BackBox News

Latest news and insights on Security

European Organizations Have a Collaboration Security Confidence Gap

European Organizations Have a Collaboration Security Confidence Gap

A new survey shows security leaders have an inflated sense of safety regarding their collaboration tools and platforms.

darkreading – ​Read More

8Layers Raises $2.9 Million for Identity Security Platform

The Spanish startup has closed an extended pre-seed funding round two months after launching its digital identity protection platform.

The post 8Layers Raises $2.9 Million for Identity Security Platform appeared first on SecurityWeek.

SecurityWeek – ​Read More

GhostApproval Symlink Flaws Could Let Malicious Repos Run Code in AI Coding Agents

GhostApproval Symlink Flaws Could Let Malicious Repos Run Code in AI Coding Agents

Researchers at Wiz found that a flaw in six popular AI coding assistants lets a booby-trapped code project quietly take control of a developer’s computer. The assistant asks permission to edit one harmless-looking file, but the write lands on a sensitive one instead.

The affected tools are Amazon Q Developer, Anthropic’s Claude Code, Augment, Cursor, Google Antigravity, and Windsurf.

The Hacker News – ​Read More

Fake 7-Zip Installers Turn Devices Into Residential Proxy Nodes

Fake 7-Zip Installers Turn Devices Into Residential Proxy Nodes

Cybersecurity researchers have disclosed details of a new threat actor dubbed Lurking Lizard that has been operating an end-to-end malicious residential proxy business using an infrastructure comprising more than 230 lookalike domains.

The activity dates back to at least August 2022, according to DNS threat intelligence firm Infoblox. Once such campaign, observed earlier this year, involved the

The Hacker News – ​Read More

Top AI Agents Built to Catch Malicious Code Can Be Tricked Into Running It

Top AI Agents Built to Catch Malicious Code Can Be Tricked Into Running It

Ask an AI coding agent to scan open-source code for security holes, and it might run the attacker’s code on your own machine instead.

That is the finding in a proof-of-concept published Wednesday by the AI Now Institute, an attack it calls “Friendly Fire.” It works against Anthropic’s Claude Code and OpenAI’s Codex when either is running in an autonomous mode that approves its own

The Hacker News – ​Read More

Unpatched Backdoor in Tenda Firmware Grants Admin Access to Devices

Tracked as CVE-2026-11405, the vulnerability allows unauthenticated attackers to access a device’s web management interface.

The post Unpatched Backdoor in Tenda Firmware Grants Admin Access to Devices appeared first on SecurityWeek.

SecurityWeek – ​Read More

Iris Recognition vs Fingerprint: Which Biometric Wins in 2026?

Compare iris recognition and fingerprint biometrics in 2026, from accuracy and speed to security, privacy, and where each technology works best.

Hackread – Cybersecurity News, Data Breaches, AI and More – ​Read More

Cash App owner to pay $45 million to settle allegations of lax security

Cash App owner to pay $45 million to settle allegations of lax security

State attorneys general announced the bipartisan agreement with Block, Inc. on Wednesday, saying that the company incorrectly promised users that Cash App offered the same protections as a bank.

The Record from Recorded Future News – ​Read More

‘I’m not a programmer’ anymore: Linus Torvalds on the only two tools he uses now

At the Open Source Summit in Mumbai, Torvalds discusses the pain and power of AI in the kernel, and why Linux no longer supports ‘museum’ technology.

Latest news – ​Read More

Lone Attacker Uses AI to Breach AWS Cloud Environment in 72 Hours

Lone Attacker Uses AI to Breach AWS Cloud Environment in 72 Hours

The attacker exploited AI workflows, chained cloud weaknesses, and stolen credentials to extort a large Amazon customer.

darkreading – ​Read More

BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.