BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [local] TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow
- [webapps] WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
- [webapps] Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)
- [local] RDPGuard 9.9.9 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
Vulnerability Exploitation Possibly Behind Widespread DrayTek Router Reboots
/in General NewsDrayTek routers around the world are rebooting and the vendor’s statement suggests that it may involve the exploitation of a vulnerability.
The post Vulnerability Exploitation Possibly Behind Widespread DrayTek Router Reboots appeared first on SecurityWeek.
SecurityWeek – Read More
Microsoft Adds AI Agents to Security Copilot
/in General NewsMicrosoft has expanded the capabilities of Security Copilot with AI agents tackling data security, phishing, and identity management.
The post Microsoft Adds AI Agents to Security Copilot appeared first on SecurityWeek.
SecurityWeek – Read More
VMware Patches Authentication Bypass Flaw in Windows Tools Suite
/in General NewsThe authentication bypass vulnerability, tagged as CVE-2025-22230, carries a CVSS severity score of 7.8/10.
The post VMware Patches Authentication Bypass Flaw in Windows Tools Suite appeared first on SecurityWeek.
SecurityWeek – Read More
Researchers Uncover ~200 Unique C2 Domains Linked to Raspberry Robin Access Broker
/in General NewsA new investigation has unearthed nearly 200 unique command-and-control (C2) domains associated with a malware called Raspberry Robin.
“Raspberry Robin (also known as Roshtyak or Storm-0856) is a complex and evolving threat actor that provides initial access broker (IAB) services to numerous criminal groups, many of which have connections to Russia,” Silent Push said in a report shared with The
The Hacker News – Read More
Charm Security Emerges From Stealth With $8 Million in Funding
/in General NewsCharm Security has emerged from stealth mode with $8 million in funding for AI-powered scams and social engineering prevention.
The post Charm Security Emerges From Stealth With $8 Million in Funding appeared first on SecurityWeek.
SecurityWeek – Read More
Auto Draft
/in General NewsPost Content
techsplicer – Read More
Numotion Data Breach Impacts Nearly 500,000 People
/in General NewsEmail-related data breach suffered by wheelchair and other mobility equipment provider Numotion affects almost 500,000 individuals.
The post Numotion Data Breach Impacts Nearly 500,000 People appeared first on SecurityWeek.
SecurityWeek – Read More
CYREBRO Recognized in Gartner Emerging Tech Report for Detection and Response Startups
/in General NewsRamat Gan, Israel, 25th March 2025, CyberNewsWire
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Security teams can respond 80% faster to events with Cyberhaven’s AI-powered data lineage tools
/in General NewsThe security platform built specific large lineage models (LLiMs) to track data lifecycles across users and endpoints and detect shadow AI.Read More
Security News | VentureBeat – Read More
Chinese APT Weaver Ant Targeting Telecom Providers in Asia
/in General NewsWeaver Ant, a cyberespionage-focused APT operating out of China, is targeting telecom providers for persistent access.
The post Chinese APT Weaver Ant Targeting Telecom Providers in Asia appeared first on SecurityWeek.
SecurityWeek – Read More