BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
- [webapps] Casdoor 1.901.0 - Cross-Site Request Forgery (CSRF)
- [webapps] Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference (IDOR)
- [local] Daikin Security Gateway 14 - Remote Password Reset
- [local] ZTE ZXV10 H201L - RCE via authentication bypass
Hacker Conversations: Frank Trezza – From Phreaker to Pentester
/in General NewsFrank Trezza is fairly typical of most hackers. Early pranks sometimes leading to something more serious.
The post Hacker Conversations: Frank Trezza – From Phreaker to Pentester appeared first on SecurityWeek.
SecurityWeek – Read More
300 Arrested in Crackdown on Cybercrime Rings in Africa
/in General NewsAuthorities in seven African countries arrested 300 suspects in an international crackdown on cybercriminal networks targeting businesses.
The post 300 Arrested in Crackdown on Cybercrime Rings in Africa appeared first on SecurityWeek.
SecurityWeek – Read More
Hackers Use .NET MAUI to Target Indian and Chinese Users with Fake Banking, Social Apps
/in General NewsCybersecurity researchers are calling attention to an Android malware campaign that leverages Microsoft’s .NET Multi-platform App UI (.NET MAUI) framework to create bogus banking and social media apps targeting Indian and Chinese-speaking users.
“These threats disguise themselves as legitimate apps, targeting users to steal sensitive information,” McAfee Labs researcher Dexter Shin said.
.NET
The Hacker News – Read More
INTERPOL Arrests 306 Suspects, Seizes 1,842 Devices in Cross-Border Cybercrime Bust
/in General NewsLaw enforcement authorities in seven African countries have arrested 306 suspects and confiscated 1,842 devices as part of an international operation codenamed Red Card that took place between November 2024 and February 2025.
The coordinated effort “aims to disrupt and dismantle cross-border criminal networks which cause significant harm to individuals and businesses,” INTERPOL said, adding it
The Hacker News – Read More
Staying Safe with In-Game Skins: How to Avoid Scams and Malware
/in General NewsIn-game skins are more than just cosmetic upgrades, they’re a core part of gaming culture. Whether you’re looking…
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Cyberattack causes delays for South Africa’s largest chicken producer
/in General NewsSouth Africa’s largest chicken producer lost more than $1 million due to a recent cyberattack that caused delivery delays and other issues.
The Record from Recorded Future News – Read More
From alerts to autonomy: How leading SOCs use AI copilots to fight signal overload and staffing shortfalls
/in General NewsSOCs are seeing false positive rates drop 70%, while shaving 40+ hrs a week of manual triage thanks to the rapid advances in AI copilots.Read More
Security News | VentureBeat – Read More
The Trump administration planned Yemen strikes in an unauthorized Signal chat
/in General NewsThe Trump administration’s national security leaders accidentally included the editor-in-chief of the Atlantic, Jeffrey Goldberg, in a chat on Signal discussing confidential plans to attack Yemen’s Houthis. “I could not believe that the national-security leadership of the United States would communicate on Signal about imminent war plans,” Goldberg wrote of the March 15 messages, which […]
Security News | TechCrunch – Read More
CloudSEK Disputes Oracle Over Data Breach Denial with New Evidence
/in General NewsOracle is caught up in a cybersecurity mess right now, with claims about a massive data breach affecting…
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
5 Unexpected Devices You Didn’t Know Could Spread Malware
/in General NewsWhen you think of malware, your mind probably jumps to malicious downloads or email attachments. But it turns…
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More