BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Langflow RCE Exploited to Deploy Monero Miner on Exposed AI App Endpoints
/in General NewsThreat actors are continuing to exploit a critical Langflow vulnerability as part of fresh attacks designed to deliver a Monero cryptocurrency miner.
The activity has been found to weaponize CVE-2026-33017 (CVSS score: 9.3), an unauthenticated remote code execution (RCE) vulnerability in Langflow, indicating threat actors are scanning and targeting exposed artificial intelligence (AI)
The Hacker News – Read More
New EvilTokens Attack Exposes Browser Visibility Gap in Enterprise SOCs
/in General NewsEvilTokens phishing hides takeover clues until browser execution leaving SOC teams needing deeper visibility to validate threats faster and reduce account risk.
Hackread – Cybersecurity News, Data Breaches, AI and More – Read More
Reflectiz to Host Webinar, Joined by Taboola, on Securing Third-Party Marketing in the AI Era
/in General NewsBoston, Massachusetts, 30th June 2026, CyberNewswire
Hackread – Cybersecurity News, Data Breaches, AI and More – Read More
Hackers Use Fake FIFA World Cup 2026 T-Shirt Offers to Spread Voidrift Malware
/in General NewsA fake FIFA World Cup 2026 T-shirt giveaway scam is spreading Voidrift malware through personalized emails using company logos and trusted websites to bypass security filters.
Hackread – Cybersecurity News, Data Breaches, AI and More – Read More
NDSS Symposium Heads to Seoul in 2027 to Expand Global Cybersecurity Collaboration
/in General NewsDC, United States, 30th June 2026, CyberNewswire
Hackread – Cybersecurity News, Data Breaches, AI and More – Read More
Silent Swap Crypto Clipper Uses Fake Google Notes Extension to Replace Wallet Addresses
/in General NewsCybersecurity researchers have flagged an active browser extension campaign that is designed to steal cryptocurrency by stealthily replacing wallet addresses when unsuspecting users initiate a transaction.
The cryptocurrency clipper activity has been codenamed Silent Swap by McAfee Labs.
“The campaign is delivered through unsigned installers – observed in both .NET and Golang variants – that
The Hacker News – Read More
Apple rushed to squash 29 bugs because AI is supercharging hackers – update ASAP
/in General NewsSoftware updates are rolling out now for iPhone, iPad, and Mac, bringing fixes that weren’t supposed to arrive so soon. Here’s why.
Latest news – Read More
BlueHammer Vulnerability Exploited in Ransomware Attacks
/in General NewsThe Microsoft Defender vulnerability CVE-2026-33825 was exploited in the wild as a zero-day before patches were released.
The post BlueHammer Vulnerability Exploited in Ransomware Attacks appeared first on SecurityWeek.
SecurityWeek – Read More
61% of US adults use AI for health information now – up from 2% in 2024
/in General NewsPatients are also three times more likely to trust AI in their doctor’s secure portal than a public chatbot.
Latest news – Read More
Decades-Old Bash Tricks Expose AI Coding Agents to Supply Chain Attacks
/in General NewsDecades-old Bash shell tricks can bypass safeguards in most open source AI coding agents, potentially turning malicious repositories into supply chain attack vectors.
The post Decades-Old Bash Tricks Expose AI Coding Agents to Supply Chain Attacks appeared first on SecurityWeek.
SecurityWeek – Read More