BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
No feed items found.
Exploit DB
- [webapps] Loaded Commerce 6.6 - Client-Side Template Injection(CSTI) (AngularJS)
- [webapps] Extensive VC Addons for WPBakery page builder 1.9.0 - Remote Code Execution (RCE)
- [webapps] TranzAxis 3.2.41.10.26 - Stored Cross-Site Scripting (XSS) (Authenticated)
- [webapps] Gitea 1.24.0 - HTML Injection
- [local] VeeVPN 1.6.1 - Unquoted Service Path
- [webapps] Chamilo LMS 1.11.24 - Remote Code Execution (RCE)
How One AI Startup Founder Cornered Microsoft Into Finally Taking Down Explicit Videos of Her
/in General NewsBreeze Liu has been a prominent advocate for victims. But even she struggled to scrub nonconsensual intimate images and videos of herself from the web.
Security Latest – Read More
‘Darcula’ Phishing Kit Can Now Impersonate Any Brand
/in General NewsWith Version 3, would-be phishers can cut and paste a big brand’s URL into a template and let automation do the rest.
darkreading – Read More
Aqara’s first outdoor camera is this smart home enthusiast’s dream device – here’s why
/in General NewsCombining home security with hub capability, the Aqara Camera Hub G5 Pro also delivers AI-powered visual recognition features – all without a subscription.
Latest stories for ZDNET in Security – Read More
Citrix Releases Security Fix for NetScaler Console Privilege Escalation Vulnerability
/in General NewsCitrix has released security updates for a high-severity security flaw impacting NetScaler Console (formerly NetScaler ADM) and NetScaler Agent that could lead to privilege escalation under certain conditions.
The vulnerability, tracked as CVE-2024-12284, has been given a CVSS v4 score of 8.8 out of a maximum of 10.0
It has been described as a case of improper privilege management that could
The Hacker News – Read More
Microsoft Patches Actively Exploited Power Pages Privilege Escalation Vulnerability
/in General NewsMicrosoft has released security updates to address two Critical-rated flaws impacting Bing and Power Pages, including one that has come under active exploitation in the wild.
The vulnerabilities are listed below –
CVE-2025-21355 (CVSS score: 8.6) – Microsoft Bing Remote Code Execution Vulnerability
CVE-2025-24989 (CVSS score: 8.2) – Microsoft Power Pages Elevation of Privilege Vulnerability
”
The Hacker News – Read More
DOGE Now Has Access to the Top US Cybersecurity Agency
/in General NewsDOGE technologists Edward Coristine—the 19-year-old known online as “Big Balls”—and Kyle Schutt are now listed as staff at the Cybersecurity and Infrastructure Security Agency.
Security Latest – Read More
Australian Critical Infrastructure Faces ‘Acute’ Foreign Threats
/in General NewsThe continent faces “relentless” military espionage, and increased cyber sabotage at the hands of authoritarian regimes, according to a high-ranking intelligence director.
darkreading – Read More
Russian Groups Target Signal Messenger in Spy Campaign
/in General NewsThese sorts of attacks reveal growing adversary interest in secure messaging apps used by high-value targets for communication, Google says.
darkreading – Read More
Insight Partners, VC Giant, Falls to Social Engineering
/in General NewsThe startup incubator and PR firm with holdings in more than 70 cybersecurity firms has announced a data breach with as-yet-unknown effects.
darkreading – Read More
Recent Ghost/Cring ransomware activity prompts alert from FBI, CISA
/in General NewsA ransomware group known as Ghost has been exploiting vulnerabilities in software and firmware as recently as January, according to an alert issued Wednesday by the FBI and Cybersecurity and Infrastructure Security Agency (CISA).
The Record from Recorded Future News – Read More