BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
[wp-rss-aggregator feeds="kitploit" limit="10" pagination="off"]
Exploit DB
[wp-rss-aggregator feeds="exploit-db" limit="10" pagination="off"]
Latest news and insights on Security
The Promise and Peril of Digital Security in the Age of Dictatorship
/in General NewsLGBTIQ+ organizations in El Salvador are using technology to protect themselves and create a record of the country’s ongoing authoritarian escalations against their community. It’s not without risks.
Security Latest – Read More
China Linked Houken Hackers Breach French Systems with Ivanti Zero Days
/in General NewsANSSI report details the Chinese UNC5174 linked Houken cyberattack using Ivanti zero-days (CVE-2024-8190, 8963, 9380) against the French government, defence and finance sector.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Ethereum’s Pivotal Role in Decentralized Finance Evolution
/in General NewsOnce upon a time, say, 2016, Ethereum was a curious new arrival in the crypto space. It promised…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
LLMs are on their way to becoming our greatest security vulnerability
/in General NewsLLMs are currently transforming all fields and are being weaponized by cyber attackers. In a brief span of time, GenAI has left its mark on cybersecurity as well. While gaining traction, its use in software development unfortunately has a detrimental effect on each iteration. Security is often overlooked in generated code, leading to more vulnerabilities than in intentionally secure code.
Source
Alex Macra – Read More
Critical Cisco Vulnerability in Unified CM Grants Root Access via Static Credentials
/in General NewsCisco has released security updates to address a maximum-severity security flaw in Unified Communications Manager (Unified CM) and Unified Communications Manager Session Management Edition (Unified CM SME) that could permit an attacker to login to a susceptible device as the root user, allowing them to gain elevated privileges.
The vulnerability, tracked as CVE-2025-20309, carries a CVSS score
The Hacker News – Read More
Qantas Airlines Breached, Impacting 6M Customers
/in General NewsPassengers’ personal information was likely accessed via a third-party platform used at a call center, but didn’t include passport or credit card info.
darkreading – Read More
US Treasury Sanctions BPH Provider Aeza Group
/in General NewsIn the past, the bulletproof group has been affiliated with many well-known ransomware and malware groups, such as BianLian and Lumma Stealer.
darkreading – Read More
Russian APT ‘Gamaredon’ Hits Ukraine With Fierce Phishing
/in General NewsA Russian APT known as “Gamaredon” is using spear-phishing attacks and network-drive weaponization to target government entities in Ukraine.
darkreading – Read More
Initial Access Broker Self-Patches Zero Days as Turf Control
/in General NewsA likely China-nexus threat actor has been exploiting unpatched Ivanti vulnerabilities to gain initial access to victim networks and then patching the systems to block others from breaking in to the same network.
darkreading – Read More
Phishers built fake Okta and Microsoft 365 login sites with AI – here’s how to protect yourself
/in General NewsOkta researchers found hackers could make a phishing site with AI in just 30 seconds. Here’s how to protect your business.
Latest stories for ZDNET in Security – Read More