BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
- [remote] Microsoft Excel 2024 Use after free - Remote Code Execution (RCE)
RSAC 2025: AI Everywhere, Trust Nowhere
/in General NewsWe’re at an inflection point. AI is changing the game, but the rules haven’t caught up.
darkreading – Read More
Critical Infrastructure Under Siege: OT Security Still Lags
/in General NewsWith critical infrastructure facing constant cyber threats from the Typhoons and other corners, federal agencies and others are warning security for the OT network, a core technology in many critical sectors, is not powered up enough.
darkreading – Read More
Production at Steelmaker Nucor Disrupted by Cyberattack
/in General NewsAmerican steel giant Nucor on Wednesday disclosed a cybersecurity incident that bears the hallmarks of a ransomware attack.
The post Production at Steelmaker Nucor Disrupted by Cyberattack appeared first on SecurityWeek.
SecurityWeek – Read More
You.com’s ARI Enterprise crushes OpenAI in head-to-head tests, aims at deep research market
/in General NewsYou.com launches ARI Enterprise, an AI research platform that outperforms OpenAI in 76% of head-to-head tests and integrates with enterprise data sources to transform business intelligence with 400+ source analysis.Read More
Security News | VentureBeat – Read More
Pen Testing for Compliance Only? It’s Time to Change Your Approach
/in General NewsImagine this: Your organization completed its annual penetration test in January, earning high marks for security compliance. In February, your development team deployed a routine software update. By April, attackers had already exploited a vulnerability introduced in that February update, gaining access to customer data weeks before being finally detected.
This situation isn’t theoretical: it
The Hacker News – Read More
Coinbase says customers’ personal information stolen in data breach
/in General NewsThe crypto exchange giant said the hacker bribed contractors and employees in support roles to steal data.
Security News | TechCrunch – Read More
Why Cloud Phone Systems are The Future of Business Communication
/in General NewsOver the years, many different technologies have transitioned to Cloud-based solutions, including ERP systems and email management platforms.…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Police Shut Down Fake Trading Platform That Scammed Hundreds
/in General NewsPolice in Europe have shut down a fake online trading platform that scammed hundreds of victims out of…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Ransomware Groups, Chinese APTs Exploit Recent SAP NetWeaver Flaws
/in General NewsTwo ransomware groups and several Chinese APTs have been exploiting two recent SAP NetWeaver vulnerabilities.
The post Ransomware Groups, Chinese APTs Exploit Recent SAP NetWeaver Flaws appeared first on SecurityWeek.
SecurityWeek – Read More
5 BCDR Essentials for Effective Ransomware Defense
/in General NewsRansomware has evolved into a deceptive, highly coordinated and dangerously sophisticated threat capable of crippling organizations of any size. Cybercriminals now exploit even legitimate IT tools to infiltrate networks and launch ransomware attacks. In a chilling example, Microsoft recently disclosed how threat actors misused its Quick Assist remote assistance tool to deploy the destructive
The Hacker News – Read More