 comments

We hacked Gemini's Python sandbox and leaked its source code (at least some) (landh.tech)
In 2024 we released the blog post We Hacked Google A.I. for $50,000, where we traveled in 2023 to Las Vegas with Joseph "rez0" Thacker, Justin "Rhynorater" Gardner, and myself, Roni "Lupin" Carta, on a hacking journey that spanned from Las Vegas, Tokyo to France, all in pursuit of Gemini vulnerabilities during Google's LLM bugSWAT event. Well, we did it again …

Security, Generative AI, Hacking, Google

664 points by topsycatt 6 days ago | 142 comments

Gemini hackers can deliver more potent attacks with a helping hand from Gemini (arstechnica.com)
Hacking LLMs has always been more art than science. A new attack on Gemini could change that.

Generative AI, Security, Hacking

6 points by rntn 6 days ago | 1 comments

Apple in code search profanity outrage (2006) (theregister.com)
Our chums down at SecurityFocus recently warned that Google's new Code Search facility could allow developers' open source repositories to be "easily mined, allowing attackers to target programs that are likely to be flawed".

Security, Code Search, Google, Open Source, Hacking

8 points by jansan 9 days ago | 4 comments

Phrack Issue 49, File 14: Smashing the Stack for Fun and Profit (1996) (phrack.org)
Over the last few months there has been a large increase of buffer overflow vulnerabilities being both discovered and exploited.

Security, Hacking, Programming, History

10 points by susam 9 days ago | 0 comments

How I pwned a major New Zealand service provider (mrbruh.com)
On the evening of the 19th February 2025 I had an itch, an itch to do good in the world and to continue to polish my pen testing skills.

Security, New Zealand, Hacking, Pen Testing

54 points by MrBruh 10 days ago | 46 comments

I-cant-believe-its-not-webusb: Hacking around lack of WebUSB support in Firefox (github.com/ArcaneNibble)
It turns out that there is a way for a web page to access USB devices without requiring WebUSB and its associated political disagreements!

Web Development, Firefox, USB, Security, Hacking

314 points by todsacerdoti 21 days ago | 288 comments

Show HN: I Made an Escape Room Themed Prompt Injection Challenge (pangea.cloud)

Security, Prompt Injection, Web Development, Hacking, Challenges

8 points by planetpr 22 days ago | 1 comments

The insecurity of telecom stacks in the wake of Salt Typhoon (soatok.blog)
Towards the end of last year, we learned that a group (allegedly affiliated with the Chinese government, referred to as “Salt Typhoon”) breached T-Mobile and other telecommunications companies and caused all sorts of havoc.

Cybersecurity, Telecom, China, Government, Hacking

312 points by zdw 23 days ago | 207 comments

North Korean Lazarus hackers infect hundreds via NPM packages (bleepingcomputer.com)
Six malicious packages have been identified on npm (Node package manager) linked to the notorious North Korean hacking group Lazarus.

Cybersecurity, North Korea, Hacking, Software

6 points by protik49 23 days ago | 0 comments

Snope's six week odyssey to recover their hacked Twitter account (infosec.exchange)

Cybersecurity, Social Media, Twitter, Hacking

4 points by latexr 25 days ago | 0 comments

Feds Link Cyberheist to 2022 LastPass Hacks (krebsonsecurity.com)
In September 2023, KrebsOnSecurity published findings from security researchers who concluded that a series of six-figure cyberheists across dozens of victims resulted from thieves cracking master passwords stolen from the password manager service LastPass in 2022. In a court filing this week, U.S. federal agents investigating a spectacular $150 million cryptocurrency heist said they had reached the same conclusion.

Cybersecurity, Data Breaches, Cryptocurrency, Hacking, Password Management

383 points by todsacerdoti 27 days ago | 258 comments

US charges Chinese hackers who targeted dissidents (bbc.com)
US prosecutors have charged 12 Chinese nationals for being part of an alleged hacking scheme, which sold data of US-based dissidents to the Chinese government.

Cybersecurity, China, Espionage, Politics, Hacking

5 points by rmason 28 days ago | 0 comments

Exposing Russian EFF Impersonators: The Inside Story on Stealc and Pyramid C2 (hunt.io)
Open directories often expose more than just files--they provide a window into how malicious campaigns operate. In this case, we identified a threat actor impersonating the Electronic Frontier Foundation (EFF) to target the online gaming community. The exposed directory contained decoy documents alongside the malware used in this operation: Steal and Pyramid C2.

Cybersecurity, Malware, Hacking, Russia, EFF

115 points by hn_acker 28 days ago | 18 comments

Zen and the Art of Microcode Hacking (bughunters.google.com)

Zen, Hacking, Microcode, Software Engineering, Security

68 points by nspaced 29 days ago | 3 comments

I hacked my company's SSO provider (mattsayar.com)
I never thought I'd stumble across a previously-undiscovered vulnerability, much less one in security software.

Security, Hacking, Software, Vulnerability

20 points by MattSayar 30 days ago | 6 comments

Show HN: I built a Matrix themed AI hacking game (repello.ai)

Game Development, Artificial Intelligence, Hacking, Show HN

24 points by emoclew 31 days ago | 9 comments

Hacking the Xbox 360 Hypervisor Part 2: The Bad Update Exploit (icode4.coffee)
As of today I have a fully working software only hypervisor exploit for the latest xbox 360 retail dashboard 17559 (should work on almost any software version though). Here's what you need to know…

Xbox 360, Security, Hacking, Gaming

274 points by kevincox 31 days ago | 107 comments

How to gain code execution on hundreds of millions of people and popular apps (kibty.town)

Security, Hacking, Software, Vulnerability, Code Execution

1156 points by xyzeva 34 days ago | 319 comments

North Korea pulled off a $1.5B crypto heist–the biggest in history (arstechnica.com)
The cryptocurrency industry and those responsible for securing it are still in shock following Friday’s heist, likely by North Korea, that drained $1.5 billion from Dubai-based exchange Bybit, making the theft by far the biggest ever in digital asset history.

Cryptocurrency, Cybersecurity, North Korea, Hacking, Finance

12 points by amclennon 38 days ago | 2 comments

Breaking into apartment buildings in five minutes on my phone (ericdaigle.ca)
What a place to use default credentials

Security, Hacking, Technology, Real Estate

511 points by ChrisArchitect 38 days ago | 293 comments

Bybit sees over $4B 'bank run' after crypto's biggest hack (coindesk.com)
Major cryptocurrency exchange Bybit has seen total outflows of over $5.5 billion after it suffered a near $1.5 billion hack that saw hackers, believed to be from North Korea’s Lazarus Group, drain its ether cold wallet.

Cryptocurrency, Security Breaches, North Korea, Hacking, Exchanges

46 points by speckx 39 days ago | 87 comments

The $1.5B Bybit Hack (trailofbits.com)
Two weeks ago at the DeFi Security Summit, Trail of Bits’ Josselin Feist (@Montyly) was asked if we’d see a billion-dollar exploit in 2025. His response: “If it happens, it won’t be a smart contract, it’ll be an operational security issue.”

Cryptocurrency, Security, Hacking, DeFi

128 points by todsacerdoti 40 days ago | 138 comments

Bybit loses $1.5B in hack (tradingview.com)
Cryptocurrency exchange Bybit has experienced $1.46 billion worth of "suspicious outflows," according to blockchain sleuth ZachXBT.

Cryptocurrency, Security, Hacking, Finance

320 points by tuananh 41 days ago | 361 comments

Hackers could attack Europes energy grid [video] (dw.com)
Cyber criminals are able to access solar power installations and throw entire electricity grids into chaos. DW talked to some well-minded hackers about the threat and what consumers can do to avoid it.

Cybersecurity, Energy, Europe, Hacking

6 points by HanchoPan 43 days ago | 0 comments

The Fall of FiveM (fivem.team)
Behind the friendly, smiling, snail mascot of FiveM - you'll find many dark secrets.

Gaming, Online Communities, Controversy, Hacking, Security

74 points by ChocolateGod 45 days ago | 21 comments

All Kindles can now be jailbroken (kindlemodding.org)
All Kindles can now be jailbroken

E-Readers, Security, Hacking

1377 points by lumerina 46 days ago | 423 comments

China's Salt Typhoon Spies Still Hacking Telecoms by Exploiting Cisco Routers (wired.com)
When the Chinese hacker group known as Salt Typhoon was revealed last fall to have deeply penetrated major US telecommunications companies—ultimately breaching no fewer than nine of the phone carriers and accessing Americans' texts and calls in real time—that hacking campaign was treated as a four-alarm fire by the US government.

Cybersecurity, China, Hacking, Telecoms, Cisco

18 points by ironyman 47 days ago | 1 comments