BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Attackers Hijack Exposed AI Endpoints to Power Offensive Ops
/in General NewsAttackers don’t need any special authentication to reach a target endpoint — they just need to know where it is.
darkreading – Read More
China-Linked Group Targets Southeast Asia Critical Systems
/in General NewsThe group compromised at least 10 regional organizations, including two state-owned entities, and deployed a new backdoor.
darkreading – Read More
Citrix Patches Six NetScaler Flaws Allowing File Read and Denial-of-Service
/in General NewsCitrix on Tuesday released security updates to address multiple flaws in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) that could be exploited by an attacker to facilitate arbitrary file reads or trigger a denial-of-service (DoS) condition.
The vulnerabilities are listed below –
CVE-2026-8451 (CVSS score: 8.8) – An insufficient input validation
The Hacker News – Read More
I brought a Bose, Sony, and JBL speaker to the beach – this one’s my new outdoor essential
/in General NewsAll three brands make great Bluetooth speakers, but an unpredictable beach environment exposes their true strengths and weaknesses.
Latest news – Read More
How I turned my old Android phone into a dashcam for free – in 5 easy steps
/in General NewsWant a dashcam? Before buying one, repurpose an old phone. It’s free, takes minutes, and works well.
Latest news – Read More
Netflix vs. Peacock: I’ve subscribed to both streaming services for years – this one’s more worth it
/in General NewsNetflix has award-winning originals and a smart algorithm, but Peacock counters with live sports and a lower price.
Latest news – Read More
CIA chief highlights major shifts in agency’s tech approach
/in General NewsCIA Director John Ratcliffe said artificial intelligence capabilities are “akin to digital nuclear weapons.”
The Record from Recorded Future News – Read More
RustDuck Botnet Rebuilds in Rust to Hijack Routers and Servers for DDoS
/in General NewsA new two-stage malware family called RustDuck is hijacking home routers, IP cameras, Android boxes, and poorly secured servers, then stitching them into a network built to knock websites and online services offline.
Researchers at QiAnXin’s XLab have tracked it since February 2026, and say the real story is not how big it is today, but how fast it is changing.
The end goal is a
The Hacker News – Read More
Microsoft Warns Poisoned MCP Tool Descriptions Can Make AI Agents Leak Data
/in General NewsNew Microsoft research shows how attackers can hijack AI agents that act on a user’s behalf, using nothing more than a poisoned tool description to make the agent quietly hand over company data to an outsider.
The trick is that the agent never breaks a rule. Every step looks routine, so in a default setup no alarm may fire.
The work comes from Microsoft Incident Response and its
The Hacker News – Read More
Modern Enterprises: How to Evaluate the Security and Compliance of Office Software
/in General NewsLearn how modern businesses can judge office software for ISO 27001 certification, GDPR-aligned data handling, encryption, and safer PDF workflows with clarity.
Hackread – Cybersecurity News, Data Breaches, AI and More – Read More