BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
In Other News: NullPoint Source Code Leak, $17,500 for iPhone Flaw, BreachForums Down
/in General NewsNoteworthy stories that might have slipped under the radar: NullPoint Stealer source code leaked, researcher earns $17,500 from Apple for vulnerability, BreachForums down after zero-day exploitation by police.
The post In Other News: NullPoint Source Code Leak, $17,500 for iPhone Flaw, BreachForums Down appeared first on SecurityWeek.
SecurityWeek – Read More
TikTok Slammed With €530 Million GDPR Fine for Sending E.U. Data to China
/in General NewsIreland’s Data Protection Commission (DPC) on Tuesday fined popular video-sharing platform TikTok €530 million ($601 million) for infringing data protection regulations in the region by transferring European users’ data to China.
“TikTok infringed the GDPR regarding its transfers of EEA [European Economic Area] User Data to China and its transparency requirements,” the DPC said in a statement. ”
The Hacker News – Read More
Raytheon, Nightwing to Pay $8.4 Million in Settlement Over Cybersecurity Failures
/in General NewsThe US government says defense contractor Raytheon and Nightwing agreed to pay $8.4 million to settle False Claims Act allegations.
The post Raytheon, Nightwing to Pay $8.4 Million in Settlement Over Cybersecurity Failures appeared first on SecurityWeek.
SecurityWeek – Read More
Harrods becomes latest retailer to announce attempted cyberattack
/in General NewsLondon retailer Harrods said it had “recently experienced attempts to gain unauthorised access to some of our systems” but its security team “immediately took proactive steps to keep systems safe.”
The Record from Recorded Future News – Read More
How to Automate CVE and Vulnerability Advisory Response with Tines
/in General NewsRun by the team at workflow orchestration and AI platform Tines, the Tines library features pre-built workflows shared by security practitioners from across the community – all free to import and deploy through the platform’s Community Edition.
A recent standout is a workflow that automates monitoring for security advisories from CISA and other vendors, enriches advisories with CrowdStrike
The Hacker News – Read More
Nova Scotia Power Says Hackers Stole Customer Information
/in General NewsNova Scotia Power’s investigation has shown that the recent cyberattack resulted in the theft of some customer information.
The post Nova Scotia Power Says Hackers Stole Customer Information appeared first on SecurityWeek.
SecurityWeek – Read More
UK Retailers Co-op, Harrods and M&S Struggle With Cyberattacks
/in General NewsMajor UK retailers Co-op, Harrods, and M&S are scrambling to restore services that were affected by cyberattacks.
The post UK Retailers Co-op, Harrods and M&S Struggle With Cyberattacks appeared first on SecurityWeek.
SecurityWeek – Read More
200+ Fake Retail Sites Used in New Wave of Subscription Scams
/in General NewsBitdefender uncovers a massive surge in sophisticated subscription scams disguised as online shops and evolving mystery boxes. Learn…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
RSA Conference 2025 Announcement Summary (Day 3)
/in General NewsHundreds of companies showcased their products and services this week at the 2025 edition of the RSA Conference in San Francisco.
The post RSA Conference 2025 Announcement Summary (Day 3) appeared first on SecurityWeek.
SecurityWeek – Read More
Ukrainian Nefilim Ransomware Affiliate Extradited to US
/in General NewsUkrainian national Artem Stryzhak was extradited to the US and charged with using Nefilim ransomware in attacks on large businesses.
The post Ukrainian Nefilim Ransomware Affiliate Extradited to US appeared first on SecurityWeek.
SecurityWeek – Read More