BackBox News

Latest news and insights on Security

GitHub confirms being hacked by TeamPCP, says customer data unaffected

GitHub confirms being hacked by TeamPCP, says customer data unaffected

Github, which hosts code for more than 100 million developers worldwide, confirmed the breach on social media after TeamPCP advertised stolen source code on a cybercrime forum.

The Record from Recorded Future News – ​Read More

Anthropic Silently Patches Claude Code Sandbox Bypass

The researcher who found it says the vulnerability could have been chained with a prompt injection to exfiltrate data.

The post Anthropic Silently Patches Claude Code Sandbox Bypass appeared first on SecurityWeek.

SecurityWeek – ​Read More

Caught Off Guard: Securing AI After It Hits Production

As enterprises rush AI projects into production, security teams are increasingly being forced into reactive mode.

The post Caught Off Guard: Securing AI After It Hits Production appeared first on SecurityWeek.

SecurityWeek – ​Read More

Fake Word Phishing Reveals Enterprise Blind Spot in Trusted Remote Access Tools

Disclosure: This article was provided by ANY.RUN. The information and analysis presented are based on their research and findings.

Hackread – Cybersecurity News, Data Breaches, AI and More – ​Read More

We tested the most popular VPNs in New York, London, and Tokyo – this one is the best for traveling

ZDNET’s latest Lab Award goes to the travel VPN with the fasted download speeds.

Latest news – ​Read More

Over 320 NPM Packages Hit by Fresh Mini Shai-Hulud Supply Chain Attack

A compromised maintainer account was used to publish malicious package versions across the @antv namespace.

The post Over 320 NPM Packages Hit by Fresh Mini Shai-Hulud Supply Chain Attack appeared first on SecurityWeek.

SecurityWeek – ​Read More

GitHub Confirms Hack Impacting 3,800 Internal Repositories

The TeamPCP hacking group accessed the repositories after a GitHub employee installed a poisoned VS Code extension.

The post GitHub Confirms Hack Impacting 3,800 Internal Repositories appeared first on SecurityWeek.

SecurityWeek – ​Read More

Banana RAT Malware in Fake Invoices Hits Customers at 16 Brazilian Banks

Banana RAT malware hidden in fake invoices and security update screens targets customers at 16 Brazilian banks stealing data with QR fraud.

Hackread – Cybersecurity News, Data Breaches, AI and More – ​Read More

Virtual Event Today: Threat Detection & Incident Response Summit

The speed and sophistication of cyberattacks have outpaced traditional defense methods. Please join us online today from 11AM -4PM ET for the Threat Detection & Incident Response Summit. Don’t miss this virtual event as we explore how to cut through alert fatigue, leverage AI and unified platforms to accelerate investigations, and apply actionable threat intelligence to […]

The post Virtual Event Today: Threat Detection & Incident Response Summit appeared first on SecurityWeek.

SecurityWeek – ​Read More

Interpol’s ‘Operation Ramz’ Pioneers Cross-Region Collabs in Middle East

Interpol’s ‘Operation Ramz’ Pioneers Cross-Region Collabs in Middle East

While the numbers are modest, the crackdown on cybercrime involved 13 countries in the MENA region, the largest law enforcement collaboration to date.

darkreading – ​Read More

BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.