BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
[wp-rss-aggregator feeds="kitploit" limit="10" pagination="off"]
Exploit DB
[wp-rss-aggregator feeds="exploit-db" limit="10" pagination="off"]
Latest news and insights on Security
EncryptHub Targets Web3 Developers Using Fake AI Platforms to Deploy Fickle Stealer Malware
/in General NewsThe financially motivated threat actor known as EncryptHub (aka LARVA-208 and Water Gamayun) has been attributed to a new campaign that’s targeting Web3 developers to infect them with information stealer malware.
“LARVA-208 has evolved its tactics, using fake AI platforms (e.g., Norlax AI, mimicking Teampilot) to lure victims with job offers or portfolio review requests,” Swiss cybersecurity
The Hacker News – Read More
SquidLoader Malware Campaign Hits Hong Kong Financial Firms
/in General NewsTrellix exposes SquidLoader malware targeting Hong Kong, Singapore, and Australia’s financial service institutions. Learn about its advanced evasion tactics and stealthy attacks.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the Wild – No Patch Available
/in General NewsEnterprises running SharePoint servers should not wait for a fix for CVE-2025-53770 and should commence threat hunting to search for compromise immediately.
The post SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the Wild – No Patch Available appeared first on SecurityWeek.
SecurityWeek – Read More
Chinese Groups Launder $580M in India Using Fake Apps and Mule Accounts
/in General NewsCloudSEK’s new report uncovers how Chinese cyber syndicates are laundering over $600 million annually in India. Learn about…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Critical Unpatched SharePoint Zero-Day Actively Exploited, Breaches 75+ Global Organizations
/in General NewsA critical security vulnerability in Microsoft SharePoint Server has been weaponized as part of an “active, large-scale” exploitation campaign.
The zero-day flaw, tracked as CVE-2025-53770 (CVSS score: 9.8), has been described as a variant of CVE-2025-49706 (CVSS score: 6.3), a spoofing bug in Microsoft SharePoint Server that was addressed by the tech giant as part of its July 2025 Patch Tuesday
The Hacker News – Read More
Malware Injected into 6 npm Packages After Maintainer Tokens Stolen in Phishing Attack
/in General NewsCybersecurity researchers have alerted to a supply chain attack that has targeted popular npm packages via a phishing campaign designed to steal the project maintainers’ npm tokens.
The captured tokens were then used to publish malicious versions of the packages directly to the registry without any source code commits or pull requests on their respective GitHub repositories.
The list of affected
The Hacker News – Read More
This Apple Watch model is my favorite and I use it daily – right now, it’s over 30% off
/in General NewsI love the Apple Watch SE (2nd Gen) for its basic features and fair price, and it’s currently on sale at Walmart.
Latest news – Read More
Apple’s latest iPad hit a new low price at Walmart – and it’s available in every color
/in General NewsApple’s 11th-generation iPad is available for $50 off. This deal applies to every color and storage size option.
Latest news – Read More
Microsoft says it will no longer use engineers in China for Department of Defense work
/in General NewsFollowing a Pro Publica report that Microsoft was using engineers in China to help maintain cloud computing systems for the U.S. Department of Defense, the company said it’s made changes to ensure this will no longer happen.
Security News | TechCrunch – Read More
At Least 750 US Hospitals Faced Disruptions During Last Year’s CrowdStrike Outage, Study Finds
/in General NewsOf those, more than 200 appear to have had outages of services related to patient care following CrowdStrike’s disastrous crash, researchers have revealed.
Security Latest – Read More