BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
- Uro - Declutters Url Lists For Crawling/Pentesting
- Wshlient - A Simple Tool To Interact With Web Shells And Command Injection Vulnerabilities
Exploit DB
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
- [webapps] Casdoor 1.901.0 - Cross-Site Request Forgery (CSRF)
- [webapps] Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference (IDOR)
- [local] Daikin Security Gateway 14 - Remote Password Reset
- [local] ZTE ZXV10 H201L - RCE via authentication bypass
Demand for ‘Secure by Design’ Product Growing, Creating Opportunity for Software Security Specialization
/in General NewsPost Content
darkreading – Read More
LightEdge Releases Next-Gen Suite of Cloud Security & Managed Services
/in General NewsPost Content
darkreading – Read More
Vade Releases 2023 Phishers’ Favorites Report
/in General NewsPost Content
darkreading – Read More
Strata Identity Reins in Global Access and Compliance Challenges With Cross-Border Orchestration Recipes
/in General NewsPost Content
darkreading – Read More
DoJ Breaks Russian Military Botnet in Fancy Bear Takedown
/in General NewsThe feds disrupted a Russian intelligence SOHO router botnet notable for being built with Moobot malware rather than custom code.
darkreading – Read More
Microsoft Exchange Server Flaw Exploited as a Zero-Day Bug
/in General NewsMicrosoft has observed signs of active exploits targeting CVE-2024-2140.
darkreading – Read More
DataDome Expands Bot Bounty Program to the Public, Invites Researchers to Rigorously Test its Solution
/in General NewsPost Content
darkreading – Read More
CISA HBOM Framework Doesn’t Go Far Enough
/in General NewsCISA’s recently introduced framework for hardware bill of materials is an important step in addressing semiconductor risks. But further tracking beyond manufacturing is critical to its usefulness.
darkreading – Read More
Surge in ‘Hunter-Killer’ Malware Uncovered by Picus Security
/in General NewsPost Content
darkreading – Read More
Critical Software Vulnerabilities Impacting Credit Unions Discovered by LMG Security Researcher
/in General NewsPost Content
darkreading – Read More