BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [local] TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow
- [webapps] WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
- [webapps] Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)
- [local] RDPGuard 9.9.9 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
Ransomware Shifts Tactics as Payouts Drop: Critical Infrastructure in the Crosshairs
/in General NewsThreats themselves change very little, but the tactics used are continually revised to maximize the criminals’ return on investment and effort.
The post Ransomware Shifts Tactics as Payouts Drop: Critical Infrastructure in the Crosshairs appeared first on SecurityWeek.
SecurityWeek – Read More
Medusa Ransomware Disables Anti-Malware Tools with Stolen Certificates
/in General NewsCybercriminals exploit AbyssWorker driver to disable EDR systems, deploying MEDUSA ransomware with revoked certificates for stealthy attacks.
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
IngressNightmare Flaws Expose Many Kubernetes Clusters to Remote Hacking
/in General NewsCritical remote code execution vulnerabilities found by Wiz researchers in Ingress NGINX Controller for Kubernetes.
The post IngressNightmare Flaws Expose Many Kubernetes Clusters to Remote Hacking appeared first on SecurityWeek.
SecurityWeek – Read More
Hacker Conversations: Frank Trezza – From Phreaker to Pentester
/in General NewsFrank Trezza is fairly typical of most hackers. Early pranks sometimes leading to something more serious.
The post Hacker Conversations: Frank Trezza – From Phreaker to Pentester appeared first on SecurityWeek.
SecurityWeek – Read More
300 Arrested in Crackdown on Cybercrime Rings in Africa
/in General NewsAuthorities in seven African countries arrested 300 suspects in an international crackdown on cybercriminal networks targeting businesses.
The post 300 Arrested in Crackdown on Cybercrime Rings in Africa appeared first on SecurityWeek.
SecurityWeek – Read More
Hackers Use .NET MAUI to Target Indian and Chinese Users with Fake Banking, Social Apps
/in General NewsCybersecurity researchers are calling attention to an Android malware campaign that leverages Microsoft’s .NET Multi-platform App UI (.NET MAUI) framework to create bogus banking and social media apps targeting Indian and Chinese-speaking users.
“These threats disguise themselves as legitimate apps, targeting users to steal sensitive information,” McAfee Labs researcher Dexter Shin said.
.NET
The Hacker News – Read More
INTERPOL Arrests 306 Suspects, Seizes 1,842 Devices in Cross-Border Cybercrime Bust
/in General NewsLaw enforcement authorities in seven African countries have arrested 306 suspects and confiscated 1,842 devices as part of an international operation codenamed Red Card that took place between November 2024 and February 2025.
The coordinated effort “aims to disrupt and dismantle cross-border criminal networks which cause significant harm to individuals and businesses,” INTERPOL said, adding it
The Hacker News – Read More
Staying Safe with In-Game Skins: How to Avoid Scams and Malware
/in General NewsIn-game skins are more than just cosmetic upgrades, they’re a core part of gaming culture. Whether you’re looking…
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Cyberattack causes delays for South Africa’s largest chicken producer
/in General NewsSouth Africa’s largest chicken producer lost more than $1 million due to a recent cyberattack that caused delivery delays and other issues.
The Record from Recorded Future News – Read More
From alerts to autonomy: How leading SOCs use AI copilots to fight signal overload and staffing shortfalls
/in General NewsSOCs are seeing false positive rates drop 70%, while shaving 40+ hrs a week of manual triage thanks to the rapid advances in AI copilots.Read More
Security News | VentureBeat – Read More