A 19-year-old boy identifying as a cybersecurity researcher has claimed that the test website of the Central Board of Secondary Education’s (CBSE) On-Screen Marking (OSM) contained a hard-coded ...

Two months after Rapid7 discovered the hole in the Git service, the project maintainer has yet to patch the bug.

Nisarga Adhikary claimed he had hacked the CBSE website and identified serious lapses in the agency's On Screen Marking (OSM) ...

CVE-2026-5426 enabled KnowledgeDeliver LMS attacks before February 24, 2026, leading to Cobalt Strike infections.

The disguised apps use WebView automation, JavaScript injection, and OTP interception to avoid detection and complete fraudulent subscriptions.

Tycoon2FA has returned with new device-code phishing attacks targeting Microsoft 365 users through legitimate OAuth login ...

The Tycoon2FA phishing kit now supports device-code phishing attacks and abuses Trustifi click-tracking URLs to hijack ...

The Hacker News is the top cybersecurity news platform, delivering real-time updates, threat intelligence, data breach ...

Authentication is the process of verifying a user’s or system’s identity before granting access. It protects digital environments by validating credentials, issuing secure tokens, and applying methods ...

Abstract: User authentication based on username and password is the most common means to enforce access control. This form of access restriction is prone to hacking since stolen usernames and ...

Microsoft has announced a major initiative to move away from traditional passwords, introducing a new authentication system that uses access keys and biometric verification methods. The transformation ...