BackBox.org News – Page 72 – Latest news and insights on Security

BackBox News

Chrome to Distrust Chunghwa Telecom and Netlock Certificates

June 2, 2025/in General News

Patterns of concerning behavior led Google to remove trust in certificates from Chunghwa Telecom and Netlock from Chrome.

The post Chrome to Distrust Chunghwa Telecom and Netlock Certificates appeared first on SecurityWeek.

SecurityWeek – Read More

Backdoors in Python and NPM Packages Target Windows and Linux

June 2, 2025/in General News

Checkmarx uncovers cross-ecosystem attack: fake Python and NPM packages plant backdoor on Windows and Linux, enabling data theft plus remote control.

Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More

Technical Details Published for Critical Cisco IOS XE Vulnerability

June 2, 2025/in General News

The critical flaw, tracked as CVE-2025-20188 (CVSS score of 10/10), allows attackers to execute arbitrary code remotely.

The post Technical Details Published for Critical Cisco IOS XE Vulnerability appeared first on SecurityWeek.

SecurityWeek – Read More

US Government Is Investigating Messages Impersonating Trump’s Chief of Staff, Susie Wiles

June 2, 2025/in General News

Elected officials, business executives and other prominent figures in recent weeks received messages from someone impersonating Susie Wiles.

The post US Government Is Investigating Messages Impersonating Trump’s Chief of Staff, Susie Wiles appeared first on SecurityWeek.

SecurityWeek – Read More

Counter Antivirus Service AVCheck Shut Down by Law Enforcement

June 2, 2025/in General News

Counter antivirus services such as AVCheck allow cybercriminals to test whether their malware is detected by antivirus products.

The post Counter Antivirus Service AVCheck Shut Down by Law Enforcement appeared first on SecurityWeek.

SecurityWeek – Read More

In Other News: PoC for Fortinet Bug, AI Model Subverts Shutdown, RAT Source Code Leaked

June 2, 2025/in General News

Noteworthy stories that might have slipped under the radar: simple PoC code released for Fortinet zero-day, OpenAI O3 disobeys shutdown orders, source code of SilverRAT emerges online.

The post In Other News: PoC for Fortinet Bug, AI Model Subverts Shutdown, RAT Source Code Leaked appeared first on SecurityWeek.

SecurityWeek – Read More

Fake Recruiter Emails Target CFOs Using Legit NetBird Tool Across 6 Global Regions

June 2, 2025/in General News

Cybersecurity researchers have warned of a new spear-phishing campaign that uses a legitimate remote access tool called Netbird to target Chief Financial Officers (CFOs) and financial executives at banks, energy companies, insurers, and investment firms across Europe, Africa, Canada, the Middle East, and South Asia.
“In what appears to be a multi-stage phishing operation, the attackers

The Hacker News – Read More

Flowable’s Smart Automation Tools Are Reshaping How Enterprises Operate in 2025

June 1, 2025/in General News

As more businesses face pressure to do more with fewer resources, automation platforms like Flowable are becoming central…

Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More

When your LLM calls the cops: Claude 4’s whistle-blow and the new agentic AI risk stack

June 1, 2025/in General News

Claude 4’s “whistle-blow” surprise shows why agentic AI risk lives in prompts and tool access, not benchmarks. Learn the 6 controls every enterprise must adopt.Read More

Security News | VentureBeat – Read More

Interlock Ransomware Deploys New NodeSnake RAT in UK Attacks

May 31, 2025/in General News

Quorum Cyber identifies two new NodeSnake RAT variants, strongly attributed to Interlock ransomware, impacting UK higher education and local government.

Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More

Company Blogs

Hacking Tools

Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
Source: KitPloit Published on 2025-05-11
Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
Source: KitPloit Published on 2025-05-11
Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
Source: KitPloit Published on 2025-05-09
ByeDPIAndroid - App To Bypass Censorship On Android
Source: KitPloit Published on 2025-05-08
API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
Source: KitPloit Published on 2025-05-07
Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
Source: KitPloit Published on 2025-05-06
Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
Source: KitPloit Published on 2025-05-05
CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
Source: KitPloit Published on 2025-05-04
Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
Source: KitPloit Published on 2025-05-03
SubGPT - Find Subdomains With GPT, For Free
Source: KitPloit Published on 2025-05-02

Exploit DB

[webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
Source: Exploit DB Published on 2025-07-02
[remote] Microsoft SharePoint 2019 - NTLM Authentication
Source: Exploit DB Published on 2025-07-02
[remote] gogs 0.13.0 - Remote Code Execution (RCE)
Source: Exploit DB Published on 2025-07-02
[remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
Source: Exploit DB Published on 2025-07-02
[webapps] Sitecore 10.4 - Remote Code Execution (RCE)
Source: Exploit DB Published on 2025-06-26
[remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
Source: Exploit DB Published on 2025-06-26
[webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
Source: Exploit DB Published on 2025-06-26
[remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
Source: Exploit DB Published on 2025-06-26
[remote] freeSSHd 1.0.9 - Denial of Service (DoS)
Source: Exploit DB Published on 2025-06-26
[remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
Source: Exploit DB Published on 2025-06-26

BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.

Click me

Make a Donation

BackBox News

Chrome to Distrust Chunghwa Telecom and Netlock Certificates

Backdoors in Python and NPM Packages Target Windows and Linux

Technical Details Published for Critical Cisco IOS XE Vulnerability

US Government Is Investigating Messages Impersonating Trump’s Chief of Staff, Susie Wiles

Counter Antivirus Service AVCheck Shut Down by Law Enforcement

In Other News: PoC for Fortinet Bug, AI Model Subverts Shutdown, RAT Source Code Leaked

Fake Recruiter Emails Target CFOs Using Legit NetBird Tool Across 6 Global Regions

Flowable’s Smart Automation Tools Are Reshaping How Enterprises Operate in 2025

When your LLM calls the cops: Claude 4’s whistle-blow and the new agentic AI risk stack

Interlock Ransomware Deploys New NodeSnake RAT in UK Attacks

Company Blogs

How to get into cybersecurity | Unlocked 403 cybersecurity podcast (S2E3)

Task scams: Why you should never pay to get paid

How government cyber cuts will affect you and your business

A message from Bruce the mechanical shark

Best travel apps: maps, taxis, food, internet | Kaspersky official blog

Release Notes: Detonation Actions, Enhanced QR Extraction, and 1,400+ New Detection Rules

A Guide to Developing Security-First Culture Powered by Threat Intelligence

PDFs: Portable documents, or perfect deliveries for phish?

The top-five funny school, social media, and IoT hacks | Kaspersky official blog

DEVMAN Ransomware: Analysis of New DragonForce Variant

Hacking Tools

Exploit DB