BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [local] TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow
- [webapps] WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
- [webapps] Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)
- [local] RDPGuard 9.9.9 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
Unpatched Windows Zero-Day Flaw Exploited by 11 State-Sponsored Threat Groups Since 2017
/in General NewsAn unpatched security flaw impacting Microsoft Windows has been exploited by 11 state-sponsored groups from China, Iran, North Korea, and Russia as part of data theft, espionage, and financially motivated campaigns that date back to 2017.
The zero-day vulnerability, tracked by Trend Micro’s Zero Day Initiative (ZDI) as ZDI-CAN-25373, refers to an issue that allows bad actors to execute hidden
The Hacker News – Read More
How to turn off motion smoothing on your TV (and why you should do it ASAP)
/in General NewsAlso known as the ‘soap opera effect,’ motion smoothing is ideal for gaming and live sports but less so for everything else. Here’s how to turn off the feature.
Latest stories for ZDNET in Security – Read More
Orion Security emerges from stealth using LLMs to track your enterprise’s data flow and stop it from leaking out
/in General NewsBeyond catching malicious insiders, Orion also distinguishes between human errors and external attackers for specificity.Read More
Security News | VentureBeat – Read More
Analyze Mobile Threats Faster: ANY.RUN Introduces Android OS to Its Interactive Sandbox
/in General NewsDisclosure: This article was provided by ANY.RUN. The information and analysis presented are based on their research and findings.
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
3 AI-Driven Roles in Cybersecurity
/in General NewsFor candidates with a cybersecurity background who want to stay competitive, now is the time to invest in obtaining AI skills.
darkreading – Read More
11 State-Sponsored APTs Exploiting LNK Files for Espionage, Data Theft
/in General NewsZDI has uncovered 1,000 malicious .lnk files used by state-sponsored and cybercrime threat actors to execute malicious commands.
The post 11 State-Sponsored APTs Exploiting LNK Files for Espionage, Data Theft appeared first on SecurityWeek.
SecurityWeek – Read More
New Cloudflare Service Provides Real-Time Threat Intelligence
/in General NewsCloudflare launches Cloudforce Threat Events Feed, a service designed to provide security teams with real-time threat intelligence.
The post New Cloudflare Service Provides Real-Time Threat Intelligence appeared first on SecurityWeek.
SecurityWeek – Read More
Halliday raises $20 million to build AI agents that operate safely on blockchain
/in General NewsHalliday secures $20 million to develop secure AI agents for blockchain, solving critical safety challenges for enterprise applications with immutable guardrails and automated workflows.Read More
Security News | VentureBeat – Read More
SquareX Launches “Year of Browser Bugs” (YOBB) to Expose Critical Security Blind Spots
/in General NewsPalo Alto, USA, 18th March 2025, CyberNewsWire
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Western Alliance Bank Discloses Data Breach Linked to Cleo Hack
/in General NewsThe personal information of 22,000 Western Alliance Bank customers was stolen in a data breach linked to Cl0p’s hacking of the Cleo file transfer tool.
The post Western Alliance Bank Discloses Data Breach Linked to Cleo Hack appeared first on SecurityWeek.
SecurityWeek – Read More