BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Stacks Mobile App Builder 5.2.3 - Authentication Bypass via Account Takeover
- [remote] Microsoft PowerPoint 2019 - Remote Code Execution (RCE)
- [remote] ScriptCase 9.12.006 (23) - Remote Command Execution (RCE)
- [local] Sudo chroot 1.9.17 - Local Privilege Escalation
- [local] Sudo 1.9.17 Host Option - Elevation of Privilege
- [local] Microsoft Defender for Endpoint (MDE) - Elevation of Privilege
- [webapps] Discourse 3.2.x - Anonymous Cache Poisoning
- [remote] Microsoft Outlook - Remote Code Execution (RCE)
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
Fears ‘hackers still in the system’ leave Co-op shelves running empty across UK
/in General NewsU.K. retailer the Co-op is still having trouble with keeping grocery shelves stocked as it continues to respond to an attempted cyberattack that forced it to shut down some systems two weeks ago.
The Record from Recorded Future News – Read More
Zero Trust in the Age of Digital Transformation: The New Cybersecurity Paradigm
/in General NewsWith the digital transformation movement sweeping the world and cyber threats evolving simultaneously to pose greater and greater…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Asus DriverHub Vulnerabilities Expose Users to Remote Code Execution Attacks
/in General NewsTwo vulnerabilities in ASUS’s pre-installed software DriverHub can be exploited for remote code execution.
The post Asus DriverHub Vulnerabilities Expose Users to Remote Code Execution Attacks appeared first on SecurityWeek.
SecurityWeek – Read More
437,000 Impacted by Ascension Health Data Breach
/in General NewsAscension Health has notified the HHS that more than 437,000 people were affected by a recently disclosed data breach.
The post 437,000 Impacted by Ascension Health Data Breach appeared first on SecurityWeek.
SecurityWeek – Read More
Deepfakes, Scams, and the Age of Paranoia
/in General NewsAs AI-driven fraud becomes increasingly common, more people feel the need to verify every interaction they have online.
Security Latest – Read More
German Authorities Take Down Crypto Swapping Service eXch
/in General NewsGerman authorities seized the servers of crypto-swapping service eXch for laundering approximately $1.9 billion in fraudulent assets.
The post German Authorities Take Down Crypto Swapping Service eXch appeared first on SecurityWeek.
SecurityWeek – Read More
New SEO Poisoning Campaign Targeting IT Admins With Malware
/in General NewsVaronis reveals attackers are using SEO poisoning to trick IT admins into downloading malware, alongside a critical root…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Fake AI Tools Used to Spread Noodlophile Malware, Targeting 62,000+ via Facebook Lures
/in General NewsThreat actors have been observed leveraging fake artificial intelligence (AI)-powered tools as a lure to entice users into downloading an information stealer malware dubbed Noodlophile.
“Instead of relying on traditional phishing or cracked software sites, they build convincing AI-themed platforms – often advertised via legitimate-looking Facebook groups and viral social media campaigns,”
The Hacker News – Read More
US Announces Botnet Takedown, Charges Against Russian Administrators
/in General NewsAnyproxy and 5socks, websites offering proxy services through devices ensnared by a botnet, have been disrupted in a law enforcement operation.
The post US Announces Botnet Takedown, Charges Against Russian Administrators appeared first on SecurityWeek.
SecurityWeek – Read More
Five things we learned from WhatsApp vs. NSO Group spyware lawsuit
/in General NewsThe landmark trial between WhatsApp and NSO Group unearthed several new revelations. We recap some of them here.
Security News | TechCrunch – Read More