BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [local] TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow
- [webapps] WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
- [webapps] Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)
- [local] RDPGuard 9.9.9 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
How to Avoid US-Based Digital Services—and Why You Might Want To
/in General NewsAmid growing concerns over Big Tech firms aligning with Trump administration policies, people are starting to move their digital lives to services based overseas. Here’s what you need to know.
Security Latest – Read More
Ransomware Group Claims Attacks on Ascom, Jaguar Land Rover
/in General NewsThe Hellcat ransomware group claims to have stolen tens of gigabytes of data from Ascom and Jaguar Land Rover.
The post Ransomware Group Claims Attacks on Ascom, Jaguar Land Rover appeared first on SecurityWeek.
SecurityWeek – Read More
Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility
/in General NewsTwo now-patched security flaws impacting Cisco Smart Licensing Utility are seeing active exploitation attempts, according to SANS Internet Storm Center.
The two critical-rated vulnerabilities in question are listed below –
CVE-2024-20439 (CVSS score: 9.8) – The presence of an undocumented static user credential for an administrative account that an attacker could exploit to log in to an
The Hacker News – Read More
Where Is Computer Vision Essential Today? Insights from Alltegrio’s CEO
/in General NewsToday, we are discussing Computer Vision applications, one of the most impactful AI-powered technologies that is reshaping our…
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Former Michigan football coach indicted in hacks of athlete databases of more than 100 colleges
/in General NewsFederal prosecutors said Matthew Weiss, a former assistant football coach at the University of Michigan, learned hacking skills to breach online databases, primarily targeting information about “female college athletes.”
The Record from Recorded Future News – Read More
Federal judge blocks DOGE’s access to Social Security Administration’s banks of personal information
/in General NewsThe order accused DOGE of engaging in a “fishing expedition” at the federal agency.
© 2025 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
North Korea launches new unit with a focus on AI hacking, per report
/in General NewsNorth Korea is reportedly launching a new cybersecurity unit called Research Center 227 within its intelligence agency Reconnaissance General Bureau (RGB).
© 2025 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
VexTrio Using 20,000 Hacked WordPress Sites in Traffic Redirect Scheme
/in General NewsA massive cybercrime network known as “VexTrio” is using thousands of compromised WordPress sites to funnel traffic through a complex redirection scheme.
darkreading – Read More
Why It’s So Hard to Stop Rising Malicious TDS Traffic
/in General NewsCybersecurity vendors say threat actors’ abuse of traffic distribution systems (TDS) is becoming more complex and sophisticated — and much harder to detect and block.
darkreading – Read More
Israeli Spyware Graphite Targeted WhatsApp with 0-Click Exploit
/in General NewsCitizen Lab’s investigation reveals sophisticated spyware attacks exploiting WhatsApp vulnerabilities, implicating Paragon Solutions. Learn how their research exposed these threats and the implications for digital privacy.
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More