BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Skyvern 0.1.85 - Remote Code Execution (RCE) via SSTI
- [remote] PCMan FTP Server 2.0.7 - Buffer Overflow
- [webapps] Litespeed Cache WordPress Plugin 6.3.0.1 - Privilege Escalation
- [local] Parrot and DJI variants Drone OSes - Kernel Panic Exploit
- [remote] Windows 11 SMB Client - Privilege Escalation & Remote Code Execution (RCE)
- [remote] AirKeyboard iOS App 1.0.5 - Remote Input Injection
- [webapps] PHP CGI Module 8.3.4 - Remote Code Execution (RCE)
- [remote] WebDAV Windows 10 - Remote Code Execution (RCE)
- [local] Microsoft Excel Use After Free - Local Code Execution
- [remote] Windows File Explorer Windows 10 Pro x64 - TAR Extraction
Hackers Leak Data of 10,000 VirtualMacOSX Customers in Alleged Breach
/in General NewsHackers leak data of 10,000 VirtualMacOSX customers in alleged breach, exposing names, emails, passwords, and financial details on a hacking forum.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
How to Monetize Unity Apps: Best Practices
/in General NewsUnity is one of the most popular game engines for mobile and cross-platform app development. It powers millions…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Anne Wojcicki’s nonprofit reaches deal to acquire 23andMe
/in General NewsBeleaguered genetic testing company 23andMe announced Friday that it has reached an agreement to sell itself to TTAM Research Institute, a nonprofit led by the company’s co-founder and former CEO Anne Wojcicki.
Security News | TechCrunch – Read More
Got a new password manager? How to clean up the password mess you left in the cloud
/in General NewsEvery major browser on every platform offers a way to save passwords and passkeys. If you use a third-party password manager, those built-in features can create a big mess. Here’s how to clean things up.
Latest stories for ZDNET in Security – Read More
RFK Jr. Orders HHS to Give Undocumented Migrants’ Medicaid Data to DHS
/in General NewsPlus: Spyware is found on two Italian journalists’ phones, Ukraine claims to have hacked a Russian aircraft maker, police take down major infostealer infrastructure, and more.
Security Latest – Read More
Discord Invite Link Hijacking Delivers AsyncRAT and Skuld Stealer Targeting Crypto Wallets
/in General NewsA new malware campaign is exploiting a weakness in Discord’s invitation system to deliver an information stealer called Skuld and the AsyncRAT remote access trojan.
“Attackers hijacked the links through vanity link registration, allowing them to silently redirect users from trusted sources to malicious servers,” Check Point said in a technical report. “The attackers combined the ClickFix
The Hacker News – Read More
‘No Kings’ Protests, Citizen-Run ICE Trackers Trigger Intelligence Warnings
/in General NewsArmy intelligence analysts are monitoring civilian-made ICE tracking tools, treating them as potential threats, as immigration protests spread nationwide.
Security Latest – Read More
CISA Reveals ‘Pattern’ of Ransomware Attacks Against SimpleHelp RMM
/in General NewsA new Cybersecurity and Infrastructure Security Agency (CISA) advisory warned ransomware actors have been actively exploiting a critical SimpleHelp flaw since January.
darkreading – Read More
Coker: We can’t have economic prosperity or national security without cybersecurity
/in General NewsCoker spoke to Recorded Future News about his time as National Cyber Director, what he considers his biggest successes and what he would tell his replacement – who is currently going through the confirmation process.
The Record from Recorded Future News – Read More
The cloud broke Thursday and it’ll happen again – how to protect your business before then
/in General NewsSimply using a multi-cloud or hybrid cloud isn’t enough.
Latest stories for ZDNET in Security – Read More