BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
[wp-rss-aggregator feeds="kitploit" limit="10" pagination="off"]
Exploit DB
[wp-rss-aggregator feeds="exploit-db" limit="10" pagination="off"]
Latest news and insights on Security
Netflix just added free party games to your subscription – here’s how to play
/in General NewsThe streaming giant has had video games for years, but these new ones are different. See what’s coming.
Latest news – Read More
Commentary Section Launches New, More Opinionated Era
/in General NewsDark Reading is looking for leading industry experts with a point of view they want to share with the rest of the cybersecurity community for our new Commentary section.
darkreading – Read More
Cisco, Fortinet, Palo Alto Networks Devices Targeted in Coordinated Campaign
/in General NewsGreyNoise has discovered that attacks exploiting Cisco, Fortinet, and Palo Alto Networks vulnerabilities are launched from the same infrastructure.
The post Cisco, Fortinet, Palo Alto Networks Devices Targeted in Coordinated Campaign appeared first on SecurityWeek.
SecurityWeek – Read More
From Detection to Patch: Fortra Reveals Full Timeline of CVE-2025-10035 Exploitation
/in General NewsFortra on Thursday revealed the results of its investigation into CVE-2025-10035, a critical security flaw in GoAnywhere Managed File Transfer (MFT) that’s assessed to have come under active exploitation since at least September 11, 2025.
The company said it began its investigation on September 11 following a “potential vulnerability” reported by a customer, uncovering “potentially suspicious
The Hacker News – Read More
175 Malicious npm Packages with 26,000 Downloads Used in Credential Phishing Campaign
/in General NewsCybersecurity researchers have flagged a new set of 175 malicious packages on the npm registry that have been used to facilitate credential harvesting attacks as part of an unusual campaign.
The packages have been collectively downloaded 26,000 times, acting as an infrastructure for a widespread phishing campaign codenamed Beamglea targeting more than 135 industrial, technology, and energy
The Hacker News – Read More
RondoDox Botnet Takes ‘Exploit Shotgun’ Approach
/in General NewsThe botnet packs over 50 exploits targeting unpatched routers, DVRs, NVRs, CCTV systems, servers, and other network devices.
The post RondoDox Botnet Takes ‘Exploit Shotgun’ Approach appeared first on SecurityWeek.
SecurityWeek – Read More
The AI SOC Stack of 2026: What Sets Top-Tier Platforms Apart?
/in General NewsThe SOC of 2026 will no longer be a human-only battlefield. As organizations scale and threats evolve in sophistication and velocity, a new generation of AI-powered agents is reshaping how Security Operations Centers (SOCs) detect, respond, and adapt.
But not all AI SOC platforms are created equal.
From prompt-dependent copilots to autonomous, multi-agent systems, the current market offers
The Hacker News – Read More
Juniper Networks Patches Critical Junos Space Vulnerabilities
/in General NewsPatches were rolled out for more than 200 vulnerabilities in Junos Space and Junos Space Security Director, including nine critical-severity flaws.
The post Juniper Networks Patches Critical Junos Space Vulnerabilities appeared first on SecurityWeek.
SecurityWeek – Read More
ZDI Drops 13 Unpatched Ivanti Endpoint Manager Vulnerabilities
/in General NewsThe unpatched vulnerabilities allow attackers to execute arbitrary code remotely and escalate their privileges.
The post ZDI Drops 13 Unpatched Ivanti Endpoint Manager Vulnerabilities appeared first on SecurityWeek.
SecurityWeek – Read More
From LFI to RCE: Active Exploitation Detected in Gladinet and TrioFox Vulnerability
/in General NewsCybersecurity company Huntress said it has observed active in-the-wild exploitation of an unpatched security flaw impacting Gladinet CentreStack and TrioFox products.
The zero-day vulnerability, tracked as CVE-2025-11371 (CVSS score: 6.1), is an unauthenticated local file inclusion bug that allows unintended disclosure of system files. It impacts all versions of the software prior to and
The Hacker News – Read More