BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
- [webapps] Casdoor 1.901.0 - Cross-Site Request Forgery (CSRF)
- [webapps] Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference (IDOR)
- [local] Daikin Security Gateway 14 - Remote Password Reset
- [local] ZTE ZXV10 H201L - RCE via authentication bypass
What is Signal? 7 features that make it a go-to app for private, secure messaging
/in General NewsSignal is in the news for all the wrong reasons. Here’s what to know about it and why it remains a top choice for protecting conversations.
Latest stories for ZDNET in Security – Read More
Europol Warns Criminal Networks Are Embracing AI, Making Fraud Smarter and Harder to Detect
/in General News“The same qualities that make AI revolutionary – accessibility, adaptability and sophistication – also make it a powerful tool for criminal networks,” Europol says.
Security | TechRepublic – Read More
Active Roles Wins 2025 Cybersecurity Excellence Award for Hybrid Active Directory Protection
/in General NewsAlisa Viejo, United States, 25th March 2025, CyberNewsWire
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Vulnerability Exploitation Possibly Behind Widespread DrayTek Router Reboots
/in General NewsDrayTek routers around the world are rebooting and the vendor’s statement suggests that it may involve the exploitation of a vulnerability.
The post Vulnerability Exploitation Possibly Behind Widespread DrayTek Router Reboots appeared first on SecurityWeek.
SecurityWeek – Read More
Microsoft Adds AI Agents to Security Copilot
/in General NewsMicrosoft has expanded the capabilities of Security Copilot with AI agents tackling data security, phishing, and identity management.
The post Microsoft Adds AI Agents to Security Copilot appeared first on SecurityWeek.
SecurityWeek – Read More
VMware Patches Authentication Bypass Flaw in Windows Tools Suite
/in General NewsThe authentication bypass vulnerability, tagged as CVE-2025-22230, carries a CVSS severity score of 7.8/10.
The post VMware Patches Authentication Bypass Flaw in Windows Tools Suite appeared first on SecurityWeek.
SecurityWeek – Read More
Researchers Uncover ~200 Unique C2 Domains Linked to Raspberry Robin Access Broker
/in General NewsA new investigation has unearthed nearly 200 unique command-and-control (C2) domains associated with a malware called Raspberry Robin.
“Raspberry Robin (also known as Roshtyak or Storm-0856) is a complex and evolving threat actor that provides initial access broker (IAB) services to numerous criminal groups, many of which have connections to Russia,” Silent Push said in a report shared with The
The Hacker News – Read More
Charm Security Emerges From Stealth With $8 Million in Funding
/in General NewsCharm Security has emerged from stealth mode with $8 million in funding for AI-powered scams and social engineering prevention.
The post Charm Security Emerges From Stealth With $8 Million in Funding appeared first on SecurityWeek.
SecurityWeek – Read More
Auto Draft
/in General NewsPost Content
techsplicer – Read More
Numotion Data Breach Impacts Nearly 500,000 People
/in General NewsEmail-related data breach suffered by wheelchair and other mobility equipment provider Numotion affects almost 500,000 individuals.
The post Numotion Data Breach Impacts Nearly 500,000 People appeared first on SecurityWeek.
SecurityWeek – Read More