BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
[wp-rss-aggregator feeds="kitploit" limit="10" pagination="off"]
Exploit DB
[wp-rss-aggregator feeds="exploit-db" limit="10" pagination="off"]
Latest news and insights on Security
‘Easily Exploitable’ Langflow Vulnerability Requires Immediate Patching
/in General NewsThe vulnerability, which has a CVSS score of 9.8, is under attack and allows threat actors to remotely execute arbitrary commands on servers running the agentic AI builder.
darkreading – Read More
Tulsi Gabbard Reused the Same Weak Password on Multiple Accounts for Years
/in General NewsNow the US director of national intelligence, Gabbard failed to follow basic cybersecurity practices on several of her personal accounts, leaked records reviewed by WIRED reveal.
Security Latest – Read More
DOD cyber policy nominee vows to ‘revaluate’ offensive cyber guardrails
/in General NewsKatie Sutton, nominated to serve as assistant secretary of defense for cyber policy, told lawmakers that the U.S. needs to be able to effectively respond to cyberattacks.
The Record from Recorded Future News – Read More
ClickFix Scam: How to Protect Your Business Against This Evolving Threat
/in General NewsCybercriminals aren’t always loud and obvious. Sometimes, they play it quiet and smart. One of the tricks of…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Two Hacks, One Empire: The Cyber Assaults Disney Didn’t See Coming
/in General NewsDisney was hit by two major 2024 cyberattacks, an ex-employee’s sabotage and a hacker’s AI trap, exposing internal…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Hackers Exploit Samsung MagicINFO, GeoVision IoT Flaws to Deploy Mirai Botnet
/in General NewsThreat actors have been observed actively exploiting security flaws in GeoVision end-of-life (EoL) Internet of Things (IoT) devices to corral them into a Mirai botnet for conducting distributed denial-of-service (DDoS) attacks.
The activity, first observed by the Akamai Security Intelligence and Response Team (SIRT) in early April 2025, involves the exploitation of two operating system command
The Hacker News – Read More
Applying the OODA Loop to Solve the Shadow AI Problem
/in General NewsBy taking immediate actions, organizations can ensure that shadow AI is prevented and used constructively where possible.
The post Applying the OODA Loop to Solve the Shadow AI Problem appeared first on SecurityWeek.
SecurityWeek – Read More
CISA Warns 2 SonicWall Vulnerabilities Under Active Exploitation
/in General NewsThe vulnerabilities affect SonicWall’s SMA devices for secure remote access, which have been heavily targeted by threat actors in the past.
darkreading – Read More
Addressing the Top Cyber-Risks in Higher Education
/in General NewsAs attacks accelerate, security leaders must act to gain visibility across their entire institution’s network and systems and continuously educate their users on best practices.
darkreading – Read More
New Investment Scams Use Facebook Ads, RDGA Domains, and IP Checks to Filter Victims
/in General NewsCybersecurity researchers have lifted the lid on two threat actors that orchestrate investment scams through spoofed celebrity endorsements and conceal their activity through traffic distribution systems (TDSes).
The activity clusters have been codenamed Reckless Rabbit and Ruthless Rabbit by DNS threat intelligence firm Infoblox.
The attacks have been observed to lure victims with bogus
The Hacker News – Read More