BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
[wp-rss-aggregator feeds="kitploit" limit="10" pagination="off"]
Exploit DB
[wp-rss-aggregator feeds="exploit-db" limit="10" pagination="off"]
Latest news and insights on Security
BadCam: New BadUSB Attack Turns Linux Webcams Into Persistent Threats
/in General NewsEclypsium researchers have demonstrated a BadCam attack against Lenovo cameras, but others may be impacted as well.
The post BadCam: New BadUSB Attack Turns Linux Webcams Into Persistent Threats appeared first on SecurityWeek.
SecurityWeek – Read More
WinRAR Zero-Day Under Active Exploitation – Update to Latest Version Immediately
/in General NewsThe maintainers of the WinRAR file archiving utility have released an update to address an actively exploited zero-day vulnerability.
Tracked as CVE-2025-8088 (CVSS score: 8.8), the issue has been described as a case of path traversal affecting the Windows version of the tool that could be exploited to obtain arbitrary code execution by crafting malicious archive files.
“When extracting a file,
The Hacker News – Read More
I tested GPT-5’s coding skills, and it was so bad that I’m sticking with GPT-4o (for now)
/in General NewsIn my latest coding benchmark, GPT-5 stumbled badly, delivering broken plugins, flawed scripts, and confidence-laden wrong answers that could derail projects without careful human oversight. Here’s what to know before you use it.
Latest news – Read More
Security flaws in a carmaker’s web portal let one hacker remotely unlock cars from anywhere
/in General NewsSecurity researcher Eaton Zveare told TechCrunch that the flaws he discovered in the carmaker’s centralized dealer portal exposed vast access to customer and vehicle data. With this access, Zveare said he could remotely take over a customer’s account and unlock their cars, and more.
Security News | TechCrunch – Read More
New Win-DDoS Flaws Let Attackers Turn Public Domain Controllers into DDoS Botnet via RPC, LDAP
/in General NewsA novel attack technique could be weaponized to rope thousands of public domain controllers (DCs) around the world to create a malicious botnet and use it to conduct power distributed denial-of-service (DDoS) attacks.
The approach has been codenamed Win-DDoS by SafeBreach researchers Or Yair and Shahak Morag, who presented their findings at the DEF CON 33 security conference today.
“As we
The Hacker News – Read More
Bouygues Telecom Hit by Cyberattack, 6.4 Million Customers Affected
/in General NewsA cyberattack on Bouygues Telecom exposed data for 6.4 million customers. Find out what information was compromised and…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Researchers Detail Windows EPM Poisoning Exploit Chain Leading to Domain Privilege Escalation
/in General NewsCybersecurity researchers have presented new findings related to a now-patched security issue in Microsoft’s Windows Remote Procedure Call (RPC) communication protocol that could be abused by an attacker to conduct spoofing attacks and impersonate a known server.
The vulnerability, tracked as CVE-2025-49760 (CVSS score: 3.5), has been described by the tech giant as a Windows Storage spoofing bug
The Hacker News – Read More
After researchers unmasked a prolific SMS scammer, a new operation has emerged in its wake
/in General NewsSecurity researchers are now sounding the alarm on a new SMS text message fraud operation, which is surging in popularity — and its ability to steal people’s credit cards — since the demise of its predecessor.
Security News | TechCrunch – Read More
AgentFlayer 0-click exploit abuses ChatGPT Connectors to Steal 3rd-party app data
/in General NewsAgentFlayer is a critical vulnerability in ChatGPT Connectors. Learn how this zero-click attack uses indirect prompt injection to…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
I’ve tested every iPad sold by Apple right now – here’s the model I recommend most
/in General NewsApple’s 11th-generation iPad is still the best and most accessible tablet to date. And at this price, it makes the Pro that much harder to justify.
Latest news – Read More