BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
[wp-rss-aggregator feeds="kitploit" limit="10" pagination="off"]
Exploit DB
[wp-rss-aggregator feeds="exploit-db" limit="10" pagination="off"]
Latest news and insights on Security
Evidence Suggests Exploitation of CitrixBleed 2 Vulnerability
/in General NewsThe Citrix NetScaler vulnerability tracked as CitrixBleed 2 and CVE-2025–5777 may be exploited in the wild for initial access.
The post Evidence Suggests Exploitation of CitrixBleed 2 Vulnerability appeared first on SecurityWeek.
SecurityWeek – Read More
OneClik Malware Targets Energy Sector Using Microsoft ClickOnce and Golang Backdoors
/in General NewsCybersecurity researchers have detailed a new campaign dubbed OneClik that leverages Microsoft’s ClickOnce software deployment technology and bespoke Golang backdoors to compromise organizations within the energy, oil, and gas sectors.
“The campaign exhibits characteristics aligned with Chinese-affiliated threat actors, though attribution remains cautious,” Trellix researchers Nico Paulo
The Hacker News – Read More
Microsoft 365 Direct Send Abused for Phishing
/in General NewsHackers are abusing the Microsoft 365 Direct Send feature to deliver phishing emails that bypass email security controls.
The post Microsoft 365 Direct Send Abused for Phishing appeared first on SecurityWeek.
SecurityWeek – Read More
‘Cyber Fattah’ Hacktivist Group Leaks Saudi Games Data
/in General NewsAs tensions in the Middle East rise, hacktivist groups are coming out of the woodwork with their own agendas, leading to notable shifts in the hacktivist threat landscape.
darkreading – Read More
How an Email, Crypto Wallet and YouTube Activity Led the FBI to IntelBroker
/in General NewsFBI tracked IntelBroker as UK’s Kai West using an email address, crypto trails, YouTube activity and forum posts after dozens of high-profile data breaches and darknet activity.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
‘IntelBroker’ Suspect Arrested, Charged in High-Profile Breaches
/in General NewsA British national arrested earlier this year in France was charged by the US Department of Justice in connection with a string of major cyberattacks.
darkreading – Read More
Scam compounds labeled a ‘living nightmare’ as Cambodian government accused of turning a blind eye
/in General NewsAmnesty International said it identified dozens of scam compounds in Cambodia, calling the government’s response to the nexus of cybercrime and human trafficking “grossly inadequate.”
The Record from Recorded Future News – Read More
Critical Open VSX Registry Flaw Exposes Millions of Developers to Supply Chain Attacks
/in General NewsCybersecurity researchers have disclosed a critical vulnerability in the Open VSX Registry (“open-vsx[.]org”) that, if successfully exploited, could have enabled attackers to take control of the entire Visual Studio Code extensions marketplace, posing a severe supply chain risk.
“This vulnerability provides attackers full control over the entire extensions marketplace, and in turn, full control
The Hacker News – Read More
Homeland Security warns of Iran-backed cyberattacks targeting US networks
/in General NewsDHS said low-level cyberattacks targeting U.S. networks are “likely” in the wake of military conflict between the US and Israel, and Iran.
Security News | TechCrunch – Read More
Bipartisan Bill Aims to Block Chinese AI From Federal Agencies
/in General NewsThe proposal seeks to ban all use of the technology in the U.S. government, with exceptions for use in research and counterterrorism efforts.
The post Bipartisan Bill Aims to Block Chinese AI From Federal Agencies appeared first on SecurityWeek.
SecurityWeek – Read More