BackBox.org News – Page 41 – Latest news and insights on Security

BackBox News

One Click, Total Shutdown: The “Patient Zero” Webinar on Killing Stealth Breaches

May 8, 2026/in General News

The hardest part of cybersecurity isn’t the technology, it’s the people.
Every major breach you’ve read about lately usually starts the same way: one employee, one clever email, and one “Patient Zero” infection.
In 2026, hackers are using AI to make these “first clicks” nearly impossible to spot. If a single laptop gets compromised on your watch, do you have a plan to stop it from taking down

The Hacker News – Read More

Quasar Linux RAT Steals Developer Credentials for Software Supply Chain Compromise

May 8, 2026/in General News

A previously undocumented Linux implant codenamed Quasar Linux RAT (QLNX) is targeting developers’ systems to establish a silent foothold as well as facilitate a broad range of post-compromise functionality, such as credential harvesting, keylogging, file manipulation, clipboard monitoring, and network tunneling.
“QLNX targets developers and DevOps credentials across the software supply chain,”

The Hacker News – Read More

Polish Security Agency Reports ICS Breaches at Five Water Treatment Plants

May 8, 2026/in General News

The hackers gained the ability to modify equipment operational parameters, creating a direct risk to the public water supply.

The post Polish Security Agency Reports ICS Breaches at Five Water Treatment Plants appeared first on SecurityWeek.

SecurityWeek – Read More

AI Firm Braintrust Prompts API Key Rotation After Data Breach

May 8, 2026/in General News

Hackers accessed one of the company’s AWS accounts and compromised AI provider secrets stored in Braintrust.

The post AI Firm Braintrust Prompts API Key Rotation After Data Breach appeared first on SecurityWeek.

SecurityWeek – Read More

One Missed Threat Per Week: What 25M Alerts Reveal About Low-Severity Risk

May 8, 2026/in General News

The dark secret of enterprise security operations is that defenders have quietly institutionalized the practice of not looking. This is not just anecdotal, but rather backed by a recent report investigating more than 25 million security alerts, including informational and low-severity, across live enterprise environments.
The dataset behind these findings includes 10 million monitored

The Hacker News – Read More

New Linux PamDOORa Backdoor Uses PAM Modules to Steal SSH Credentials

May 8, 2026/in General News

Cybersecurity researchers have disclosed details of a new Linux backdoor named PamDOORa that’s being advertised on the Rehub Russian cybercrime forum for $1,600 by a threat actor called “darkworm.”
The backdoor is designed as a Pluggable Authentication Module (PAM)-based post-exploitation toolkit that enables persistent SSH access by means of a magic password and specific TCP port combination.

The Hacker News – Read More

Cyberattack Hits Canvas System Used by Thousands of Schools as Finals Loom

May 8, 2026/in General News

A system that thousands of schools and universities use went offline due to a cyberattack, creating chaos as students tried to study for finals.

The post Cyberattack Hits Canvas System Used by Thousands of Schools as Finals Loom appeared first on SecurityWeek.

SecurityWeek – Read More

Ransomware Group Takes Credit for Trellix Hack

May 8, 2026/in General News

RansomHouse has published several screenshots to demonstrate access to internal Trellix services.

The post Ransomware Group Takes Credit for Trellix Hack appeared first on SecurityWeek.

SecurityWeek – Read More

‘PCPJack’ Worm Removes TeamPCP Infections, Steals Credentials

May 8, 2026/in General News

The malware framework targets web applications and cloud environments, including AWS, Docker, Kubernetes, and more.

The post ‘PCPJack’ Worm Removes TeamPCP Infections, Steals Credentials appeared first on SecurityWeek.

SecurityWeek – Read More

Meet Rassvet, Russia’s Answer to Starlink

May 8, 2026/in General News

With the launch of the first 16 satellites, Russia begins construction of a network for satellite internet that aims to cover the entire country by 2030. But getting there won’t be easy.

Security Latest – Read More

Company Blogs

Hacking Tools

[wp-rss-aggregator feeds="kitploit" limit="10" pagination="off"]

Exploit DB

[wp-rss-aggregator feeds="exploit-db" limit="10" pagination="off"]

BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.

Click me

Make a Donation

BackBox News

One Click, Total Shutdown: The “Patient Zero” Webinar on Killing Stealth Breaches

Quasar Linux RAT Steals Developer Credentials for Software Supply Chain Compromise

Polish Security Agency Reports ICS Breaches at Five Water Treatment Plants

AI Firm Braintrust Prompts API Key Rotation After Data Breach

One Missed Threat Per Week: What 25M Alerts Reveal About Low-Severity Risk

New Linux PamDOORa Backdoor Uses PAM Modules to Steal SSH Credentials

Cyberattack Hits Canvas System Used by Thousands of Schools as Finals Loom

Ransomware Group Takes Credit for Trellix Hack

‘PCPJack’ Worm Removes TeamPCP Infections, Steals Credentials

Meet Rassvet, Russia’s Answer to Starlink

Company Blogs

Major Cyber Attacks in May 2026: Fake Invitations, Agent Tesla, BlobPhish, and More

Foul play: Fake FIFA websites target soccer fans looking for World Cup tickets, merchandise

Breaking down the new Qualcomm chip vulnerability | Kaspersky official blog

The art of being ungovernable

Webworm: New burrowing techniques

ASCII art in phishing emails | Kaspersky official blog

Malicious TV boxes: how a cheap “SuperBox” turns your home into a proxy node for cybercriminals | Kaspersky official blog

The quest for greater tech independence

TP-Link, Photoshop, OpenVPN, Norton VPN vulnerabilities

Tools for spotting and disabling AI systems in an enterprise

Hacking Tools

Exploit DB