BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
[wp-rss-aggregator feeds="kitploit" limit="10" pagination="off"]
Exploit DB
[wp-rss-aggregator feeds="exploit-db" limit="10" pagination="off"]
Latest news and insights on Security
CISA Is Shrinking: What Does It Mean for Cyber?
/in General NewsDark Reading Confidential Episode 7: Cyber experts Tom Parker and Jake Williams offer their views on the practical impact of cuts to the US Cybersecurity and Infrastructure Security Agency.
darkreading – Read More
nOAuth Vulnerability Still Affects 9% of Microsoft Entra SaaS Apps Two Years After Discovery
/in General NewsNew research has uncovered continued risk from a known security weakness in Microsoft’s Entra ID, potentially enabling malicious actors to achieve account takeovers in susceptible software-as-a-service (SaaS) applications.
Identity security company Semperis, in an analysis of 104 SaaS applications, found nine of them to be vulnerable to Entra ID cross-tenant nOAuth abuse.
First disclosed by
The Hacker News – Read More
Dire Wolf Ransomware Comes Out Snarling, Bites Technology, Manufacturing
/in General NewsThe emerging group has already gotten its teeth into 16 victims since May with its double extortion tactics, claiming victims in 11 countries, including the US, Thailand, and Taiwan.
darkreading – Read More
Anthropic just made every Claude user a no-code app developer
/in General NewsAnthropic transforms Claude AI into a no-code app development platform with 500 million user-created artifacts, intensifying competition with OpenAI’s Canvas feature as AI companies battle for developer supremacy.Read More
Security News | VentureBeat – Read More
Hundreds of MCP Servers Expose AI Models to Abuse, RCE
/in General NewsThe servers that connect AI with real-world data are occasionally wide-open channels for cyberattacks.
darkreading – Read More
Ransomware attack contributed to patient’s death, says Britain’s NHS
/in General NewsA cybercrime group’s attack against a London-based pathology service last year was one of the “contributing factors” in the death of a patient, U.K. officials said.
The Record from Recorded Future News – Read More
Enterprises must rethink IAM as AI agents outnumber humans 10 to 1
/in General NewsIdentity is the essential control plane for agentic AI security, redefining enterprise defenses amid rising credential-based breaches.Read More
Security News | VentureBeat – Read More
French police reportedly arrest suspected BreachForums administrators
/in General NewsSeveral suspects tied to the cybercrime site BreachForums have been arrested in France, according to a local news report, including alleged administrators known as ShinyHunters and Intelbroker.
The Record from Recorded Future News – Read More
Thousands of SaaS Apps Could Still Be Susceptible to nOAuth
/in General NewsNew research suggests more than 10,000 SaaS apps could remain vulnerable to a nOAuth variant despite the basic issue being disclosed in June 2023.
The post Thousands of SaaS Apps Could Still Be Susceptible to nOAuth appeared first on SecurityWeek.
SecurityWeek – Read More
Citrix Bleed 2 Flaw Enables Token Theft; SAP GUI Flaws Risk Sensitive Data Exposure
/in General NewsCybersecurity researchers have detailed two now-patched security flaws in SAP Graphical User Interface (GUI) for Windows and Java that, if successfully exploited, could have enabled attackers to access sensitive information under certain conditions.
The vulnerabilities, tracked as CVE-2025-0055 and CVE-2025-0056 (CVSS scores: 6.0), were patched by SAP as part of its monthly updates for January
The Hacker News – Read More