BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
How Pirated Software Turns Helpful Employees Into Malware Delivery Agents
/in General NewsEmployees seeking free versions of paid software may unknowingly install malware-laced “cracked” apps that can steal credentials, deploy cryptominers, or open the door to ransomware.
The post How Pirated Software Turns Helpful Employees Into Malware Delivery Agents appeared first on SecurityWeek.
SecurityWeek – Read More
LastPass Warns of New Phishing Campaign
/in General NewsThe attackers are sending out fake alerts claiming unauthorized access or master password changes.
The post LastPass Warns of New Phishing Campaign appeared first on SecurityWeek.
SecurityWeek – Read More
Optimum will give you fiber internet for $25 a month – here’s how to qualify
/in General NewsOptimum’s new ‘$25 for 5’ offer locks in broadband internet at an affordable price. Here are the details.
Latest news – Read More
Global Coalition Publishes 6G Security and Resilience Principles
/in General NewsThe principles cover security, resilience against attacks and disasters, AI, and openness and interoperability.
The post Global Coalition Publishes 6G Security and Resilience Principles appeared first on SecurityWeek.
SecurityWeek – Read More
Critical FreeScout Vulnerability Leads to Full Server Compromise
/in General NewsA patch bypass for an authenticated code execution bug, the flaw leads to zero-click remote code execution attacks.
The post Critical FreeScout Vulnerability Leads to Full Server Compromise appeared first on SecurityWeek.
SecurityWeek – Read More
Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux
/in General NewsCybersecurity researchers have flagged malicious Packagist PHP packages masquerading as Laravel utilities that act as a conduit for a cross-platform remote access trojan (RAT) that’s functional on Windows, macOS, and Linux systems.
The names of the packages are listed below –
nhattuanbl/lara-helper (37 Downloads)
nhattuanbl/simple-queue (29 Downloads)
nhattuanbl/lara-swagger (49 Downloads)
The Hacker News – Read More
APT41-Linked Silver Dragon Targets Governments Using Cobalt Strike and Google Drive C2
/in General NewsCybersecurity researchers have disclosed details of an advanced persistent threat (APT) group dubbed Silver Dragon that has been linked to cyber attacks targeting entities in Europe and Southeast Asia since at least mid-2024.
“Silver Dragon gains its initial access by exploiting public-facing internet servers and by delivering phishing emails that contain malicious attachments,” Check Point said
The Hacker News – Read More
VMware Aria Operations Vulnerability Exploited in the Wild
/in General NewsThe recently patched CVE-2026-22719 can be exploited by an unauthenticated attacker for remote code execution.
The post VMware Aria Operations Vulnerability Exploited in the Wild appeared first on SecurityWeek.
SecurityWeek – Read More
CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog
/in General NewsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed security flaw impacting Broadcom VMware Aria Operations to its Known Exploited Vulnerabilities (KEV) catalog, citing active exploitation in the wild.
The high-severity vulnerability, CVE-2026-22719 (CVSS score: 8.1), has been described as a case of command injection that could allow an
The Hacker News – Read More
Is that message spam or real? This Android trick helps you ID the scams
/in General NewsAre your chats and DMs flooded with scams? If you have a Pixel or Galaxy phone, Circle to Search can come to the rescue. Here’s how.
Latest news – Read More