BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
ThreatsDay: AI Compute Hijacking, Apple Email Flaw, BlueHammer Ransomware + 14 Stories
/in General NewsThis week’s security news is mostly about weak spots.
Browsers, bots, sandboxes, AI systems, and email flows all show the same problem in different ways. Everything looks normal until someone tests a small gap and finds a way through.
This is not one big break. It is small permissions, weak checks, open systems, and normal tools doing things they were allowed to do. That same pattern runs
The Hacker News – Read More
I’ve been reviewing laptops for years: These are the 15+ best July 4th laptop deals
/in General NewsThe Fourth of July weekend brings tons of sales on top laptops we’ve reviewed, from Apple, Acer, Lenovo, and more.
Latest news – Read More
ToddyCat-Linked Umbrij Malware Abuses OAuth to Access Gmail via Google API
/in General NewsThe threat actor known as ToddyCat has been attributed to a new malware called Umbrij that’s designed to gain surreptitious access to a victim’s email correspondence via the Google API.
“In this campaign, the attackers focused their attention on corporate email communications hosted on Gmail, targeting access compromise via APIs,” Kaspersky said in a detailed report published this week. ”
The Hacker News – Read More
HP’s new OmniBook is a smart buy in this economy – here’s what convinced me
/in General NewsHP’s OmniBook Ultra 14 combines a sleek design and OLED display with the kind of performance professionals appreciate.
Latest news – Read More
How to Conduct a Successful Audit of AI-Driven Software Development
/in General NewsAs AI-generated code becomes commonplace, CISOs need new audit strategies to measure developer practices, govern AI tool usage, and identify software risks before they reach production.
The post How to Conduct a Successful Audit of AI-Driven Software Development appeared first on SecurityWeek.
SecurityWeek – Read More
CISA Warns of Actively Exploited Microsoft SharePoint Vulnerability
/in General NewsCISA says threat actors are exploiting a recently patched SharePoint remote code execution vulnerability (CVE-2026-45659).
The post CISA Warns of Actively Exploited Microsoft SharePoint Vulnerability appeared first on SecurityWeek.
SecurityWeek – Read More
Sysdig Details JADEPUFFER, the First Documented Agentic Ransomware Operation
/in General NewsA new Sysdig report traces how an LLM agent abused a Langflow flaw, stole credentials, reached production MySQL, and destroyed Nacos config data in minutes flat.
Hackread – Cybersecurity News, Data Breaches, AI and More – Read More
Cisco Confirms In-the-Wild Exploitation of Unified CM Vulnerability
/in General NewsA PoC exploit has been available since public disclosure, and the first exploitation attempts were observed last week.
The post Cisco Confirms In-the-Wild Exploitation of Unified CM Vulnerability appeared first on SecurityWeek.
SecurityWeek – Read More
‘BioShocking’ Attack Tricks AI Browsers Into Stealing Credentials
/in General NewsResearchers show how context manipulation can cause agentic browsers to abandon safety guardrails and exfiltrate sensitive credentials.
The post ‘BioShocking’ Attack Tricks AI Browsers Into Stealing Credentials appeared first on SecurityWeek.
SecurityWeek – Read More
Trump Administration Lifts Restrictions on Anthropic’s Claude Models After Cybersecurity Alarm
/in General NewsAnthropic said Tuesday night that its AI model called Claude Fable 5 is now widely available.
The post Trump Administration Lifts Restrictions on Anthropic’s Claude Models After Cybersecurity Alarm appeared first on SecurityWeek.
SecurityWeek – Read More