BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
- [webapps] Casdoor 1.901.0 - Cross-Site Request Forgery (CSRF)
- [webapps] Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference (IDOR)
- [local] Daikin Security Gateway 14 - Remote Password Reset
- [local] ZTE ZXV10 H201L - RCE via authentication bypass
Hackers steal sensitive data from Pennsylvania county during ransomware attack
/in General NewsThe government of Union County in central Pennsylvania said a recent ransomware attack exposed information related to law enforcement and other government business.
The Record from Recorded Future News – Read More
AI bots scraping your data? This free tool gives those pesky crawlers the run-around
/in General NewsCloudflare’s AI Labyrinth has a message for bots: Get lost. Here’s how to toggle on the tool.
Latest stories for ZDNET in Security – Read More
New Phishing Campaign Targets macOS Users with Fake Security Alerts
/in General NewsLayerX Labs reports a sophisticated macOS phishing campaign, evading security measures. Learn how attackers adapt and steal credentials from Mac users.
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Cyber Guardians: INE Security Champions Cybersecurity Training During National Physicians Week 2025
/in General NewsCary, NC, 24th March 2025, CyberNewsWire
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Microsoft Adds Inline Data Protection to Edge for Business to Block GenAI Data Leaks
/in General NewsMicrosoft on Monday announced a new feature called inline data protection for its enterprise-focused Edge for Business web browser.
The native data security control is designed to prevent employees from sharing sensitive company-related data into consumer generative artificial intelligence (GenAI) apps like OpenAI ChatGPT, Google Gemini, and DeepSeek. The list will be expanded over time to
The Hacker News – Read More
Did your Google Maps Timeline disappear? Here’s the fix to get yours back
/in General NewsGoogle has admitted a technical issue caused timeline data to vanish. But you might be able to get yours back. Here’s how.
Latest stories for ZDNET in Security – Read More
US Weakens Disinformation Defenses, as Russia & China Ramp Up
/in General NewsRussia and China spend billions of dollars on state media, propaganda, and disinformation, while the Trump administration has slashed funding for US agencies.
darkreading – Read More
Oracle Denies Claim of Oracle Cloud Breach of 6M Records
/in General NewsA threat actor posted data on Breachforums from an alleged supply-chain attack that affected more than 140K tenants, claiming to have compromised the cloud via a zero-day flaw in WebLogic, researchers say.
darkreading – Read More
Cyberattack disrupts train ticket sales in Ukraine
/in General NewsUkrzaliznytsia, Ukraine’s state-owned railway operator, has been hit by a cyberattack that disrupted online ticket sales.
Security News | TechCrunch – Read More
Oracle Denies Cloud Breach After Hacker Offers to Sell Data
/in General NewsOracle has denied that Cloud systems have been breached after a hacker claimed to have stolen millions of records.
The post Oracle Denies Cloud Breach After Hacker Offers to Sell Data appeared first on SecurityWeek.
SecurityWeek – Read More