BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
No feed items found.
Exploit DB
- [webapps] AppSmith 1.47 - Remote Code Execution (RCE)
- [remote] Vite 6.2.2 - Arbitrary File Read
- [webapps] ABB Cylon Aspect 3.07.01 - Hard-coded Default Credentials
- [remote] Microsoft Office 2019 MSO Build 1808 - NTLMv2 Hash Disclosure
- [webapps] Webmin Usermin 2.100 - Username Enumeration
- [local] ollama 0.6.4 - Server Side Request Forgery (SSRF)
- [webapps] Nagios Log Server 2024R1.3.1 - Stored XSS
- [webapps] ABB Cylon Aspect 3.07.02 - File Disclosure (Authenticated)
- [webapps] ABB Cylon Aspect 3.08.01 - Remote Code Execution
- [webapps] Elaine's Realtime CRM Automation 6.18.17 - Reflected XSS
Man Jailed 24 Years for Running Dark Web CSAM Sites from Coffee Shop
/in General NewsLouis Donald Mendonsa, 62, was sentenced following a guilty plea for distributing child sexual abuse materials (CSAM) via…
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Ransomware Group Takes Credit for Lee Enterprises Attack
/in General NewsThe Qilin ransomware gang claims to have stolen 350 Gb of files from Lee Enterprises in the attack that caused newspaper disruptions.
The post Ransomware Group Takes Credit for Lee Enterprises Attack appeared first on SecurityWeek.
SecurityWeek – Read More
Sticky Werewolf Uses Undocumented Implant to Deploy Lumma Stealer in Russia and Belarus
/in General NewsThe threat actor known as Sticky Werewolf has been linked to targeted attacks primarily in Russia and Belarus with the aim of delivering the Lumma Stealer malware by means of a previously undocumented implant.
Cybersecurity company Kaspersky is tracking the activity under the name Angry Likho, which it said bears a “strong resemblance” to Awaken Likho (aka Core Werewolf, GamaCopy, and
The Hacker News – Read More
12,000+ API Keys and Passwords Found in Public Datasets Used for LLM Training
/in General NewsA dataset used to train large language models (LLMs) has been found to contain nearly 12,000 live secrets, which allow for successful authentication.
The findings once again highlight how hard-coded credentials pose a severe security risk to users and organizations alike, not to mention compounding the problem when LLMs end up suggesting insecure coding practices to their users.
Truffle
The Hacker News – Read More
Microsoft Names Suspects in Lawsuit Against AI Hackers
/in General NewsIn a lawsuit targeting cybercriminals who abuse AI services, Microsoft has named individuals from Iran, the UK, China and Vietnam.
The post Microsoft Names Suspects in Lawsuit Against AI Hackers appeared first on SecurityWeek.
SecurityWeek – Read More
Targeted by Ransomware, Middle East Banks Shore Up Security
/in General NewsAs the UAE financial sector finished up its annual cyberattack exercise, its worries about ransomware compromises and geopolitical attacks are on the rise.
darkreading – Read More
GHOSTR Hacker Linked to 90+ Data Breaches Arrested
/in General NewsA hacker using the alias GHOSTR, linked to 90+ data breaches, was arrested in a joint effort by law enforcement in Thailand, Singapore, and cybersecurity firm Group-IB.
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
eCommerce Customer Service Tips For Online Support: The Basics
/in General NewsStrong eCommerce customer service builds trust, boosts loyalty, and drives sales. Learn key strategies, best practices, and tools to enhance online support.
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Nakivo Fixes Critical Flaw in Backup & Replication Tool
/in General NewsThe vendor’s products fall in a category that ransomware operators like to target to circumvent victims’ ability to recover from a successful attack.
darkreading – Read More
How to Use Slack for Business: Workplace Communication
/in General NewsDo you want to have the best communication system at your workplace? Learn how to maximize the benefits…
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More