BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
[wp-rss-aggregator feeds="kitploit" limit="10" pagination="off"]
Exploit DB
[wp-rss-aggregator feeds="exploit-db" limit="10" pagination="off"]
Latest news and insights on Security
Critical Windows Server 2025 dMSA Vulnerability Enables Active Directory Compromise
/in General NewsA privilege escalation flaw has been demonstrated in Windows Server 2025 that makes it possible for attackers to compromise any user in Active Directory (AD).
“The attack exploits the delegated Managed Service Account (dMSA) feature that was introduced in Windows Server 2025, works with the default configuration, and is trivial to implement,” Akamai security researcher Yuval Gordon said in a
The Hacker News – Read More
Chinese Hackers Exploit Ivanti EPMM Bugs in Global Enterprise Network Attacks
/in General NewsA recently patched pair of security flaws affecting Ivanti Endpoint Manager Mobile (EPMM) software has been exploited by a China-nexus threat actor to target a wide range of sectors across Europe, North America, and the Asia-Pacific region.
The vulnerabilities, tracked as CVE-2025-4427 (CVSS score: 5.3) and CVE-2025-4428 (CVSS score: 7.2), could be chained to execute arbitrary code on a
The Hacker News – Read More
Experts Chart Path to Creating Safer Online Spaces for Women
/in General NewsGaps in laws, technology, and corporate accountability continue to put women’s safety and privacy online at risk.
darkreading – Read More
Keeping LLMs on the Rails Poses Design, Engineering Challenges
/in General NewsDespite adding alignment training, guardrails, and filters, large language models continue to jump their imposed rails and give up secrets, make unfiltered statements, and provide dangerous information.
darkreading – Read More
Marlboro-Chesterfield Pathology Data Breach Impacts 235,000 People
/in General NewsMarlboro-Chesterfield Pathology has been targeted by the SafePay ransomware group, which stole personal information from its systems.
The post Marlboro-Chesterfield Pathology Data Breach Impacts 235,000 People appeared first on SecurityWeek.
SecurityWeek – Read More
19-Year-Old Admits to PowerSchool Data Breach Extortion
/in General NewsA 19-year-old college student faces charges after pleading guilty to cyber extortion targeting PowerSchool, exposing data of 60…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Identity Security Has an Automation Problem—And It’s Bigger Than You Think
/in General NewsFor many organizations, identity security appears to be under control. On paper, everything checks out. But new research from Cerby, based on insights from over 500 IT and security leaders, reveals a different reality: too much still depends on people—not systems—to function. In fact, fewer than 4% of security teams have fully automated their core identity workflows.
Core workflows, like
The Hacker News – Read More
Taming the Hacker Storm: Why Millions in Cybersecurity Spending Isn’t Enough
/in General NewsDespite massive investment, the explosion of sophisticated malware and deepfake attacks persists because organizations struggle to verify digital identities and establish fundamental trust.
The post Taming the Hacker Storm: Why Millions in Cybersecurity Spending Isn’t Enough appeared first on SecurityWeek.
SecurityWeek – Read More
Cisco Patches High-Severity DoS, Privilege Escalation Vulnerabilities
/in General NewsCisco published 10 security advisories detailing over a dozen vulnerabilities, including two high-severity flaws in its Identity Services Engine (ISE) and Unified Intelligence Center.
The post Cisco Patches High-Severity DoS, Privilege Escalation Vulnerabilities appeared first on SecurityWeek.
SecurityWeek – Read More
Signal’s new Windows update prevents the system from capturing screenshots of chats
/in General NewsSignal said today that it is updating its Windows app to prevent the system from capturing screenshots, thereby protecting the content that is on display. The company said that this new “screen security” setting is enabled by default on Windows 11. Signal said that this new feature is designed to protect users’ privacy from Microsoft’s […]
Security News | TechCrunch – Read More