BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
[wp-rss-aggregator feeds="kitploit" limit="10" pagination="off"]
Exploit DB
[wp-rss-aggregator feeds="exploit-db" limit="10" pagination="off"]
Latest news and insights on Security
I test robot vacuums for a living, and these are the best Memorial Day deals right now
/in General NewsThis is one of the best times of the year to buy a robot vacuum, thanks to these Memorial Day deals.
Latest news – Read More
Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware
/in General NewsA new “coordinated” supply chain attack campaign has impacted eight packages on Packagist including malicious code designed to run a Linux binary retrieved from a GitHub Releases URL.
“Although the affected packages were all Composer packages, the malicious code was not added to composer.json,” Socket said. “Instead, it was inserted into package.json, targeting projects that ship JavaScript
The Hacker News – Read More
npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks
/in General NewsGitHub has rolled out new controls for npm to improve the security of the software supply chain, giving maintainers the ability to explicitly approve a release prior to the packages becoming publicly available for installation.
Called staged publishing, the feature is now generally available on npm. It mandates that a human maintainer pass a two-factor authentication (2FA) challenge to approve
The Hacker News – Read More
These special phone and app features can help protect you from spyware
/in General NewsApple, Meta, and Google offer special security modes that provide your devices more secure against targeted spyware attacks. Here are how those modes work, what they do, and how to switch them on.
Security News | TechCrunch – Read More
This rugged Windows tablet handles mud and rain – but didn’t impress with the basics
/in General NewsThe Getac G140 puts power in the hands of fire & rescue, automotive, and utility workers.
Latest news – Read More
Claude Mythos AI Finds 10,000 High-Severity Flaws in Widely Used Software
/in General NewsAnthropic on Friday disclosed that Project Glasswing has helped uncover more than 10,000 high- or critical-severity vulnerabilities across some of the most “systemically” important software across the world since the cybersecurity initiative went live last month.
Project Glasswing is an effort led by the artificial intelligence (AI) company, as part of which a small set of about 50 partners
The Hacker News – Read More
RondoDox Botnet Exploits Critical 2018 Vulnerability to Hijack ASUS Routers
/in General NewsCybersecurity firm VulnCheck reveals hackers are using a critical 2018 vulnerability to bypass authentication and hack over a million ASUS routers.
Hackread – Cybersecurity News, Data Breaches, AI and More – Read More
The FBI Wants ‘Near Real-Time’ Access to US License Plate Readers
/in General NewsPlus: Google publishes a live exploit for an unpatched flaw, the feds arrest two men accused of creating thousands of nonconsensual deepfake nudes, and more.
Security Latest – Read More
I joyfully reunited with my first Linux distro at the Virtual OS Museum
/in General NewsFeeling nostalgic? From Amiga Unix to XVM/RSX, anyone can run over 570 extinct OSes. Try it now on Linux, MacOS, or Windows.
Latest news – Read More
‘Underminr’ Vulnerability Lets Attackers Hide Malicious Connections Behind Trusted Domains
/in General NewsThe stealthy vulnerability impacts roughly 88 million domains and can be exploited to bypass DNS filtering and hide command-and-control traffic.
The post ‘Underminr’ Vulnerability Lets Attackers Hide Malicious Connections Behind Trusted Domains appeared first on SecurityWeek.
SecurityWeek – Read More