BackBox News

Latest news and insights on Security

ClickFix Scams Abuse Google, Cloudflare Checks to Deliver 7 Malware Families

Malwarebytes links fake Google and Cloudflare verification pages to shared ClickFix infrastructure delivering StealC, NetSupport and other malware.

Hackread – Cybersecurity News, Data Breaches, AI and More – ​Read More

I tried the best-looking laptop of 2026, and its battery life was the real surprise

HP brought aesthetics front and center with the 2026 OmniBook X Flip 14, but thankfully, it didn’t stop there.

Latest news – ​Read More

Suspected China-Nexus Hackers Use Fake Indian Tax Filing Utility to Deploy DcRAT

Suspected China-Nexus Hackers Use Fake Indian Tax Filing Utility to Deploy DcRAT

A suspected China-nexus threat activity cluster has been observed targeting Indian taxpayers, tax professionals, and corporate finance teams to deliver a remote access trojan designed to steal sensitive data from compromised hosts.

The multi-stage campaign, codenamed Operation DragonReturn by Seqrite Labs, involves sending spear-phishing emails impersonating the Income Tax Department of India.

The Hacker News – ​Read More

How to Evaluate an AI SOC Platform in 2026: 6 Capabilities That Separate Leaders from Bolt-On AI solutions

How to Evaluate an AI SOC Platform in 2026: 6 Capabilities That Separate Leaders from Bolt-On AI solutions

Building a shortlist for an AI SOC evaluation can be tough. SIEM, SOAR, and pureplay AI SOC vendors are all saying the same thing. But behind the identical label sit very different products, from chat assistants bolted onto a legacy SIEM to agent platforms that run detection, triage, investigation, and response on their own data foundation.

Whether a platform will materially change outcomes for

The Hacker News – ​Read More

Proof-of-Concept Exploit Released for Linux ‘Bad Epoll’ Root Access Vulnerability

Organizations are urged to patch after proof-of-concept code makes the Linux root escalation flaw easier to exploit.

The post Proof-of-Concept Exploit Released for Linux ‘Bad Epoll’ Root Access Vulnerability appeared first on SecurityWeek.

SecurityWeek – ​Read More

AI Can Forge Documents in Minutes – “Looks Right” Is No Longer Enough

Generative AI is making document fraud faster and harder to spot, pushing security teams to verify provenance, signatures and file integrity at intake securely.

Hackread – Cybersecurity News, Data Breaches, AI and More – ​Read More

Prompt Injection Attacks Trick AI Agents Into Making Crypto Payments

Researchers uncovered two campaigns embedding indirect prompt injections in malicious websites to exploit autonomous AI agents browsing the web.

The post Prompt Injection Attacks Trick AI Agents Into Making Crypto Payments appeared first on SecurityWeek.

SecurityWeek – ​Read More

New Java-Based QuimaRAT MaaS Built to Run on Windows, Linux, and macOS

New Java-Based QuimaRAT MaaS Built to Run on Windows, Linux, and macOS

Cybersecurity researchers have flagged a novel Java-based remote access trojan (RAT) called QuimaRAT that’s capable of targeting Windows, Linux, and macOS environments.

According to LevelBlue, the cross-platform malware is advertised under a malware-as-a-service (MaaS) model, costing anywhere between $150 for one month to $1,200 for lifetime access. Other subscription tiers include $300 for

The Hacker News – ​Read More

ICE’s Internal Watchdog Is Now Investigating Online Critics

ICE’s Internal Watchdog Is Now Investigating Online Critics

The Office of Professional Responsibility has opened more than 100 cases over what ICE officials call “incidents of doxing and threats” against ICE employees.

Security Latest – ​Read More

New TrojPix Attack Leaks Data From Air-Gapped Systems via Video Cable Emissions

New TrojPix Attack Leaks Data From Air-Gapped Systems via Video Cable Emissions

Researchers at Shandong University have shown a fast new way to pull data off computers that are cut off from every network. The technique, called TrojPix, tweaks on-screen pixels in ways the eye cannot see, so that the video cable carrying them radiates a faint radio signal a nearby receiver can decode.

But TrojPix works only once malware is already on the target machine, so it

The Hacker News – ​Read More

BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.