BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [local] TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow
- [webapps] WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
- [webapps] Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)
- [local] RDPGuard 9.9.9 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
Virtual Event Today: Supply Chain & Third-Party Risk Security Summit
/in General NewsJoin the virtual event as we explore of the critical nature of software and vendor supply chain security issues.
The post Virtual Event Today: Supply Chain & Third-Party Risk Security Summit appeared first on SecurityWeek.
SecurityWeek – Read More
Chinese Hacking Group MirrorFace Targeting Europe
/in General NewsChinese hacking group MirrorFace has targeted a Central European diplomatic institute with the Anel backdoor and AsyncRAT.
The post Chinese Hacking Group MirrorFace Targeting Europe appeared first on SecurityWeek.
SecurityWeek – Read More
Hackers Hide VenomRAT Malware Inside Virtual Hard Disk Image File
/in General NewsHackers are using .VHD files to spread VenomRAT malware, bypassing security software, reveals Forcepoint X-Labs. Learn how this stealthy attack works and how to protect yourself.
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Linux Foundation’s trust scorecards aim to battle rising open-source security threats
/in General NewsHow do you tell the difference between trustworthy open-source developers and hackers? Here’s one idea.
Latest stories for ZDNET in Security – Read More
SpyCloud’s 2025 Identity Exposure Report Reveals the Scale and Hidden Risks of Digital Identity Threats
/in General NewsAustin, TX, United States, 19th March 2025, CyberNewsWire
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Scareware Combined With Phishing in Attacks Targeting macOS Users
/in General NewsA long-running campaign phishing for credentials through scareware recently switched to targeting macOS users.
The post Scareware Combined With Phishing in Attacks Targeting macOS Users appeared first on SecurityWeek.
SecurityWeek – Read More
Researchers name several countries as potential Paragon spyware customers
/in General NewsThe Citizen Lab said it believes several governments may be customers of spyware maker Paragon Solutions.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
5 Identity Threat Detection & Response Must-Haves for Super SaaS Security
/in General NewsIdentity-based attacks are on the rise. Attackers are targeting identities with compromised credentials, hijacked authentication methods, and misused privileges. While many threat detection solutions focus on cloud, endpoint, and network threats, they overlook the unique risks posed by SaaS identity ecosystems. This blind spot is wreaking havoc on heavily SaaS-reliant organizations big and small
The Hacker News – Read More
Top 10 Passwords Hackers Use to Breach RDP – Is Yours at Risk?
/in General NewsTop 10 Passwords hackers use to breach RDP revealed! Weak credentials cause successful cyberattacks- check if yours is on the list and secure your system now.
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Microsoft Warns of New StilachiRAT Malware
/in General NewsMicrosoft has shared details on StilachiRAT, an evasive and persistent piece of malware that facilitates sensitive data theft.
The post Microsoft Warns of New StilachiRAT Malware appeared first on SecurityWeek.
SecurityWeek – Read More