BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets
/in General NewsCybersecurity researchers have discovered a malicious NuGet package that masquerades as a C# software development kit for Sicoob, one of Brazil’s largest cooperative financial systems, to siphon client IDs and PFX certificates.
According to Socket, versions 2.0.0 through 2.0.4 of “Sicoob.Sdk” contain functionality to exfiltrate sensitive information, including PFX certificates that are used to
The Hacker News – Read More
Kimsuky Deploys HTTPSpy, Expands Arsenal with HelloDoor and VS Code Tunnels
/in General NewsThe North Korean state-sponsored threat actor known as Kimsuky (aka Velvet Chollima) has been attributed to a fresh set of cyber attacks targeting South Korean military and corporate entities through March and April 2026.
“Kimsuky employed a range of tailored social engineering tactics, such as spoofing security software installation pages and crafting a fake Webex meeting page that leveraged
The Hacker News – Read More
Perplexity launches Bumblebee: How its new read-only dev scanner differs from Chainguard
/in General NewsThe AI company’s Bumblebee tool tackles your most urgent question after any supply‑chain advisory: Do your programmers have this malware installed?
Latest news – Read More
AI Model Release Tracker: Opus 4.8’s misalignment rates similar to Claude Mythos Preview
/in General NewsNot every new model is all it’s cracked up to be. Our tracker keeps each release in context with its peers, so you know which models are worth your time.
Latest news – Read More
ShinyHunters Alleges 42M Records Stolen from Charter Communications
/in General NewsCharter confirmed a cyber incident after ShinyHunters claimed it stole Spectrum customer data through vishing and SaaS account access.
The post ShinyHunters Alleges 42M Records Stolen from Charter Communications appeared first on TechRepublic.
Security Archives – TechRepublic – Read More
Hackers are trying to steal Signal users’ backups in new wave of phishing attacks
/in General NewsA new hacking campaign is trying to trick Signal users to give up their secret recovery key, which can be used to access online backups containing past messages.
Security News | TechCrunch – Read More
Dutch Raid Fails to Dent Russian Bulletproof Host
/in General NewsDutch law enforcement seized 800 servers and arrested two operators of THE.Hosting but left the hosting provider’s core IP address space intact.
darkreading – Read More
Name That Toon Contest
/in General NewsPost Content
darkreading – Read More
The Pentagon Knew Enemies Could Track Troops’ Phones for Years. Now They Are
/in General NewsThe US military has long known that cheap fixes could stop location data from exposing its troops. It adopted almost none—and now says adversaries are using the data to target soldiers during a war.
Security Latest – Read More
Geordie Raises $30 Million for AI Security and Governance Platform
/in General NewsThe funding round was led by Balderton Capital, with additional support from Crosspoint Capital and previous investors General Catalyst and Ten Eleven Ventures.
The post Geordie Raises $30 Million for AI Security and Governance Platform appeared first on SecurityWeek.
SecurityWeek – Read More