BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
- Uro - Declutters Url Lists For Crawling/Pentesting
- Wshlient - A Simple Tool To Interact With Web Shells And Command Injection Vulnerabilities
Exploit DB
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
- [webapps] Casdoor 1.901.0 - Cross-Site Request Forgery (CSRF)
- [webapps] Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference (IDOR)
- [local] Daikin Security Gateway 14 - Remote Password Reset
- [local] ZTE ZXV10 H201L - RCE via authentication bypass
Hijacked Facebook Pages are pushing fake AI services to steal your data
/in General NewsAnd millions of Facebook users appear to be falling for it.
Latest stories for ZDNET in Security – Read More
The music industry must find a way to stay in tune with GenAI
/in General NewsArtificial intelligence can continue to amplify human creativity, if everyone plays by certain key principles.
Latest stories for ZDNET in Security – Read More
Fake Facebook MidJourney AI Page Promoted Malware to 1.2 Million People
/in General NewsHackers are using Facebook advertisements and hijacked pages to promote fake Artificial Intelligence services, such as MidJourney, OpenAI’s SORA and ChatGPT-5, and DALL-E, to infect unsuspecting users with password-stealing malware.
Cyware News – Latest Cyber News – Read More
Google Chrome Adds V8 Sandbox – A New Defense Against Browser Attacks
/in General NewsGoogle has announced support for what’s called a V8 Sandbox in the Chrome web browser in an effort to address memory corruption issues.
The sandbox, according to V8 Security technical lead Samuel Groß, aims to prevent “memory corruption in V8 from spreading within the host process.”
The search behemoth has described V8 Sandbox as a lightweight, in-process sandbox
The Hacker News – Read More
Escalation of Fake E-Shop Campaign Threatens Banking Security in Multiple Regions
/in General NewsThe threat actor behind the fake e-shop campaign leverages tools such as the open-source string obfuscator “Paranoid” and the Janus WebRTC module, showcasing a deep understanding of technological intricacies to evade detection and amplify impact.
Cyware News – Latest Cyber News – Read More
Thousands of Ivanti VPN Appliances Impacted by Recent Vulnerability
/in General NewsResearchers at the Shadowserver Foundation identify thousands of internet-exposed Ivanti VPN appliances likely impacted by a recently disclosed vulnerability leading to remote code execution.
The post Thousands of Ivanti VPN Appliances Impacted by Recent Vulnerability appeared first on SecurityWeek.
SecurityWeek – Read More
Hotel Check-In Terminal Leaks Rafts of Guests’ Room Codes
/in General NewsMartin Schobert at Swiss security firm Pentagrid discovered that an attacker could input a series of six consecutive dashes (——) in place of a booking reference number and the terminal would return an extensive list of room details.
Cyware News – Latest Cyber News – Read More
Key Lawmakers Float New Rules for Personal Data Protection; Bill Would Make Privacy a Consumer Right
/in General NewsThe American Privacy Rights Act would preempt most state privacy laws — though it wouldn’t impact certain states’ laws already on the books that protect financial, health or employee data.
The post Key Lawmakers Float New Rules for Personal Data Protection; Bill Would Make Privacy a Consumer Right appeared first on SecurityWeek.
SecurityWeek – Read More
Confidential VMs Hacked via New Ahoi Attacks
/in General NewsNew Ahoi attacks Heckler and WeSee target AMD SEV-SNP and Intel TDX with malicious interrupts to hack confidential VMs.
The post Confidential VMs Hacked via New Ahoi Attacks appeared first on SecurityWeek.
SecurityWeek – Read More
The Legacy of a Security Breach
/in General NewsBy Daily Contributors
Today over at Resonance Security I am going to look at one of the more unusual ways in…
This is a post from HackRead.com Read the original post: The Legacy of a Security Breach
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More