BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
Man Admits Hacking Disney and Leaking Data Disguised as Hacktivist
/in General NewsA 25-year-old has admitted hacking Disney systems and leaking data under the guise of a hacktivist collective named NullBulge.
The post Man Admits Hacking Disney and Leaking Data Disguised as Hacktivist appeared first on SecurityWeek.
SecurityWeek – Read More
Germany Most Targeted Country in Q1 2025 DDoS Attacks
/in General NewsCloudflare’s Q1 2025 DDoS Threat Report: DDoS attacks surged 358% YoY to 20.5M. Germany hit hardest; gaming and…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Ransomware Group Claims Attacks on UK Retailers
/in General NewsThe DragonForce ransomware group has claimed responsibility for the recent cyberattacks on UK retailers Co-op, Harrods, and M&S.
The post Ransomware Group Claims Attacks on UK Retailers appeared first on SecurityWeek.
SecurityWeek – Read More
TeleMessage, a modified Signal clone used by US govt. officials, has been hacked
/in General NewsA hacker has exploited a vulnerability in TeleMessage, which provides modded versions of encrypted messaging apps such as Signal, Telegram and WhatsApp, to extract archived messages and other data relating to U.S. government officials and companies who used the tool, 404 Media reported. TeleMessage came into the spotlight last week after it was reported that […]
Security News | TechCrunch – Read More
PoC Published for Exploited SonicWall Vulnerabilities
/in General NewsPoC code targeting two exploited SonicWall flaws was published just CISA added them to the KEV catalog.
The post PoC Published for Exploited SonicWall Vulnerabilities appeared first on SecurityWeek.
SecurityWeek – Read More
Security Researchers Warn a Widely Used Open Source Tool Poses a ‘Persistent’ Risk to the US
/in General NewsThe open source software easyjson is used by the US government and American companies. But its ties to Russia’s VK, whose CEO has been sanctioned, have researchers sounding the alarm.
Security Latest – Read More
Cybersecurity M&A Roundup: 31 Deals Announced in April 2025
/in General NewsThirty-one cybersecurity merger and acquisition (M&A) deals were announced in April 2025.
The post Cybersecurity M&A Roundup: 31 Deals Announced in April 2025 appeared first on SecurityWeek.
SecurityWeek – Read More
TikTok Fined $600 Million for China Data Transfers That Broke EU Privacy Rules
/in General NewsEU privacy watchdog fined TikTok $600 million after a four-year investigation found that data transfers to China put users at risk of spying, in breach of strict EU data privacy rules.
The post TikTok Fined $600 Million for China Data Transfers That Broke EU Privacy Rules appeared first on SecurityWeek.
SecurityWeek – Read More
Golden Chickens Deploy TerraStealerV2 to Steal Browser Credentials and Crypto Wallet Data
/in General NewsThe threat actors known as Golden Chickens have been attributed to two new malware families dubbed TerraStealerV2 and TerraLogger, suggesting continued development efforts to fine-tune and diversify their arsenal.
“TerraStealerV2 is designed to collect browser credentials, cryptocurrency wallet data, and browser extension information,” Recorded Future Insikt Group said. “TerraLogger, by contrast
The Hacker News – Read More
watchTowr Warns of Active Exploitation of SonicWall SMA 100 Devices
/in General NewswatchTowr reveals active exploitation of SonicWall SMA 100 vulnerabilities (CVE-2024-38475 & CVE-2023-44221) potentially leading to full system takeover…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More