BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- TruffleHog Explorer - A User-Friendly Web-Based Tool To Visualize And Analyze Data Extracted Using TruffleHog
- PANO - Advanced OSINT Investigation Platform Combining Graph Visualization, Timeline Analysis, And AI Assistance To Uncover Hidden Connections In Data
- Wappalyzer-Next - Python library that uses Wappalyzer extension (and its fingerprints) to detect technologies
- Telegram-Checker - A Python Tool For Checking Telegram Accounts Via Phone Numbers Or Usernames
- Torward - An Improved Version Based On The Torghost-Gn And Darktor Scripts, Designed To Enhance Anonymity On The Internet
- Instagram-Brute-Force-2024 - Instagram Brute Force 2024 Compatible With Python 3.13 / X64 Bit / Only Chrome Browser
- QuickResponseC2 - A Command & Control Server That Leverages QR Codes To Send Commands And Receive Results From Remote Systems
- Telegram-Scraper - A Powerful Python Script That Allows You To Scrape Messages And Media From Telegram Channels Using The Telethon Library
- Moukthar - Android Remote Administration Tool
- Lobo Guará - Cyber Threat Intelligence Platform
Exploit DB
- [webapps] FoxCMS 1.2.5 - Remote Code Execution (RCE)
- [webapps] Drupal 11.x-dev - Full Path Disclosure
- [webapps] Apache Commons Text 1.10.0 - Remote Code Execution
- [webapps] Hunk Companion Plugin 1.9.0 - Unauthenticated Plugin Installation
- [webapps] Tatsu 3.3.11 - Unauthenticated RCE
- [remote] Langflow 1.3.0 - Remote Code Execution (RCE)
- [webapps] UJCMS 9.6.3 - User Enumeration via IDOR
- [webapps] Inventio Lite 4 - SQL Injection
- [webapps] KiviCare Clinic & Patient Management System (EHR) 3.6.4 - Unauthenticated SQL Injection
- [hardware] ABB Cylon Aspect 3.08.02 (deployStart.php) - Unauthenticated Command Execution
Identity as the new perimeter: National Oilwell Varco’s approach to stopping the 79% of attacks that are malware-free
/in General NewsNOV’s CIO led a cyber strategy fusing Zero Trust, AI, and airtight identity controls to cut threats by 35x and eliminating reimaging.Read More
Security News | VentureBeat – Read More
Organizations Fix Less Than Half of All Exploitable Vulnerabilities, With Just 21% of GenAI App Flaws Resolved
/in General NewsPost Content
darkreading – Read More
Could Ransomware Survive Without Cryptocurrency?
/in General NewsThreat actors would be at least temporarily derailed, experts say. But the real issue ladders back to organizations’ weak cyber hygiene.
darkreading – Read More
AWWA Supports Introduction of Collaborative Cybersecurity Legislation
/in General NewsPost Content
darkreading – Read More
2025’s Top OSINT Tools: A Fresh Take on Open-Source Intel
/in General NewsCheck out the top OSINT tools of 2025, an updated list featuring the best free and paid open-source…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Chinese APT Mustang Panda Debuts 4 New Attack Tools
/in General NewsThe notorious nation-state-backed threat actor has added two new keyloggers, a lateral movement tool, and an endpoint detection and response (EDR) evasion driver to its arsenal.
darkreading – Read More
Attackers and Defenders Lean on AI in Identity Fraud Battle
/in General NewsIdentity verification, insurance claims, and financial services are all seeing surges in AI-enabled fraud, but organizations are taking advantage of AI systems to fight fire with fire.
darkreading – Read More
The Shadow AI Surge: Study Finds 50% of Workers Use Unapproved AI Tools
/in General NewsWith unapproved AI tools entrenched in daily workflows, experts say it’s time to shift from monitoring to managing Shadow AI use across the enterprise.
The post The Shadow AI Surge: Study Finds 50% of Workers Use Unapproved AI Tools appeared first on SecurityWeek.
SecurityWeek – Read More
That Google email look real? Don’t click – it might be scam. Here’s how to tell
/in General NewsUntil Google rolls out a fix, you’ll have to be on the lookout for this particularly convincing phishing scam.
Latest stories for ZDNET in Security – Read More
Alleged SmokeLoader malware operator facing federal charges in Vermont
/in General NewsAn alleged operator of the SmokeLoader malware is now facing federal hacking charges in Vermont after accusations that he stole personal information on more than 65,000 people.
The Record from Recorded Future News – Read More