BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
[wp-rss-aggregator feeds="kitploit" limit="10" pagination="off"]
Exploit DB
[wp-rss-aggregator feeds="exploit-db" limit="10" pagination="off"]
Latest news and insights on Security
High-Severity Vulnerability Patched in VMware Fusion
/in General NewsThe patch was announced as Broadcom is attending the Pwn2Own hacking competition in Berlin this week.
The post High-Severity Vulnerability Patched in VMware Fusion appeared first on SecurityWeek.
SecurityWeek – Read More
10 Google Maps settings I immediately change on every new phone – and why
/in General NewsGoogle Maps is great right after install, but I like to tighten my privacy and enable a few features to make it better.
Latest news – Read More
18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE
/in General NewsCybersecurity researchers have disclosed multiple security vulnerabilities impacting NGINX Plus and NGINX Open, including a critical flaw that remained undetected for 18 years.
The vulnerability, discovered by depthfirst, is a heap buffer overflow issue impacting ngx_http_rewrite_module (CVE-2026-42945, CVSS v4 score: 9.2) that could allow an attacker to achieve remote code execution or cause a
The Hacker News – Read More
New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption
/in General NewsDetails have emerged about a new variant of the recent Dirty Frag Linux local privilege escalation (LPE) vulnerability that allows local attackers to gain root access, making it the third such bug to be identified in the kernel within a span of two weeks.
Codenamed Fragnesia, the security vulnerability is tracked as CVE-2026-46300 (CVSS score: 7.8) and is rooted in the Linux kernel’s XFRM
The Hacker News – Read More
Researcher Drops YellowKey, GreenPlasma Windows Zero-Days
/in General NewsYellowKey is a BitLocker bypass that requires physical access. GreenPlasma enables elevation of privileges to System.
The post Researcher Drops YellowKey, GreenPlasma Windows Zero-Days appeared first on SecurityWeek.
SecurityWeek – Read More
TeamPCP Claims Sale of Mistral AI Repositories Amid Mini Shai-Hulud Attack
/in General NewsTeamPCP claims to be selling alleged Mistral AI repositories on a hacker forum after the Mini Shai-Hulud attack targeted npm and PyPI ecosystems.
Hackread – Cybersecurity News, Data Breaches, AI and More – Read More
You may qualify for Amazon Prime at 50% off without even knowing – here’s how
/in General NewsThere are a couple of lesser-known ways to get Amazon Prime at a discount right now. I break down the details.
Latest news – Read More
I’m following the 60-60 rule for headphone listening, and my future self will thank me for it
/in General NewsWearing headphones every day has a greater effect on your ears than you might think. But your devices likely have features to help.
Latest news – Read More
Tables Turn on ‘The Gentlemen’ RaaS Gang With Data Leak
/in General NewsAn OPSEC failure provides a window into what helped the ransomware group rise: a generous affiliate model, opportunistic TTPs, and an effective organizational structure.
darkreading – Read More
Adobe Express vs Canva: Which design tool is better?
/in General NewsI tested Adobe Express and Canva to compare value and workflow fit so you can choose the right design tool for your needs.
Latest news – Read More