BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
[wp-rss-aggregator feeds="kitploit" limit="10" pagination="off"]
Exploit DB
[wp-rss-aggregator feeds="exploit-db" limit="10" pagination="off"]
Latest news and insights on Security
Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed
/in General NewsThreat actors are exploiting a maximum-severity security flaw in Flowise, an open-source artificial intelligence (AI) platform, according to new findings from VulnCheck.
The vulnerability in question is CVE-2025-59528 (CVSS score: 10.0), a code injection vulnerability that could result in remote code execution.
“The CustomMCP node allows users to input configuration settings for connecting
The Hacker News – Read More
Wynn Resorts Says 21,000 Employees Affected by ShinyHunters Hack
/in General NewsThe high-end casino and hotel operator has likely paid a ransom to avoid a data leak.
The post Wynn Resorts Says 21,000 Employees Affected by ShinyHunters Hack appeared first on SecurityWeek.
SecurityWeek – Read More
I found Android Auto’s hidden shortcut that automates any task in your car – and it’s brilliant
/in General NewsAndroid Auto’s best feature is one you probably haven’t discovered yet – and Custom Assistant takes only a minute to set up.
Latest news – Read More
LG G6 vs. Samsung S95H: I compared the best OLED TVs of 2026 and made a tough choice
/in General NewsThe LG G6 and Samsung S95H are two premium-grade OLED TVs with excellent picture and sound, but which is the better buy?
Latest news – Read More
Samsung’s latest TV firmware update fixes the Chromecast issue for older models – finally
/in General NewsSamsung’s 2026 TV lineup will feature built-in support for Google Cast, but with the latest firmware, models as far back as 2024 will also get an update.
Latest news – Read More
Axios Attack Shows Social Complex Engineering Is Industrialized
/in General NewsThe attack on the popular NPM package Axios is just one of many targeting maintainers and has shone a light on how threat actors can scale sophisticated social engineering campaigns.
darkreading – Read More
AI-Assisted Supply Chain Attack Targets GitHub
/in General NewsPRT-scan is the second in recent months where a threat actor appears to have leveraged AI for automated targeting of a widespread GitHub misconfiguration.
darkreading – Read More
Fortinet Issues Emergency Patch for FortiClient Zero-Day
/in General NewsThe authentication bypass flaw, tracked as CVE-2026-35616, is the latest in a series of Fortinet vulnerabilities that have been exploited in the wild.
darkreading – Read More
This is the lowest price on an M5 MacBook Air I’ve seen – and it launched a month ago
/in General NewsOn Amazon, the 13-inch MacBook Air M5 currently starts at $950, luring Windows laptop users over to Apple’s ecosystem.
Latest news – Read More
Iran-Linked Password-Spraying Campaign Targets 300+ Israeli Microsoft 365 Organizations
/in General NewsAn Iran-nexus threat actor is suspected to be behind a password-spraying campaign targeting Microsoft 365 environments in Israel and the U.A.E. amid ongoing conflict in the Middle East.
The activity, assessed to be ongoing, was carried out in three distinct attack waves that took place on March 3, March 13, and March 23, 2026, per Check Point.
“The campaign is primarily
The Hacker News – Read More