BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [local] TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow
- [webapps] WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
- [webapps] Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)
- [local] RDPGuard 9.9.9 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
North Korea launches new unit with a focus on AI hacking, per report
/in General NewsNorth Korea is reportedly launching a new cybersecurity unit called Research Center 227 within its intelligence agency Reconnaissance General Bureau (RGB).
© 2025 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
VexTrio Using 20,000 Hacked WordPress Sites in Traffic Redirect Scheme
/in General NewsA massive cybercrime network known as “VexTrio” is using thousands of compromised WordPress sites to funnel traffic through a complex redirection scheme.
darkreading – Read More
Why It’s So Hard to Stop Rising Malicious TDS Traffic
/in General NewsCybersecurity vendors say threat actors’ abuse of traffic distribution systems (TDS) is becoming more complex and sophisticated — and much harder to detect and block.
darkreading – Read More
Israeli Spyware Graphite Targeted WhatsApp with 0-Click Exploit
/in General NewsCitizen Lab’s investigation reveals sophisticated spyware attacks exploiting WhatsApp vulnerabilities, implicating Paragon Solutions. Learn how their research exposed these threats and the implications for digital privacy.
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Speed is King: How Google’s $32B Wiz play rewrites DevOps security rules
/in General NewsThe real story behind Google acquiring Wiz is how the need for speed and better cloud security dominates every enterprise’s devops cycles.Read More
Security News | VentureBeat – Read More
Anthropic just gave Claude a superpower: real-time web search. Here’s why it changes everything
/in General NewsAnthropic launches real-time web search for Claude AI, challenging ChatGPT’s dominance while securing $3.5 billion in funding at a $61.5 billion valuation.Read More
Security News | VentureBeat – Read More
Ukraine Defense Sector Under Attack Via Dark Crystal RAT
/in General NewsThe UNC-200 threat group, active since last summer, has been utilizing the Signal messaging app to social engineer targets into downloading an infostealing remote access Trojan.
darkreading – Read More
Browser Security Under Siege: The Alarming Rise of AI-Powered Phishing
/in General NewsAnalysis reveals a 140% increase in browser phishing, including a 130% increase in zero-hour phishing attacks.
The post Browser Security Under Siege: The Alarming Rise of AI-Powered Phishing appeared first on SecurityWeek.
SecurityWeek – Read More
Dataminr Raises $85 Million for AI-Powered Information Platform
/in General NewsReal-time event and risk detection firm Dataminr has raised $85 million from NightDragon and HSBC to accelerate AI development.
The post Dataminr Raises $85 Million for AI-Powered Information Platform appeared first on SecurityWeek.
SecurityWeek – Read More
YouTube Game Cheats Spread Arcane Stealer Malware to Russian-Speaking Users
/in General NewsYouTube videos promoting game cheats are being used to deliver a previously undocumented stealer malware called Arcane likely targeting Russian-speaking users.
“What’s intriguing about this malware is how much it collects,” Kaspersky said in an analysis. “It grabs account information from VPN and gaming clients, and all kinds of network utilities like ngrok, Playit, Cyberduck, FileZilla, and
The Hacker News – Read More