BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
New “Bad Epoll” Linux Kernel Flaw Lets Unprivileged Users Gain Root, Hits Android
/in General NewsA newly disclosed Linux kernel flaw called Bad Epoll (CVE-2026-46242) lets an ordinary user with no special access take full control of a machine as root. It affects Linux desktops, servers, and Android, and a fix is out.
Bad Epoll sits in the same small stretch of kernel code where Anthropic’s most powerful AI model, Mythos, recently found a different bug.
The AI caught one flaw and missed
The Hacker News – Read More
New Avalon Malware Framework Packs CrownX Ransomware Capabilities
/in General NewsCybersecurity researchers have discovered a previously undocumented modular malware framework codenamed Avalon that’s distributed by means of a multi-stage phishing chain capable of bypassing traditional security controls.
Avalon combines credential collection, lateral movement, remote access, recovery disruption, and ransomware execution, bringing together diverse functions under one
The Hacker News – Read More
FBI Seizes NetNut Domains as Google Disrupts 2M Device Proxy Network
/in General NewsFBI and Google disrupt NetNut after domains linked to its residential proxy network are seized, exposing abuse of 2 million TVs and streaming devices worldwide.
Hackread – Cybersecurity News, Data Breaches, AI and More – Read More
This GoPro Hero13 Black Action bundle is $100 off (and it’s perfect for documenting summer adventures)
/in General NewsYou can pick up a GoPro camera bundle for under $400 at Best Buy during the July 4th weekend.
Latest news – Read More
North Korea-Linked npm Packages Mimic Rollup Polyfills to Steal Developer Secrets
/in General NewsThreat actors with ties to North Korea have been linked to a fresh set of malicious npm packages that masquerade as Rollup polyfill tooling to facilitate remote access and data theft.
According to JFrog, the packages “rollup-packages-polyfill-core” and “rollup-runtime-polyfill-core” mimic the legitimate “rollup-plugin-polyfill-node” project, down to the description, repository metadata, and
The Hacker News – Read More
My canvas art TV gets endless compliments, and it’s cheaper than Samsung’s Frame TV
/in General NewsThe Hisense Canvas Art TV is on sale for $350 off during July 4th weekend.
Latest news – Read More
In Other News: Canadian Hacker Jailed, Open Source Zero-Days, Two Sentenced for ATM Jackpotting
/in General NewsNoteworthy stories that might have slipped under the radar: Anonymous-linked Canadian hacker jailed, researcher drops zero-days in open source projects, Venezuelans sentenced in the US over ATM jackpotting.
The post In Other News: Canadian Hacker Jailed, Open Source Zero-Days, Two Sentenced for ATM Jackpotting appeared first on SecurityWeek.
SecurityWeek – Read More
Armored Likho Targets Government Agencies, Power Sector with BusySnake Stealer
/in General NewsA previously undocumented threat actor known as Armored Likho has been attributed to cyber attacks targeting government agencies and the electric power sector across Russia, Brazil, and Kazakhstan.
“Armored Likho blends financially motivated campaigns targeting private individuals with targeted cyber espionage aimed at organizations,” Kaspersky said in a technical analysis published today. ”
The Hacker News – Read More
This E Ink tablet replaced my iPad and Kindle – and it’s 30% off on Amazon right now
/in General NewsIf you’re in the market for a tablet, look no further than the TCL Nxtpaper 11 Plus, especially at this price for the Fourth of July.
Latest news – Read More
Chinese LLMs Broaden the Gap Between Attackers & Defenders
/in General NewsTwo new models from Chinese firms compete with top US mainstream and frontier models. Should cyber-defenders be worried?
darkreading – Read More