BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
Exploit DB
- [webapps] Royal Elementor Addons and Templates 1.3.78 - Unauthenticated Arbitrary File Upload
- [webapps] Exclusive Addons for Elementor 2.6.9 - Stored Cross-Site Scripting (XSS)
- [webapps] Kubio AI Page Builder 2.5.1 - Local File Inclusion (LFI)
- [webapps] Next.js Middleware 15.2.2 - Authorization Bypass
- [webapps] IBM Security Verify Access 10.0.0 - Open Redirect during OAuth Flow
- [remote] Microchip TimeProvider 4100 Grandmaster (Data plot modules) 2.4.6 - SQL Injection
- [remote] Angular-Base64-Upload Library 0.1.20 - Remote Code Execution (RCE)
- [remote] Microchip TimeProvider 4100 (Configuration modules) 2.4.6 - OS Command Injection
- [remote] Microchip TimeProvider 4100 Grandmaster (Banner Config Modules) 2.4.6 - Stored Cross-Site Scripting (XSS)
- [remote] Microsoft Office 2019 MSO Build 1808 - NTLMv2 Hash Disclosure
LLMs & Malicious Code Injections: ‘We Have to Assume It’s Coming’
/in General NewsLarge language models promise to enhance secure software development life cycles, but there are unintended risks as well, CISO warns at RSAC.
darkreading – Read More
BigID Launches Industry-First Hybrid Scanning for Cloud Native Workloads
/in General NewsPost Content
darkreading – Read More
Introducing the NetBeacon Institute: Empowering a Safer Web
/in General NewsPost Content
darkreading – Read More
AXA XL Introduces Endorsement to Help Public Companies Address SEC Cyber Reporting Costs
/in General NewsPost Content
darkreading – Read More
AttackIQ Partners With Cyber Poverty Line Institute to Provide Academy Courses to Underserved Communities
/in General NewsPost Content
darkreading – Read More
RSA: Google Enhances its Enterprise SecOps Offerings With Gemini AI
/in General NewsIn this RSA roundup, we also cover AI news about IBM, AWS and Proofpoint, as well as details about Cisco Hypershield.
Security | TechRepublic – Read More
Top 7 Multicloud Security Providers for 2024
/in General NewsThere are a lot of considerations when adopting a multicloud infrastructure. Use our guide to compare the top multicloud security providers.
Security | TechRepublic – Read More
Google Steps Up The Battle Against Gmail Spam
/in General NewsAdditional enforcement means non-compliant email may be delivered to spam folders. Here’s what Google Workspace administrators and Gmail users need to know.
Security | TechRepublic – Read More
HijackLoader Evolves with New Evasion Techniques
/in General NewsHijackLoader is a modular malware loader that is used to deliver second-stage payloads including Amadey, Lumma Stealer, Racoon Stealer v2, and Remcos RAT. HijackLoader decrypts and parses a PNG image to load the next stage.
Cyware News – Latest Cyber News – Read More
NiceCurl and TameCat Custom Backdoors Leveraged by Damselfly APT
/in General NewsThe Damselfly Advanced Persistent Threat (APT) group, also known as APT42, has been actively using custom backdoor variants, NiceCurl and TameCat, to infiltrate Windows machines.
Cyware News – Latest Cyber News – Read More