BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
- Uro - Declutters Url Lists For Crawling/Pentesting
- Wshlient - A Simple Tool To Interact With Web Shells And Command Injection Vulnerabilities
- Pulsegram - Integrated Keylogger With Telegram
- Scrapling - An Undetectable, Powerful, Flexible, High-Performance Python Library That Makes Web Scraping Simple And Easy Again!
- VulnKnox - A Go-based Wrapper For The KNOXSS API To Automate XSS Vulnerability Testing
- Camtruder - Advanced RTSP Camera Discovery and Vulnerability Assessment Tool
Exploit DB
- [local] Microsoft - NTLM Hash Disclosure Spoofing (library-ms)
- [local] ZTE ZXV10 H201L - RCE via authentication bypass
- [local] Daikin Security Gateway 14 - Remote Password Reset
- [local] Microsoft Windows - XRM-MS File NTLM Information Disclosure Spoofing
- [local] unzip-stream 0.3.1 - Arbitrary File Write
- [remote] code-projects Online Exam Mastering System 1.0 - Reflected Cross-Site Scripting (XSS)
- [local] Microsoft Windows 11 23h2 - CLFS.sys Elevation of Privilege
- [remote] OpenSSH server (sshd) 9.8p1 - Race Condition
- [remote] WonderCMS 3.4.2 - Remote Code Execution (RCE)
- [local] tar-fs 3.0.0 - Arbitrary File Write/Overwrite
Data breach at stalkerware SpyX affects close to 2 million, including thousands of Apple users
/in General NewsAnother consumer-grade spyware operation was hacked in June 2024, which exposed thousands of Apple Account credentials.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Critical Fortinet Vulnerability Draws Fresh Attention
/in General NewsCISA this week added CVE-2025-24472 to its catalog of known exploited vulnerabilities, citing ransomware activity targeting the authentication bypass flaw.
darkreading – Read More
TechRepublic EXCLUSIVE: New Ransomware Attacks are Getting More Personal as Hackers ‘Apply Psychological Pressure”
/in General NewsRansomware attackers know where your kids go to school and they want you to know it, according to professional negotiators at Sygnia.
Security | TechRepublic – Read More
Nation-State Groups Abuse Microsoft Windows Shortcut Exploit
/in General NewsTrend Micro uncovered a method that nation-state threat actors are using to target victims via the Windows .Ink shortcut file extension.
darkreading – Read More
Enterprises Gain Control Over LLM Oversharing With Prompt Security’s GenAI Authorization
/in General NewsPost Content
darkreading – Read More
Infosys Settles $17.5M Class Action Lawsuit After Sprawling Third-Party Breach
/in General NewsSeveral major companies in the finance sector were impacted by the third-party breach, prompting them to notify thousands of customers of their compromised data.
darkreading – Read More
11 Nation-State Hackers Exploit Unpatched Windows Flaw Since 2017
/in General NewsMicrosoft refuses to patch serious Windows shortcut vulnerability abused in global espionage campaigns!
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
SecPod launches Saner Cloud: A Revolutionary CNAPP For Preventive Cybersecurity
/in General NewsBengaluru, India, 19th March 2025, CyberNewsWire
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
AI Cloud Adoption Is Rife With Cyber Mistakes
/in General NewsResearch finds that organizations are granting root access by default and making other big missteps, including a Jenga-like building concept, in deploying and configuring AI services in cloud deployments.
darkreading – Read More
Orion Security Raises $6 Million to Tackle Insider Threats and Data Leaks with AI-Driven DLP
/in General NewsOrion protects against data exfiltration by using AI to compare actual data flows against permitted and expected data flows.
The post Orion Security Raises $6 Million to Tackle Insider Threats and Data Leaks with AI-Driven DLP appeared first on SecurityWeek.
SecurityWeek – Read More