BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
OttoKit WordPress Plugin Admin Creation Vulnerability Under Active Exploitation
/in General NewsA newly disclosed high-severity security flaw impacting OttoKit (formerly SureTriggers) has come under active exploitation within a few hours of public disclosure.
The vulnerability, tracked as CVE-2025-3102 (CVSS score: 8.1), is an authorization bypass bug that could permit an attacker to create administrator accounts under certain conditions and take control of susceptible websites.
“The
The Hacker News – Read More
Nakasone on Cyber Command, NSA firings and the future of the ‘dual-hat’ relationship
/in General NewsNakasone said he didn’t know “what really occurred” and has not spoken to either Haugh or Noble since the presidential decisions were made, but he lauded both of them as “extraordinary leaders.”
The Record from Recorded Future News – Read More
Zero-Day in CentreStack File Sharing Platform Under Attack
/in General NewsGladinet’s platform is widely used among managed service providers, and a critical deserialization flaw could put MSP customers in jeopardy.
darkreading – Read More
US to sign Pall Mall pact aimed at countering spyware abuses
/in General NewsThe U.S. plans to sign an international agreement designed to govern the use of commercial spyware, the State Department said Thursday.
The Record from Recorded Future News – Read More
npm Malware Targets Atomic and Exodus Wallets to Hijack Crypto Transfers
/in General NewsReversingLabs reveals a malicious npm package targeting Atomic and Exodus wallets, silently hijacking crypto transfers via software patching.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
AuthZEN Aims to Harmonize Fractured Authorization Controls
/in General NewsManaging permissions and authorizations across dozens or hundreds of cloud services and platforms poses significant headaches for companies. An open specification aims to change that.
darkreading – Read More
Ping Identity Doubles Down on Partner Strategy with New Partner Program and Advisory Board
/in General NewsPost Content
darkreading – Read More
Writer unveils ‘AI HQ’ platform, betting on agents to transform enterprise work
/in General NewsWriter unveils AI HQ platform to transform enterprise work with autonomous agents that execute complex workflows across systems, potentially reducing workforce needs while delivering measurable ROI on AI investments.Read More
Security News | VentureBeat – Read More
Open Source Poisoned Patches Infect Local Software
/in General NewsMalicious packages lurking on open source repositories like npm have become less effective, so cyberattackers are using a new strategy: offering “patches” for locally installed programs.
darkreading – Read More
Google Eyes User Browsing Data Search in New Patent Filing
/in General NewsTech giant Google may soon help users find content they’ve previously seen, not by searching the web but by scanning their own digital history.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More