BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Polish Security Agency Reports ICS Breaches at Five Water Treatment Plants
/in General NewsThe hackers gained the ability to modify equipment operational parameters, creating a direct risk to the public water supply.
The post Polish Security Agency Reports ICS Breaches at Five Water Treatment Plants appeared first on SecurityWeek.
SecurityWeek – Read More
AI Firm Braintrust Prompts API Key Rotation After Data Breach
/in General NewsHackers accessed one of the company’s AWS accounts and compromised AI provider secrets stored in Braintrust.
The post AI Firm Braintrust Prompts API Key Rotation After Data Breach appeared first on SecurityWeek.
SecurityWeek – Read More
One Missed Threat Per Week: What 25M Alerts Reveal About Low-Severity Risk
/in General NewsThe dark secret of enterprise security operations is that defenders have quietly institutionalized the practice of not looking. This is not just anecdotal, but rather backed by a recent report investigating more than 25 million security alerts, including informational and low-severity, across live enterprise environments.
The dataset behind these findings includes 10 million monitored
The Hacker News – Read More
New Linux PamDOORa Backdoor Uses PAM Modules to Steal SSH Credentials
/in General NewsCybersecurity researchers have disclosed details of a new Linux backdoor named PamDOORa that’s being advertised on the Rehub Russian cybercrime forum for $1,600 by a threat actor called “darkworm.”
The backdoor is designed as a Pluggable Authentication Module (PAM)-based post-exploitation toolkit that enables persistent SSH access by means of a magic password and specific TCP port combination.
The Hacker News – Read More
Cyberattack Hits Canvas System Used by Thousands of Schools as Finals Loom
/in General NewsA system that thousands of schools and universities use went offline due to a cyberattack, creating chaos as students tried to study for finals.
The post Cyberattack Hits Canvas System Used by Thousands of Schools as Finals Loom appeared first on SecurityWeek.
SecurityWeek – Read More
Ransomware Group Takes Credit for Trellix Hack
/in General NewsRansomHouse has published several screenshots to demonstrate access to internal Trellix services.
The post Ransomware Group Takes Credit for Trellix Hack appeared first on SecurityWeek.
SecurityWeek – Read More
‘PCPJack’ Worm Removes TeamPCP Infections, Steals Credentials
/in General NewsThe malware framework targets web applications and cloud environments, including AWS, Docker, Kubernetes, and more.
The post ‘PCPJack’ Worm Removes TeamPCP Infections, Steals Credentials appeared first on SecurityWeek.
SecurityWeek – Read More
Meet Rassvet, Russia’s Answer to Starlink
/in General NewsWith the launch of the first 16 satellites, Russia begins construction of a network for satellite internet that aims to cover the entire country by 2030. But getting there won’t be easy.
Security Latest – Read More
Ivanti Patches EPMM Zero-Day Exploited in Targeted Attacks
/in General NewsCVE-2026-6973 is a high-severity vulnerability that allows an attacker who has admin privileges to execute arbitrary code.
The post Ivanti Patches EPMM Zero-Day Exploited in Targeted Attacks appeared first on SecurityWeek.
SecurityWeek – Read More
The Canvas Hack Is a New Kind of Ransomware Debacle
/in General NewsThousands of schools around the US were paralyzed on Thursday after education tech firm Instructure shut down access to its Canvas platform following a breach by hackers going by the name ShinyHunters.
Security Latest – Read More