BackBox News

Latest news and insights on Security

Attackers Hijack Exposed AI Endpoints to Power Offensive Ops

Attackers Hijack Exposed AI Endpoints to Power Offensive Ops

Attackers don’t need any special authentication to reach a target endpoint — they just need to know where it is.

darkreading – ​Read More

China-Linked Group Targets Southeast Asia Critical Systems

China-Linked Group Targets Southeast Asia Critical Systems

The group compromised at least 10 regional organizations, including two state-owned entities, and deployed a new backdoor.

darkreading – ​Read More

Citrix Patches Six NetScaler Flaws Allowing File Read and Denial-of-Service

Citrix Patches Six NetScaler Flaws Allowing File Read and Denial-of-Service

Citrix on Tuesday released security updates to address multiple flaws in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) that could be exploited by an attacker to facilitate arbitrary file reads or trigger a denial-of-service (DoS) condition.

The vulnerabilities are listed below –

CVE-2026-8451 (CVSS score: 8.8) – An insufficient input validation

The Hacker News – ​Read More

I brought a Bose, Sony, and JBL speaker to the beach – this one’s my new outdoor essential

All three brands make great Bluetooth speakers, but an unpredictable beach environment exposes their true strengths and weaknesses.

Latest news – ​Read More

How I turned my old Android phone into a dashcam for free – in 5 easy steps

Want a dashcam? Before buying one, repurpose an old phone. It’s free, takes minutes, and works well.

Latest news – ​Read More

Netflix vs. Peacock: I’ve subscribed to both streaming services for years – this one’s more worth it

Netflix has award-winning originals and a smart algorithm, but Peacock counters with live sports and a lower price.

Latest news – ​Read More

CIA chief highlights major shifts in agency’s tech approach

CIA chief highlights major shifts in agency’s tech approach

CIA Director John Ratcliffe said artificial intelligence capabilities are “akin to digital nuclear weapons.”

The Record from Recorded Future News – ​Read More

RustDuck Botnet Rebuilds in Rust to Hijack Routers and Servers for DDoS

RustDuck Botnet Rebuilds in Rust to Hijack Routers and Servers for DDoS

A new two-stage malware family called RustDuck is hijacking home routers, IP cameras, Android boxes, and poorly secured servers, then stitching them into a network built to knock websites and online services offline.

Researchers at QiAnXin’s XLab have tracked it since February 2026, and say the real story is not how big it is today, but how fast it is changing.

The end goal is a

The Hacker News – ​Read More

Microsoft Warns Poisoned MCP Tool Descriptions Can Make AI Agents Leak Data

Microsoft Warns Poisoned MCP Tool Descriptions Can Make AI Agents Leak Data

New Microsoft research shows how attackers can hijack AI agents that act on a user’s behalf, using nothing more than a poisoned tool description to make the agent quietly hand over company data to an outsider.

The trick is that the agent never breaks a rule. Every step looks routine, so in a default setup no alarm may fire.

The work comes from Microsoft Incident Response and its

The Hacker News – ​Read More

Modern Enterprises: How to Evaluate the Security and Compliance of Office Software

Learn how modern businesses can judge office software for ISO 27001 certification, GDPR-aligned data handling, encryption, and safer PDF workflows with clarity.

Hackread – Cybersecurity News, Data Breaches, AI and More – ​Read More

BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.