BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
[wp-rss-aggregator feeds="kitploit" limit="10" pagination="off"]
Exploit DB
[wp-rss-aggregator feeds="exploit-db" limit="10" pagination="off"]
Latest news and insights on Security
Silent Ransom Group Uses Fast Flux Botnet to Hide Law Firm Leak Sites
/in General NewsCybersecurity firm Resecurity reports Silent Ransom Group is using a fast flux botnet to hide data leak sites while targeting law firms with theft and vishing.
Hackread – Cybersecurity News, Data Breaches, AI and More – Read More
Massachusetts votes to pass new privacy rights bill that bans sale of precise location data
/in General NewsThe bill is expected to blanket ban companies and startups from selling people’s precise location data across the state.
Security News | TechCrunch – Read More
Instagram Glitch Reportedly Exposed Contact Info of Zuckerberg and Other Users
/in General NewsInstagram glitch exposed Mark Zuckerberg’s email addresses and phone number, plus contact details of other top users, through a password reset flaw.
Hackread – Cybersecurity News, Data Breaches, AI and More – Read More
Silent Ransom Group Uses DNS Fast Flux in Attacks
/in General NewsFocusing on hacking law firms in the US, the ransomware group relies on fast flux to hide its C&C infrastructure.
The post Silent Ransom Group Uses DNS Fast Flux in Attacks appeared first on SecurityWeek.
SecurityWeek – Read More
VerdantBamboo Deploys BSD Variant of BRICKSTORM on Linux Appliances
/in General NewsA China-nexus cyber espionage group has been observed deploying a BSD variant of a known backdoor called BRICKSTORM, as well as two other malware families codenamed PLENET (aka GRIMBOLT) and AGENTPSD to target Linux systems.
The activity has been attributed by Volexity to a threat cluster it tracks as VerdantBamboo, which it said overlaps with hacking groups known as Clay Typhoon (Microsoft),
The Hacker News – Read More
Instagram Recovery Tool Bug Exposed 20,225 Accounts to Password Reset Abuse
/in General NewsMeta says an Instagram recovery tool bug allowed attackers to abuse password resets, affecting 20,225 accounts and exposing users without 2FA to account takeover risk.
Hackread – Cybersecurity News, Data Breaches, AI and More – Read More
174,000 Impacted by Lansing Community College Data Breach
/in General NewsHackers accessed personal information stored on certain Lansing Community College systems in February 2025.
The post 174,000 Impacted by Lansing Community College Data Breach appeared first on SecurityWeek.
SecurityWeek – Read More
OpenAI Rolling Out ChatGPT Account Security Controls
/in General NewsThe Active Sessions and Lockdown Mode features are being made more broadly available by the AI giant.
The post OpenAI Rolling Out ChatGPT Account Security Controls appeared first on SecurityWeek.
SecurityWeek – Read More
UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion Campaign
/in General NewsCybersecurity researchers have disclosed details of a financially motivated data theft extortion campaign that has targeted dozens of organizations across professional, legal, and financial services in the U.S. between January and May 2026.
The activity has been attributed by Google Mandiant and Google Threat Intelligence Group (GTIG) to a threat actor dubbed UNC3753, which is also known as
The Hacker News – Read More
VS Code Adds 2-Hour Extension Auto-Update Delay to Limit Supply Chain Attacks
/in General NewsMicrosoft has announced that Visual Studio Code (VS Code) will apply a two-hour delay before extensions for the integrated development environment (IDE) are updated automatically to a newer version in an attempt to tackle software supply chain threats.
“When automatic updates are enabled, new versions are auto-updated two hours after they are published, adding an extra layer of protection
The Hacker News – Read More