BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
[wp-rss-aggregator feeds="kitploit" limit="10" pagination="off"]
Exploit DB
[wp-rss-aggregator feeds="exploit-db" limit="10" pagination="off"]
Latest news and insights on Security
Dell vs. Lenovo: I’ve tested dozens of laptops from both brands, and here’s my pick
/in General NewsDell and Lenovo specialize in PCs, laptops, and other computing products, but which one is better? This guide will help you make the right choice for your needs.
Latest news – Read More
In Other News: Train Hacker Arrested, PamDOORa Linux Backdoor, New CISA Director Frontrunner
/in General NewsOther noteworthy stories that might have slipped under the radar: US gov targets 72-hour patch cycles, malware uses Windows Phone Link to steal OTPs, spy operation targets Eurasian drone industry.
The post In Other News: Train Hacker Arrested, PamDOORa Linux Backdoor, New CISA Director Frontrunner appeared first on SecurityWeek.
SecurityWeek – Read More
One Click, Total Shutdown: The “Patient Zero” Webinar on Killing Stealth Breaches
/in General NewsThe hardest part of cybersecurity isn’t the technology, it’s the people.
Every major breach you’ve read about lately usually starts the same way: one employee, one clever email, and one “Patient Zero” infection.
In 2026, hackers are using AI to make these “first clicks” nearly impossible to spot. If a single laptop gets compromised on your watch, do you have a plan to stop it from taking down
The Hacker News – Read More
Quasar Linux RAT Steals Developer Credentials for Software Supply Chain Compromise
/in General NewsA previously undocumented Linux implant codenamed Quasar Linux RAT (QLNX) is targeting developers’ systems to establish a silent foothold as well as facilitate a broad range of post-compromise functionality, such as credential harvesting, keylogging, file manipulation, clipboard monitoring, and network tunneling.
“QLNX targets developers and DevOps credentials across the software supply chain,”
The Hacker News – Read More
Polish Security Agency Reports ICS Breaches at Five Water Treatment Plants
/in General NewsThe hackers gained the ability to modify equipment operational parameters, creating a direct risk to the public water supply.
The post Polish Security Agency Reports ICS Breaches at Five Water Treatment Plants appeared first on SecurityWeek.
SecurityWeek – Read More
AI Firm Braintrust Prompts API Key Rotation After Data Breach
/in General NewsHackers accessed one of the company’s AWS accounts and compromised AI provider secrets stored in Braintrust.
The post AI Firm Braintrust Prompts API Key Rotation After Data Breach appeared first on SecurityWeek.
SecurityWeek – Read More
One Missed Threat Per Week: What 25M Alerts Reveal About Low-Severity Risk
/in General NewsThe dark secret of enterprise security operations is that defenders have quietly institutionalized the practice of not looking. This is not just anecdotal, but rather backed by a recent report investigating more than 25 million security alerts, including informational and low-severity, across live enterprise environments.
The dataset behind these findings includes 10 million monitored
The Hacker News – Read More
New Linux PamDOORa Backdoor Uses PAM Modules to Steal SSH Credentials
/in General NewsCybersecurity researchers have disclosed details of a new Linux backdoor named PamDOORa that’s being advertised on the Rehub Russian cybercrime forum for $1,600 by a threat actor called “darkworm.”
The backdoor is designed as a Pluggable Authentication Module (PAM)-based post-exploitation toolkit that enables persistent SSH access by means of a magic password and specific TCP port combination.
The Hacker News – Read More
Cyberattack Hits Canvas System Used by Thousands of Schools as Finals Loom
/in General NewsA system that thousands of schools and universities use went offline due to a cyberattack, creating chaos as students tried to study for finals.
The post Cyberattack Hits Canvas System Used by Thousands of Schools as Finals Loom appeared first on SecurityWeek.
SecurityWeek – Read More
Ransomware Group Takes Credit for Trellix Hack
/in General NewsRansomHouse has published several screenshots to demonstrate access to internal Trellix services.
The post Ransomware Group Takes Credit for Trellix Hack appeared first on SecurityWeek.
SecurityWeek – Read More