BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
[wp-rss-aggregator feeds="kitploit" limit="10" pagination="off"]
Exploit DB
[wp-rss-aggregator feeds="exploit-db" limit="10" pagination="off"]
Latest news and insights on Security
AI ‘Nudify’ Websites Are Raking in Millions of Dollars
/in General NewsMillions of people are accessing harmful AI “nudify” websites. New analysis says the sites are making millions and rely on tech from US companies.
Security Latest – Read More
Hackers Inject Malware Into Gravity Forms WordPress Plugin
/in General NewsTwo Gravity Forms WordPress plugin versions available on the official download page were injected with malware in a supply chain attack.
The post Hackers Inject Malware Into Gravity Forms WordPress Plugin appeared first on SecurityWeek.
SecurityWeek – Read More
CBI Shuts Down £390K U.K. Tech Support Scam, Arrests Key Operatives in Noida Call Center
/in General NewsIndia’s Central Bureau of Investigation (CBI) has announced that it has taken steps to dismantle what it said was a transnational cybercrime syndicate that carried out “sophisticated” tech support scams targeting citizens of Australia and the United Kingdom.
The fraudulent scheme is estimated to have led to losses worth more than £390,000 ($525,000) in the United Kingdom alone.
The law
The Hacker News – Read More
eSIM Vulnerability in Kigen’s eUICC Cards Exposes Billions of IoT Devices to Malicious Attacks
/in General NewsCybersecurity researchers have discovered a new hacking technique that exploits weaknesses in the eSIM technology used in modern smartphones, exposing users to severe risks.
The issues impact the Kigen eUICC card. According to the Irish company’s website, more than two billion SIMs in IoT devices have been enabled as of December 2020.
The findings come from Security Explorations, a research lab
The Hacker News – Read More
Thirteen Romanians Arrested for Phishing the UK’s Tax Service
/in General NewsInvestigators from HMRC joined more than 100 Romanian police officers to arrest the 13 Romanian suspects in the counties of Ilfov, Giurgiu and Calarasi.
The post Thirteen Romanians Arrested for Phishing the UK’s Tax Service appeared first on SecurityWeek.
SecurityWeek – Read More
Your Simple Guide: How to Use Filmora’s Planar Tracker for Awesome Video Edits
/in General NewsEasily stick logos, text, or graphics onto moving surfaces with Filmora’s planar tracker. Just read this article to know how!
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Critical Vulnerability Exposes Fortinet FortiWeb to Full Takeover (CVE-2025-25257)
/in General NewsWatchTowr Labs reveals CVE-2025-25257, a critical FortiWeb SQL injection allowing unauthenticated remote code execution. Patch your FortiWeb 7.0,…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
GPUHammer: New RowHammer Attack Variant Degrades AI Models on NVIDIA GPUs
/in General NewsNVIDIA is urging customers to enable System-level Error Correction Codes (ECC) as a defense against a variant of a RowHammer attack demonstrated against its graphics processing units (GPUs).
“Risk of successful exploitation from RowHammer attacks varies based on DRAM device, platform, design specification, and system settings,” the GPU maker said in an advisory released this week.
Dubbed
The Hacker News – Read More
Grok-4 Falls to a Jailbreak Two days After Its Release
/in General NewsThe latest release of the xAI LLM, Grok-4, has already fallen to a sophisticated jailbreak.
The post Grok-4 Falls to a Jailbreak Two days After Its Release appeared first on SecurityWeek.
SecurityWeek – Read More
Over 600 Laravel Apps Exposed to Remote Code Execution Due to Leaked APP_KEYs on GitHub
/in General NewsCybersecurity researchers have discovered a serious security issue that allows leaked Laravel APP_KEYs to be weaponized to gain remote code execution capabilities on hundreds of applications.
“Laravel’s APP_KEY, essential for encrypting sensitive data, is often leaked publicly (e.g., on GitHub),” GitGuardian said. “If attackers get access to this key, they can exploit a deserialization flaw to
The Hacker News – Read More