BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
[wp-rss-aggregator feeds="kitploit" limit="10" pagination="off"]
Exploit DB
[wp-rss-aggregator feeds="exploit-db" limit="10" pagination="off"]
Latest news and insights on Security
LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure
/in General NewsIn yet another instance of threat actors quickly jumping on the exploitation bandwagon, a newly disclosed critical security flaw in BerriAI’s LiteLLM Python package has come under active exploitation in the wild within 36 hours of the bug becoming public knowledge.
The vulnerability, tracked as CVE-2026-42208 (CVSS score: 9.3), is an SQL injection that could be exploited to modify the underlying
The Hacker News – Read More
NSA Chief During Snowden Affair Shares Regrets, Reflections 13 Years Later
/in General NewsChris Inglis was the head civilian in charge at the NSA when the Snowden leak exploded. He gets candid about mistakes the organization made, and what CISOs need to know about spotting potential threats, media disclosures, and “enculturation.”
darkreading – Read More
New DHL Phishing Scam Uses 11-Step Attack Chain to Steal Passwords
/in General NewsForcepoint’s X-Labs reports an 11-step DHL phishing scam that uses fake OTP codes and EmailJS to harvest user credentials and device telemetry.
Hackread – Cybersecurity News, Data Breaches, AI and More – Read More
ClickUp Data Leak Exposes Enterprise Emails for Over a Year
/in General NewsA hardcoded ClickUp API key exposed hundreds of corporate and government emails for over a year, raising new SaaS security concerns.
The post ClickUp Data Leak Exposes Enterprise Emails for Over a Year appeared first on TechRepublic.
Security Archives – TechRepublic – Read More
Decoding Q1 2026’s $152.9 Billion Crypto Custody Concentration
/in General NewsCrypto Custody Concentration hits $152.9B as institutions shift to derivatives, consolidating capital on top exchanges amid Q1 market slowdown.
Hackread – Cybersecurity News, Data Breaches, AI and More – Read More
BlueNoroff Uses Fake Zoom Calls to Turn Victims Into Attack Lures
/in General NewsThe North Korean group is using stolen victim videos, AI-generated avatars, and fake Zoom calls to scale malware attacks against cryptocurrency executives.
darkreading – Read More
Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push
/in General NewsCybersecurity researchers have disclosed details of a critical security vulnerability impacting GitHub.com and GitHub Enterprise Server that could allow an authenticated user to obtain remote code execution with a single “git push” command.
The flaw, tracked as CVE-2026-3854 (CVSS score: 8.7), is a case of command injection that could allow an attacker with push access to a repository to achieve
The Hacker News – Read More
Microsoft finally open sources DOS 1.0 – and it’s so much more than the code
/in General NewsWant a blast from the past? Microsoft just open-sourced its very first operating system, offering a rare insight into the PC’s earliest days.
Latest news – Read More
Cyber Insurance Data Gives CISOs New Ammo for Budget Talks
/in General NewsBoards may ignore alerts, but they listen to losses: new data from Resilience links security gaps directly to financial impact.
The post Cyber Insurance Data Gives CISOs New Ammo for Budget Talks appeared first on SecurityWeek.
SecurityWeek – Read More
Vidar Rises to Top of Chaotic Infostealer Market
/in General NewsThe malware has filled the gap created by last year’s law enforcement takedowns of Lumma and Rhadamanthys.
darkreading – Read More