BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [local] TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow
- [webapps] WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
- [webapps] Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)
- [local] RDPGuard 9.9.9 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
Coinbase Will Reimburse Customers Up to $400 Million After Data Breach
/in General NewsPlus: 12 more people are indicted over a $263 million crypto heist, and a former FBI director is accused of threatening Donald Trump thanks to an Instagram post of seashells.
Security Latest – Read More
HubSpot vs Salesforce: Which CRM Fits Your Business?
/in General NewsYou’ve got an important choice to make: HubSpot or Salesforce?
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
[Virtual Event] Strategic Security for the Modern Enterprise
/in General NewsPost Content
darkreading – Read More
Hack of SEC social media account earns 14-month prison sentence for Alabama man
/in General NewsThe January 2024 attack resulted in fraudulent posts on the SEC’s account that altered the market value of bitcoin.
The Record from Recorded Future News – Read More
US man who hacked SEC’s X account to spike Bitcoin price sentenced to prison
/in General NewsThe Department of Justice announced Eric Council Jr. was sentenced to 14 months in prison for the hack.
Security News | TechCrunch – Read More
Shrink exploit windows, slash MTTP: Why ring deployment is now a must for enterprise defense
/in General NewsRing deployment slashes MTTP and legacy CVE risk. Learn how Ivanti and Southstar Bank are modernizing patch strategy with real-time intel.Read More
Security News | VentureBeat – Read More
Pwn2Own Berlin 2025: Windows 11, VMware, Firefox and Others Hacked
/in General NewsThe beginning of Pwn2Own Berlin 2025, hosted at the OffensiveCon conference, has concluded its first two days with…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Australian Human Rights Commission Leaks Docs in Data Breach
/in General NewsAn internal error led to public disclosure of reams of sensitive data that could be co-opted for follow-on cyberattacks.
darkreading – Read More
Dynamic DNS Emerges as Go-to Cyberattack Facilitator
/in General NewsScattered Spider and other phishers and hacking groups are using rentable subdomains from dynamic DNS providers to obfuscate their activity and impersonate well-known brands.
darkreading – Read More
Attacker Specialization Puts Threat Modeling on Defensive
/in General NewsSpecialization among threat groups poses challenges for defenders, who now must distinguish between different actors responsible for different facets of an attack.
darkreading – Read More