BackBox.org News – Page 712 – Latest news and insights on Security

Spyware Maker NSO Ordered to Pay $167 Million Over WhatsApp Hack

May 7, 2025/in General News

Meta has won its WhatsApp hacking lawsuit against Israeli spyware company NSO Group in an “important step forward for privacy and security”.

The post Spyware Maker NSO Ordered to Pay $167 Million Over WhatsApp Hack appeared first on SecurityWeek.

SecurityWeek – Read More

SysAid Patches 4 Critical Flaws Enabling Pre-Auth RCE in On-Premise Version

May 7, 2025/in General News

Cybersecurity researchers have disclosed multiple security flaw in the on-premise version of SysAid IT support software that could be exploited to achieve pre-authenticated remote code execution with elevated privileges.
The vulnerabilities, tracked as CVE-2025-2775, CVE-2025-2776, and CVE-2025-2777, have all been described as XML External Entity (XXE) injections, which occur when an attacker is

The Hacker News – Read More

AppSignal Raises $22 Million for Application Monitoring Solution

May 7, 2025/in General News

Application performance monitoring provider AppSignal has raised $22 million in a Series A funding round led by Elsewhere Partners.

The post AppSignal Raises $22 Million for Application Monitoring Solution appeared first on SecurityWeek.

SecurityWeek – Read More

Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day to Breach U.S. Organization

May 7, 2025/in General News

Threat actors with links to the Play ransomware family exploited a recently patched security flaw in Microsoft Windows as a zero-day as part of an attack targeting an unnamed organization in the United States.
The attack, per the Symantec Threat Hunter Team, part of Broadcom, leveraged CVE-2025-29824, a privilege escalation flaw in the Common Log File System (CLFS) driver. It was patched by

The Hacker News – Read More

Ox Security lands a fresh $60M to scan for vulnerabilities in code

May 7, 2025/in General News

As “vibe coding” gains in popularity and tech companies push devs in their employ to embrace generative AI tools, a platform that scans for vulnerabilities in AI-generated code has raised a fresh round of funding. Ox Security, which models risk across both AI- and human-produced code, on Wednesday announced that it closed a $60 million […]

Security News | TechCrunch – Read More

Second Ransomware Group Caught Exploiting Windows Flaw as Zero-Day

May 7, 2025/in General News

At least two ransomware groups exploited the Windows zero-day CVE-2025-29824 before it was patched by Microsoft.

The post Second Ransomware Group Caught Exploiting Windows Flaw as Zero-Day appeared first on SecurityWeek.

SecurityWeek – Read More

US Warns of Hackers Targeting ICS/SCADA at Oil and Gas Organizations

May 7, 2025/in General News

The US government warns of threat actors targeting ICS/SCADA systems at oil and natural gas organizations.

The post US Warns of Hackers Targeting ICS/SCADA at Oil and Gas Organizations appeared first on SecurityWeek.

SecurityWeek – Read More

Researchers Uncover Malware in Fake Discord PyPI Package Downloaded 11,500+ Times

May 7, 2025/in General News

Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that masquerades as a seemingly harmless Discord-related utility but incorporates a remote access trojan.
The package in question is discordpydebug, which was uploaded to PyPI on March 21, 2022. It has been downloaded 11,574 times and continues to be available on the open-source registry.

The Hacker News – Read More