BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
European Organizations Have a Collaboration Security Confidence Gap
/in General NewsA new survey shows security leaders have an inflated sense of safety regarding their collaboration tools and platforms.
darkreading – Read More
8Layers Raises $2.9 Million for Identity Security Platform
/in General NewsThe Spanish startup has closed an extended pre-seed funding round two months after launching its digital identity protection platform.
The post 8Layers Raises $2.9 Million for Identity Security Platform appeared first on SecurityWeek.
SecurityWeek – Read More
GhostApproval Symlink Flaws Could Let Malicious Repos Run Code in AI Coding Agents
/in General NewsResearchers at Wiz found that a flaw in six popular AI coding assistants lets a booby-trapped code project quietly take control of a developer’s computer. The assistant asks permission to edit one harmless-looking file, but the write lands on a sensitive one instead.
The affected tools are Amazon Q Developer, Anthropic’s Claude Code, Augment, Cursor, Google Antigravity, and Windsurf.
The Hacker News – Read More
Fake 7-Zip Installers Turn Devices Into Residential Proxy Nodes
/in General NewsCybersecurity researchers have disclosed details of a new threat actor dubbed Lurking Lizard that has been operating an end-to-end malicious residential proxy business using an infrastructure comprising more than 230 lookalike domains.
The activity dates back to at least August 2022, according to DNS threat intelligence firm Infoblox. Once such campaign, observed earlier this year, involved the
The Hacker News – Read More
Top AI Agents Built to Catch Malicious Code Can Be Tricked Into Running It
/in General NewsAsk an AI coding agent to scan open-source code for security holes, and it might run the attacker’s code on your own machine instead.
That is the finding in a proof-of-concept published Wednesday by the AI Now Institute, an attack it calls “Friendly Fire.” It works against Anthropic’s Claude Code and OpenAI’s Codex when either is running in an autonomous mode that approves its own
The Hacker News – Read More
Unpatched Backdoor in Tenda Firmware Grants Admin Access to Devices
/in General NewsTracked as CVE-2026-11405, the vulnerability allows unauthenticated attackers to access a device’s web management interface.
The post Unpatched Backdoor in Tenda Firmware Grants Admin Access to Devices appeared first on SecurityWeek.
SecurityWeek – Read More
Iris Recognition vs Fingerprint: Which Biometric Wins in 2026?
/in General NewsCompare iris recognition and fingerprint biometrics in 2026, from accuracy and speed to security, privacy, and where each technology works best.
Hackread – Cybersecurity News, Data Breaches, AI and More – Read More
Cash App owner to pay $45 million to settle allegations of lax security
/in General NewsState attorneys general announced the bipartisan agreement with Block, Inc. on Wednesday, saying that the company incorrectly promised users that Cash App offered the same protections as a bank.
The Record from Recorded Future News – Read More
‘I’m not a programmer’ anymore: Linus Torvalds on the only two tools he uses now
/in General NewsAt the Open Source Summit in Mumbai, Torvalds discusses the pain and power of AI in the kernel, and why Linux no longer supports ‘museum’ technology.
Latest news – Read More
Lone Attacker Uses AI to Breach AWS Cloud Environment in 72 Hours
/in General NewsThe attacker exploited AI workflows, chained cloud weaknesses, and stolen credentials to extort a large Amazon customer.
darkreading – Read More