BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
[wp-rss-aggregator feeds="kitploit" limit="10" pagination="off"]
Exploit DB
[wp-rss-aggregator feeds="exploit-db" limit="10" pagination="off"]
Latest news and insights on Security
I tested Motorola’s $1,500 Razr Ultra, and it’s so close to being my dream flip phone
/in General NewsThe 2026 Razr Ultra delivers major hardware upgrades while maintaining the same stylish design it’s known for. Too bad it’s overpriced.
Latest news – Read More
The Flipper One is a full-on Linux cyberdeck that solves my biggest Raspberry Pi problem
/in General NewsIf you love your Flipper Zero, you’re really going to flip over the new Flipper One.
Latest news – Read More
Content Delivery Exploit Opens Websites to Brand Hijacking
/in General NewsThe Underminr domain-fronting attack allows threat actors to modify Web requests and leverage trusted websites to cloak malicious activity.
darkreading – Read More
When Identity is the Attack Path
/in General NewsConsider a cached access key on a single Windows machine. It got there the way most cached credentials do – a user logged in, and the key stored itself automatically. Standard AWS behavior. No one misconfigured anything or violated a policy. Yet that single key, which was easily accessible to a minor-league attacker, could have opened a path to some 98% of entities in the company’s cloud
The Hacker News – Read More
Socket Raises $60 Million at $1 Billion Valuation
/in General NewsThe company will invest in its firewall, certified patches, protection extensions, new products, and team expansion.
The post Socket Raises $60 Million at $1 Billion Valuation appeared first on SecurityWeek.
SecurityWeek – Read More
Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking
/in General NewsCVE-2026-9082 can be exploited without authentication for information disclosure, privilege escalation, and remote code execution.
The post Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking appeared first on SecurityWeek.
SecurityWeek – Read More
A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale
/in General NewsGitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.
Security Latest – Read More
Supply Chain Security Crisis: Too Many Vulnerabilities, Too Little Visibility
/in General NewsNew vulnerabilities are being discovered too fast, the time-to-exploitation is too short, and our visibility into them is largely lacking.
The post Supply Chain Security Crisis: Too Many Vulnerabilities, Too Little Visibility appeared first on SecurityWeek.
SecurityWeek – Read More
9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros
/in General NewsCybersecurity researchers have disclosed details of a vulnerability in the Linux kernel that remained undetected for nine years.
The vulnerability, tracked as CVE-2026-46333 (CVSS score: 5.5), is a case of improper privilege management that could permit an unprivileged local user to disclose sensitive files and execute arbitrary commands as root on default installations of several major
The Hacker News – Read More
GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension
/in General NewsGitHub on Wednesday officially confirmed that the breach of its internal repositories was the result of a compromise of an employee device involving a poisoned version of the Nx Console Microsoft Visual Studio Code (VS Code) extension.
The development comes as the Nx team revealed that the extension, nrwl.angular-console, was breached after one of its developers’ systems was hacked in the
The Hacker News – Read More