BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] WP Publications WordPress Plugin 1.2 - Stored XSS
- [local] Microsoft Graphics Component Windows 11 Pro (Build 26100+) - Local Elevation of Privileges
- [remote] Keras 2.15 - Remote Code Execution (RCE)
- [local] Microsoft Brokering File System Windows 11 Version 22H2 - Elevation of Privilege
- [webapps] PivotX 3.0.0 RC3 - Remote Code Execution (RCE)
- [hardware] TOTOLINK N300RB 8.54 - Command Execution
- [webapps] SugarCRM 14.0.0 - SSRF/Code Injection
- [webapps] Langflow 1.2.x - Remote Code Execution (RCE)
- [remote] NodeJS 24.x - Path Traversal
- [remote] MikroTik RouterOS 7.19.1 - Reflected XSS
FBI Director Wray Issues Dire Warning on China’s Cybersecurity Threat
/in General NewsChinese actors are ready and poised to do “devastating” damage to key US infrastructure services if needed, he said.
darkreading – Read More
Miggo Launches Application Detection and Response (ADR) Solution
/in General NewsPost Content
darkreading – Read More
Breakthrough in Quantum Cloud Computing Ensures its Security and Privacy
/in General NewsOxford University researchers used an approach dubbed “blind quantum computing” to connect two quantum computing entities in a way that is completely secure.
Security | TechRepublic – Read More
UNDP, City of Copenhagen Targeted in Data-Extortion Cyberattack
/in General NewsA ransomware gang claimed responsibility for the attack, though it is unknown if a ransom was demanded or paid.
darkreading – Read More
Multiple LastPass Users Lose Master Passwords to Ultra-Convincing Scam
/in General NewsCryptoChameleon attackers trade quantity for quality, dedicating time and resources to trick even the most diligent user into handing over their high-value credentials.
darkreading – Read More
Rethinking How You Work With Detection and Response Metrics
/in General NewsAirbnb’s Allyn Stott recommends adding the Human Maturity Model (HMM) and the SABRE framework to complement MITRE ATT&CK to improve security metrics analysis.
darkreading – Read More
BreachRx Raises $6.5M to Revamp Incident Response Reporting Systems
/in General NewsInvestors make an early-stage $6.5 million bet on BreachRx, a startup promising to shield cybersecurity executives from personal liability.
The post BreachRx Raises $6.5M to Revamp Incident Response Reporting Systems appeared first on SecurityWeek.
SecurityWeek – Read More
The Biggest Deepfake Porn Website Is Now Blocked in the UK
/in General NewsThe world’s most-visited deepfake website and another large competing site are stopping people in the UK from accessing them, days after the UK government announced a crackdown.
Security Latest – Read More
Fake Cheat Lures Gamers Into Spreading Infostealer Malware
/in General NewsA new info-stealing malware linked to Redline poses as a game cheat called ‘Cheat Lab,’ promising downloaders a free copy if they convince their friends to install it too.
Cyware News – Latest Cyber News – Read More
Dark Web Sales Driving Major Rise in Credential Attacks
/in General NewsA rise in infostealer malware attacks over the past three years has enabled cybercriminal groups to turn credential stealing into a major money-making business, paving the way for new entrants in the field and sophisticated hacking techniques.
Cyware News – Latest Cyber News – Read More