BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
ClickFix Scams Abuse Google, Cloudflare Checks to Deliver 7 Malware Families
/in General NewsMalwarebytes links fake Google and Cloudflare verification pages to shared ClickFix infrastructure delivering StealC, NetSupport and other malware.
Hackread – Cybersecurity News, Data Breaches, AI and More – Read More
I tried the best-looking laptop of 2026, and its battery life was the real surprise
/in General NewsHP brought aesthetics front and center with the 2026 OmniBook X Flip 14, but thankfully, it didn’t stop there.
Latest news – Read More
Suspected China-Nexus Hackers Use Fake Indian Tax Filing Utility to Deploy DcRAT
/in General NewsA suspected China-nexus threat activity cluster has been observed targeting Indian taxpayers, tax professionals, and corporate finance teams to deliver a remote access trojan designed to steal sensitive data from compromised hosts.
The multi-stage campaign, codenamed Operation DragonReturn by Seqrite Labs, involves sending spear-phishing emails impersonating the Income Tax Department of India.
The Hacker News – Read More
How to Evaluate an AI SOC Platform in 2026: 6 Capabilities That Separate Leaders from Bolt-On AI solutions
/in General NewsBuilding a shortlist for an AI SOC evaluation can be tough. SIEM, SOAR, and pureplay AI SOC vendors are all saying the same thing. But behind the identical label sit very different products, from chat assistants bolted onto a legacy SIEM to agent platforms that run detection, triage, investigation, and response on their own data foundation.
Whether a platform will materially change outcomes for
The Hacker News – Read More
Proof-of-Concept Exploit Released for Linux ‘Bad Epoll’ Root Access Vulnerability
/in General NewsOrganizations are urged to patch after proof-of-concept code makes the Linux root escalation flaw easier to exploit.
The post Proof-of-Concept Exploit Released for Linux ‘Bad Epoll’ Root Access Vulnerability appeared first on SecurityWeek.
SecurityWeek – Read More
AI Can Forge Documents in Minutes – “Looks Right” Is No Longer Enough
/in General NewsGenerative AI is making document fraud faster and harder to spot, pushing security teams to verify provenance, signatures and file integrity at intake securely.
Hackread – Cybersecurity News, Data Breaches, AI and More – Read More
Prompt Injection Attacks Trick AI Agents Into Making Crypto Payments
/in General NewsResearchers uncovered two campaigns embedding indirect prompt injections in malicious websites to exploit autonomous AI agents browsing the web.
The post Prompt Injection Attacks Trick AI Agents Into Making Crypto Payments appeared first on SecurityWeek.
SecurityWeek – Read More
New Java-Based QuimaRAT MaaS Built to Run on Windows, Linux, and macOS
/in General NewsCybersecurity researchers have flagged a novel Java-based remote access trojan (RAT) called QuimaRAT that’s capable of targeting Windows, Linux, and macOS environments.
According to LevelBlue, the cross-platform malware is advertised under a malware-as-a-service (MaaS) model, costing anywhere between $150 for one month to $1,200 for lifetime access. Other subscription tiers include $300 for
The Hacker News – Read More
ICE’s Internal Watchdog Is Now Investigating Online Critics
/in General NewsThe Office of Professional Responsibility has opened more than 100 cases over what ICE officials call “incidents of doxing and threats” against ICE employees.
Security Latest – Read More
New TrojPix Attack Leaks Data From Air-Gapped Systems via Video Cable Emissions
/in General NewsResearchers at Shandong University have shown a fast new way to pull data off computers that are cut off from every network. The technique, called TrojPix, tweaks on-screen pixels in ways the eye cannot see, so that the video cable carrying them radiates a faint radio signal a nearby receiver can decode.
But TrojPix works only once malware is already on the target machine, so it
The Hacker News – Read More