BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
[wp-rss-aggregator feeds="kitploit" limit="10" pagination="off"]
Exploit DB
[wp-rss-aggregator feeds="exploit-db" limit="10" pagination="off"]
Latest news and insights on Security
Veeam Patches CVE-2025-23121: Critical RCE Bug Rated 9.9 CVSS in Backup & Replication
/in General NewsVeeam has rolled out patches to contain a critical security flaw impacting its Backup & Replication software that could result in remote code execution under certain conditions.
The security defect, tracked as CVE-2025-23121, carries a CVSS score of 9.9 out of a maximum of 10.0.
“A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user,” the
The Hacker News – Read More
Iran Slows Internet to Prevent Cyber Attacks Amid Escalating Regional Conflict
/in General NewsIran has throttled internet access in the country in a purported attempt to hamper Israel’s ability to conduct covert cyber operations, days after the latter launched an unprecedented attack on the country, escalating geopolitical tensions in the region.
Fatemeh Mohajerani, the spokesperson of the Iranian Government, and the Iranian Cyber Police, FATA, said the internet slowdown was designed to
The Hacker News – Read More
Indian Car-Sharing Firm Zoomcar Latest to Suffer Breach
/in General NewsThe company acknowledged that cybercriminals had taken sensitive information on more than 8 million users, including names, phone numbers, car registration numbers, addresses, and emails.
darkreading – Read More
‘HoldingHands’ Acts Like a Pickpocket With Taiwan Orgs
/in General NewsSince at least January, the threat actor has been employing multiple malware tools to steal information for potential future attacks against Taiwanese businesses and government agencies.
darkreading – Read More
New ClickFix Malware Variant ‘LightPerlGirl’ Targets Users in Stealthy Hack
/in General NewsResearchers identify a previously unknown ClickFix variant exploiting PowerShell and clipboard hijacking to deliver the Lumma infostealer via a compromised travel site.
The post New ClickFix Malware Variant ‘LightPerlGirl’ Targets Users in Stealthy Hack appeared first on SecurityWeek.
SecurityWeek – Read More
Scattered Spider Aims at US Insurers After UK Retail Hit, Google Warns
/in General NewsScattered Spider targets US insurance firms after UK retail attacks, using social engineering to breach help desks and disrupt services, Google warns.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Google Chrome Zero-Day CVE-2025-2783 Exploited by TaxOff to Deploy Trinper Backdoor
/in General NewsA now-patched security flaw in Google Chrome was exploited as a zero-day by a threat actor known as TaxOff to deploy a backdoor codenamed Trinper.
The attack, observed in mid-March 2025 by Positive Technologies, involved the use of a sandbox escape vulnerability tracked as CVE-2025-2783 (CVSS score: 8.3).
Google addressed the flaw later that month after Kaspersky reported in-the-wild
The Hacker News – Read More
Pro-Cambodian hacktivists launch attacks on Thai government sites amid border dispute
/in General NewsThe AnonsecKh group, which goes by Bl4ckCyb3r on Telegram, claimed at least 73 attacks on Thai organizations in the two weeks following a May 28 incident in which a Cambodian soldier was killed in a skirmish with Thai forces.
The Record from Recorded Future News – Read More
ChatGPT can now connect to MCP servers – here’s how, and what to watch for
/in General NewsEmployees can access company data through the chatbot. OpenAI cautions users to review their tools for sensitive information.
Latest stories for ZDNET in Security – Read More
Why SMS two-factor authentication codes aren’t safe and what to use instead
/in General NewsA million two-factor authentication codes sent via SMS passed through an obscure third-party company. Here’s how it happened and why it’s a problem.
Latest stories for ZDNET in Security – Read More