Recently a well-known tech company Yahoo got hacked by a hacker named “Behrouz Sadeghipour” who reported it immediately to the company. So you might be thinking how it happened ? right ? So , the fault was of Yahoo as the hacker found Yahoo’s admin panel and the most surprising thing is that Yahoo was using username and password as ‘admin‘.
So you might be thinking that why a well known tech company with many IT Experts would be using username and password as ‘admin‘ ? Well , in this situation we can say that there is no patch for human stupidity.
This stupidity let the hacker upload a PHP script on a subdomain of Yahoo ( hk.yahoo.net ),The following picture shows that he uploaded his PHP script on on a subdomain of Yahoo :
In this situation the hacker performed as White-Hat Hacker as he could deface Yahoo or could leak any information but he reported it. Well , this shows us that Yahoo is not safe at all for keeping our personal information such as credit card because If attacker can upload a script on Yahoo then attacker can easily leak any kind of data.