BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
[wp-rss-aggregator feeds="kitploit" limit="10" pagination="off"]
Exploit DB
[wp-rss-aggregator feeds="exploit-db" limit="10" pagination="off"]
Latest news and insights on Security
Smiths Group Scrambling to Restore Systems Following Cyberattack
/in General NewsEngineering firm Smiths Group has disclosed a cyberattack that forced it to take some systems offline and activate business continuity plans.
The post Smiths Group Scrambling to Restore Systems Following Cyberattack appeared first on SecurityWeek.
SecurityWeek – Read More
Critical Cacti Security Flaw (CVE-2025-22604) Enables Remote Code Execution
/in General NewsA critical security flaw has been disclosed in the Cacti open-source network monitoring and fault management framework that could allow an authenticated attacker to achieve remote code execution on susceptible instances.
The flaw, tracked as CVE-2025-22604, carries a CVSS score of 9.1 out of a maximum of 10.0.
“Due to a flaw in the multi-line SNMP result parser, authenticated users can inject
The Hacker News – Read More
SimpleHelp Remote Access Software Exploited in Attacks
/in General NewsThreat actors have been exploiting SimpleHelp remote access software shortly after the disclosure of three vulnerabilities.
The post SimpleHelp Remote Access Software Exploited in Attacks appeared first on SecurityWeek.
SecurityWeek – Read More
How Interlock Ransomware Infects Healthcare Organizations
/in General NewsRansomware attacks have reached an unprecedented scale in the healthcare sector, exposing vulnerabilities that put millions at risk. Recently, UnitedHealth revealed that 190 million Americans had their personal and healthcare data stolen during the Change Healthcare ransomware attack, a figure that nearly doubles the previously disclosed total.
This breach shows just how deeply ransomware
The Hacker News – Read More
Frenos Raises $3.88M in Seed Funding for OT Security Assessment Platform
/in General NewsFrenos, a company that has developed an autonomous OT security assessment platform, has raised $3.88 million in seed funding.
The post Frenos Raises $3.88M in Seed Funding for OT Security Assessment Platform appeared first on SecurityWeek.
SecurityWeek – Read More
Broadcom Warns of High-Severity SQL Injection Flaw in VMware Avi Load Balancer
/in General NewsBroadcom has alerted of a high-severity security flaw in VMware Avi Load Balancer that could be weaponized by malicious actors to gain entrenched database access.
The vulnerability, tracked as CVE-2025-22217 (CVSS score: 8.6), has been described as an unauthenticated blind SQL injection.
“A malicious user with network access may be able to use specially crafted SQL queries to gain database
The Hacker News – Read More
Zyxel CPE Devices Face Active Exploitation Due to Unpatched CVE-2024-40891 Vulnerability
/in General NewsCybersecurity researchers are warning that a critical zero-day vulnerability impacting Zyxel CPE Series devices is seeing active exploitation attempts in the wild.
“Attackers can leverage this vulnerability to execute arbitrary commands on affected devices, leading to complete system compromise, data exfiltration, or network infiltration,” GreyNoise researcher Glenn Thorpe said in an alert
The Hacker News – Read More
UAC-0063 Expands Cyber Attacks to European Embassies Using Stolen Documents
/in General NewsThe advanced persistent threat (APT) group known as UAC-0063 has been observed leveraging legitimate documents obtained by infiltrating one victim to attack another target with the goal of delivering a known malware dubbed HATVIBE.
“This research focuses on completing the picture of UAC-0063’s operations, particularly documenting their expansion beyond their initial focus on Central Asia,
The Hacker News – Read More
MGM agrees to pay $45 million to victims of 2019 data breach and 2023 ransomware attack
/in General NewsMGM Resorts International agreed to pay $45 million to settle multiple class action lawsuits related to a data breach in 2019 and a ransomware attack the company experienced in 2023.
The Record from Recorded Future News – Read More
OAuth Flaw Exposed Millions of Airline Users to Account Takeovers
/in General NewsThe now-fixed vulnerability involved a major travel services company that’s integrated with dozens of airline websites worldwide.
darkreading – Read More