BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
No feed items found.
Exploit DB
- [remote] Microsoft Windows - NTLM Hash Leak Malicious Windows Theme
- [remote] Aztech DSL5005EN Router - 'sysAccess.asp' Admin Password Change (Unauthenticated)
- [webapps] TeamPass 3.0.0.21 - SQL Injection
- [webapps] Jasmin Ransomware - SQL Injection Login Bypass
- [webapps] FluxBB 1.5.11 - Stored Cross-Site Scripting (XSS)
- [webapps] JUX Real Estate 3.4.0 - SQL Injection
- [webapps] Loaded Commerce 6.6 - Client-Side Template Injection(CSTI) (AngularJS)
- [webapps] Extensive VC Addons for WPBakery page builder 1.9.0 - Remote Code Execution (RCE)
- [webapps] TranzAxis 3.2.41.10.26 - Stored Cross-Site Scripting (XSS) (Authenticated)
- [webapps] Gitea 1.24.0 - HTML Injection
GitHub Supply Chain Breach: Coinbase Attack Exposes 218 Repositories, Leaks CI/CD Secrets
/in General NewsThe supply chain attack involving the GitHub Action “tj-actions/changed-files” started as a highly-targeted attack against one of Coinbase’s open-source projects, before evolving into something more widespread in scope.
“The payload was focused on exploiting the public CI/CD flow of one of their open source projects – agentkit, probably with the purpose of leveraging it for further compromises,”
The Hacker News – Read More
How Counterfeiters Use Technology to Fake Product Labels (and Strategies to Combat Fraud)
/in General NewsCounterfeit products are a growing problem in today’s market. With advancements in technology, counterfeiters have become more skilled…
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
How Cybercriminals Exploit Notification Channels
/in General NewsCybercriminals are always looking for new ways to take advantage of people. One effective method they use is…
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Why AI Systems Need Red Teaming Now More Than Ever
/in General NewsAI systems are becoming a huge part of our lives, but they are not perfect. Red teaming helps…
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
How Cybercriminals Exploit Public Info for Attacks: Understanding Risks and Prevention
/in General NewsCybercriminals are skilled at using public information to their advantage. Knowing how they gather this data can help…
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Oracle Denies Breach Amid Hacker’s Claim of Access to 6 Million Records
/in General NewsOracle denies breach claims as hacker alleges access to 6 million cloud records. CloudSEK reports a potential zero-day exploit affecting 140,000 tenants.
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
U.S. Treasury Lifts Tornado Cash Sanctions Amid North Korea Money Laundering Probe
/in General NewsThe U.S. Treasury Department has announced that it’s removing sanctions against Tornado Cash, a cryptocurrency mixer service that has been accused of aiding the North Korea-linked Lazarus Group to launder their ill-gotten proceeds.
“Based on the Administration’s review of the novel legal and policy issues raised by use of financial sanctions against financial and commercial activity occurring
The Hacker News – Read More
New Phishing Scam Uses Fake Instagram Chatbot to Hijack Accounts
/in General NewsNew phishing scam targets Instagram business accounts using fake chatbots and support emails, tricking users into handing over login credentials.
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Attackers Pivot to SEMrush Spoof to Steal Google Credentials
/in General NewsThe attackers are taking an indirect approach to targeting SEO professionals and their Google credentials, using a fake digital marketing website.
darkreading – Read More
Nation-State ‘Paragon’ Spyware Infections Target Civil Society
/in General NewsLaw enforcement entities in democratic states have been deploying top-of-the-line messaging app spyware against journalists and aid workers.
darkreading – Read More