BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
[wp-rss-aggregator feeds="kitploit" limit="10" pagination="off"]
Exploit DB
[wp-rss-aggregator feeds="exploit-db" limit="10" pagination="off"]
Latest news and insights on Security
Ethereum’s Pivotal Role in Decentralized Finance Evolution
/in General NewsOnce upon a time, say, 2016, Ethereum was a curious new arrival in the crypto space. It promised…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
LLMs are on their way to becoming our greatest security vulnerability
/in General NewsLLMs are currently transforming all fields and are being weaponized by cyber attackers. In a brief span of time, GenAI has left its mark on cybersecurity as well. While gaining traction, its use in software development unfortunately has a detrimental effect on each iteration. Security is often overlooked in generated code, leading to more vulnerabilities than in intentionally secure code.
Source
Alex Macra – Read More
Critical Cisco Vulnerability in Unified CM Grants Root Access via Static Credentials
/in General NewsCisco has released security updates to address a maximum-severity security flaw in Unified Communications Manager (Unified CM) and Unified Communications Manager Session Management Edition (Unified CM SME) that could permit an attacker to login to a susceptible device as the root user, allowing them to gain elevated privileges.
The vulnerability, tracked as CVE-2025-20309, carries a CVSS score
The Hacker News – Read More
Qantas Airlines Breached, Impacting 6M Customers
/in General NewsPassengers’ personal information was likely accessed via a third-party platform used at a call center, but didn’t include passport or credit card info.
darkreading – Read More
US Treasury Sanctions BPH Provider Aeza Group
/in General NewsIn the past, the bulletproof group has been affiliated with many well-known ransomware and malware groups, such as BianLian and Lumma Stealer.
darkreading – Read More
Russian APT ‘Gamaredon’ Hits Ukraine With Fierce Phishing
/in General NewsA Russian APT known as “Gamaredon” is using spear-phishing attacks and network-drive weaponization to target government entities in Ukraine.
darkreading – Read More
Initial Access Broker Self-Patches Zero Days as Turf Control
/in General NewsA likely China-nexus threat actor has been exploiting unpatched Ivanti vulnerabilities to gain initial access to victim networks and then patching the systems to block others from breaking in to the same network.
darkreading – Read More
Phishers built fake Okta and Microsoft 365 login sites with AI – here’s how to protect yourself
/in General NewsOkta researchers found hackers could make a phishing site with AI in just 30 seconds. Here’s how to protect your business.
Latest stories for ZDNET in Security – Read More
India’s Max Financial says hacker accessed customer data from its insurance unit
/in General NewsThe insurance giant is one of the largest insurers in India.
Security News | TechCrunch – Read More
China-linked hackers spoof big-name brand websites to steal shoppers’ payment info
/in General NewsThe campaign uses thousands of phishing websites that mimic the design and product listings of retailers like Apple, Nordstrom and Hermes to trick people into entering their credit card information.
The Record from Recorded Future News – Read More