BackBox News

Latest news and insights on Security

My 4 favorite Android Auto settings are seriously useful – but hidden by default

These developer settings can completely change how your Android Auto looks and operates. They’re not difficult to access, and it only takes a minute.

Latest news – ​Read More

American Lending Center Data Breach Affects 123,000 Individuals

The non-bank lender discovered a ransomware attack nearly one year ago, but only recently completed its investigation.

The post American Lending Center Data Breach Affects 123,000 Individuals appeared first on SecurityWeek.

SecurityWeek – ​Read More

I tested Bose’s new smart speaker beside my Sonos Era 100 – it was better in several ways

Months after sunsetting the SoundTouch lineup, Bose’s Lifestyle Ultra proves that it can still make versatile and great-sounding speaker.

Latest news – ​Read More

Cyber Pioneers Ponder Past as Prologue

Cyber Pioneers Ponder Past as Prologue

Robert “RSnake” Hansen, Katie Moussouris, Rich Mogull, Richard Stiennon, and Bruce Schneier reflect on how their favorite columns penned for Dark Reading over the past 20 years have stood the test of time.

darkreading – ​Read More

I tested Bose’s Lifestyle Ultra soundbar, and it raised the ‘too much bass’ debate in my home

Bose’s premium soundbar debuts with improvements under the hood, but it’s reinventing itself in an already crowded field.

Latest news – ​Read More

TeamPCP Ups the Game, Releases Shai-Hulud Worm’s Source Code

The hacking group is encouraging miscreants to use the code in supply chain attacks, promising monetary rewards.

The post TeamPCP Ups the Game, Releases Shai-Hulud Worm’s Source Code appeared first on SecurityWeek.

SecurityWeek – ​Read More

On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email

On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email

Microsoft has disclosed a new security vulnerability impacting on-premise versions of Exchange Server that it said has come under active exploitation in the wild.
The vulnerability, tracked as CVE-2026-42897 (CVSS score: 8.1), has been described as a spoofing bug stemming from a cross-site scripting flaw. An anonymous researcher has been credited with discovering and reporting the issue.

The Hacker News – ​Read More

Chrome 148 Update Patches Critical Vulnerabilities

The refresh resolves critical-severity use-after-free and other types of bugs in various browser components.

The post Chrome 148 Update Patches Critical Vulnerabilities appeared first on SecurityWeek.

SecurityWeek – ​Read More

Cisco Patches Another SD-WAN Zero-Day, the Sixth Exploited in 2026

The zero-day, tracked as CVE-2026-20182, has been exploited in targeted attacks by a sophisticated threat actor identified as UAT-8616.

The post Cisco Patches Another SD-WAN Zero-Day, the Sixth Exploited in 2026 appeared first on SecurityWeek.

SecurityWeek – ​Read More

CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits

CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits

The U.S.Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a newly disclosed vulnerability impacting Cisco Catalyst SD-WAN Controller to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to remediate the issue by May 17, 2026.
The vulnerability is a critical authentication bypass tracked as CVE-2026-20182. It’s

The Hacker News – ​Read More

BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.