BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
Billions of Apple Devices at Risk from “AirBorne” AirPlay Vulnerabilities
/in General NewsOligo Security uncovers “AirBorne,” a set of 23 vulnerabilities in Apple AirPlay affecting billions of devices. Learn how…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack
/in General NewsCybersecurity researchers have discovered three malicious Go modules that include obfuscated code to fetch next-stage payloads that can irrevocably overwrite a Linux system’s primary disk and render it unbootable.
The names of the packages are listed below –
github[.]com/truthfulpharm/prototransform
github[.]com/blankloggia/go-mcp
github[.]com/steelpoor/tlsproxy
“Despite appearing legitimate,
The Hacker News – Read More
Phishing Emails Impersonating Qantas Target Credit Card Info
/in General NewsFake Qantas emails in a sophisticated phishing scam steal credit card and personal info from Australians, bypassing major…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
How Riot Games is fighting the war against video game hackers
/in General NewsRiot’s “anti-cheat artisan” Phillip Koskinas explains how he and his team go after cheaters and cheat developers to protect the integrity of games, such as Valorant and League of Legends.
Security News | TechCrunch – Read More
Hacking Spree Hits UK Retail Giants
/in General NewsPlus: France blames Russia for a series of cyberattacks, the US is taking steps to crack down on a gray market allegedly used by scammers, and Microsoft pushes the password one step closer to death.
Security Latest – Read More
Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware
/in General NewsAn Iranian state-sponsored threat group has been attributed to a long-term cyber intrusion aimed at a critical national infrastructure (CNI) in the Middle East that lasted nearly two years.
The activity, which lasted from at least May 2023 to February 2025, entailed “extensive espionage operations and suspected network prepositioning – a tactic often used to maintain persistent access for future
The Hacker News – Read More
U.S. Charges Yemeni Hacker Behind Black Kingdom Ransomware Targeting 1,500 Systems
/in General NewsThe U.S. Department of Justice (DoJ) on Thursday announced charges against a 36-year-old Yemeni national for allegedly deploying the Black Kingdom ransomware against global targets, including businesses, schools, and hospitals in the United States.
Rami Khaled Ahmed of Sana’a, Yemen, has been charged with one count of conspiracy, one count of intentional damage to a protected computer, and one
The Hacker News – Read More
RSAC 2025: Why the AI agent era means more demand for CISOS
/in General NewsRSAC 2025 made one thing clear: AI agents are entering security workflows, but boards want proof they work.Read More
Security News | VentureBeat – Read More
What NYDFS Rules Mean for Businesses (Inside & Outside of NY)
/in General NewsStarting this month, finance companies operating in New York must implement a variety of protections against unauthorized access to IT systems.
darkreading – Read More
UK Retailers Reeling From Likely Ransomware Attacks
/in General NewsA series of cyberattacks have struck multiple major British retailers in recent weeks, and a ransomware gang has reportedly claimed responsibility.
darkreading – Read More