BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [remote] CrushFTP 11.3.1 - Authentication Bypass
- [remote] Invision Community 5.0.6 - Remote Code Execution (RCE)
- [local] Zyxel USG FLEX H series uOS 1.31 - Privilege Escalation
- [local] RDPGuard 9.9.9 - Privilege Escalation
- [webapps] Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)
- [local] TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow
- [webapps] WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [local] VirtualBox 7.0.16 - Privilege Escalation
‘Operation RoundPress’ Targets Ukraine in XSS Webmail Attacks
/in General NewsA cyber-espionage campaign is targeting Ukrainian government entities with a series of sophisticated spear-phishing attacks that exploit XSS vulnerabilities.
darkreading – Read More
Serviceaide Leak Exposes Records of 500,000 Catholic Health Patients
/in General NewsServiceaide data leak exposes sensitive health info of 500K Catholic Health patients due to misconfigured database; risk of ID theft and fraud.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Trump Signs Controversial Law Targeting Nonconsensual Sexual Content
/in General NewsThe Take It Down Act requires platforms to remove instances of “intimate visual depiction” within two days. Free speech advocates warn it could be weaponized to fuel censorship.
Security Latest – Read More
BreachRx Lands $15 Million as Investors Bet on Breach-Workflow Software
/in General NewsSan Francisco incident response coordination startup banks $15 million in a Series A funding round led by Ballistic Ventures.
The post BreachRx Lands $15 Million as Investors Bet on Breach-Workflow Software appeared first on SecurityWeek.
SecurityWeek – Read More
Microsoft just launched an AI that discovered a new chemical in 200 hours instead of years
/in General NewsMicrosoft launches Discovery platform that uses agentic AI to compress years of scientific research into days, transforming R&D across pharmaceuticals, materials science, and semiconductor industries.Read More
Security News | VentureBeat – Read More
Legal Aid Agency Warns Lawyers, Defendants on Data Breach
/in General NewsThe online service has since been shut down as the agency grapples with the cyberattack, though it assures the public that those most in need of legal assistance will still be able to access help.
darkreading – Read More
UK Legal Aid Agency Hit by Cyberattack, Sensitive Data Stolen
/in General NewsThe UK Legal Aid Agency has suffered a major cyberattack, with “significant” sensitive data, including criminal records, stolen.…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
A Silicon Valley VC Says He Got the IDF Starlink Access Within Days of October 7 Attack
/in General NewsSequoia Capital partner Shaun Maguire said in a webinar hosted by Israel’s Defense Ministry that he connected the IDF with SpaceX’s Starlink satellite internet far sooner than believed.
Security Latest – Read More
Man Behind SEC Bitcoin Hoax Tweet Sentenced in SIM Swap Hack
/in General NewsEric Council Jr. sentenced for 2024 SIM swap that led to fake Bitcoin ETF tweet from SEC’s X account, briefly impacting crypto markets.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Microsoft goes all in on Anthropic’s MCP standard for safer AI agent deployments
/in General NewsMicrosoft anounced support for the AI data connection standard across its platform at Build 2025.
Latest stories for ZDNET in Security – Read More