BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
Experts Find Flaw in Replicate AI Service Exposing Customers’ Models and Data
/in General NewsCybersecurity researchers have discovered a critical security flaw in an artificial intelligence (AI)-as-a-service provider Replicate that could have allowed threat actors to gain access to proprietary AI models and sensitive information.
“Exploitation of this vulnerability would have allowed unauthorized access to the AI prompts and results of all Replicate’s platform customers,”
The Hacker News – Read More
Microsoft’s New Recall AI Tool May Be a ‘Privacy Nightmare’
/in General NewsPlus: US surveillance reportedly targets pro-Palestinian protesters, the FBI arrests a man for AI-generated CSAM, and stalkerware targets hotel computers.
Security Latest – Read More
Cybercriminals Exploit Cloud Storage for SMS Phishing Scams
/in General NewsSecurity researchers have revealed a series of criminal campaigns that exploit cloud storage services such as Amazon S3, Google Cloud Storage, Backblaze B2 and IBM Cloud Object Storage.
Cyware News – Latest Cyber News – Read More
NSA Issues Guidance for Maturing Application, Workload Capabilities Under Zero Trust; Dave Luber Quoted
/in General News“This guidance helps organizations disrupt malicious cyber activity by applying granular access control and visibility to applications and workloads in modern network environments,” said Dave Luber, director of cybersecurity at NSA.
Cyware News – Latest Cyber News – Read More
Beware of HTML Masquerading as PDF Viewer Login Pages
/in General NewsForcepoint X-Labs has recently observed a significant number of phishing email instances in their telemetry targeting various government departments in APAC that masquerade as PDF viewer login pages.
Cyware News – Latest Cyber News – Read More
Sharp Dragon Expands Towards Africa and The Caribbean
/in General NewsThe threat actors demonstrate increased caution in selecting their targets, broadening their reconnaissance efforts, and adopting Cobalt Strike Beacon over custom backdoors.
Cyware News – Latest Cyber News – Read More
How to Recover Deleted Emails from Exchange Server?
/in General NewsBy Waqas
Accidentally deleted emails? Don’t panic! This guide explains how to recover them from Exchange Server within the retention…
This is a post from HackRead.com Read the original post: How to Recover Deleted Emails from Exchange Server?
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Top Cloud Services Used for Malicious Website Redirects in SMS Scams
/in General NewsBy Deeba Ahmed
Fake Cloud, Real Theft!
This is a post from HackRead.com Read the original post: Top Cloud Services Used for Malicious Website Redirects in SMS Scams
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Microsoft’s ‘Recall’ Feature Draws Criticism From Privacy Advocates
/in General NewsDespite Microsoft’s reassurances, multiple security researchers describe the technology as problematic for users and their organizations.
darkreading – Read More
Research From Claroty’s Team82 Highlights Remote Access Risks Facing Mission-Critical OT Assets
/in General NewsPost Content
darkreading – Read More