BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
[Virtual Event] Anatomy of a Data Breach: And what to do if it happens to you
/in General NewsPost Content
darkreading – Read More
Is that really your boss calling? Jericho Security raises $15M to stop deepfake fraud that’s cost businesses $200M in 2025 alone
/in General NewsPentagon-backed Jericho Security raises $15 million to combat deepfake fraud that has already cost North American businesses $200 million in 2025, using AI to detect increasingly convincing voice and video impersonations.Read More
Security News | VentureBeat – Read More
Max-Severity Commvault Bug Alarms Researchers
/in General NewsThough already patched, the vulnerability is especially problematic because of the highly privileged access it offers to business-critical systems, sensitive data, and backups for attackers.
darkreading – Read More
Protecting Your Phone—and Your Privacy—at the US Border
/in General NewsIn this episode of Uncanny Valley, our hosts explain how to prepare for travel to and from the United States—and how to stay safe.
Security Latest – Read More
‘SessionShark’ ToolKit Evades Microsoft Office 365 MFA
/in General NewsThe creators of the toolkit are advertising it as an educational and ethical resource, but what it promises to provide users if purchased indicates it’s anything but.
darkreading – Read More
Zencoder buys Machinet to challenge GitHub Copilot as AI coding assistant consolidation accelerates
/in General NewsZencoder acquires Machinet to strengthen its position in the rapidly consolidating AI coding assistant market, expanding its JetBrains ecosystem integration while outperforming competitors like GitHub Copilot with innovative features such as Repo Grokking and Coffee Mode.Read More
Security News | VentureBeat – Read More
8 simple ways Mac users can better protect their privacy
/in General NewsJust because you’re running Apple’s rock-solid operating system doesn’t mean your privacy is automatically protected. These simple steps will keep you safer.
Latest stories for ZDNET in Security – Read More
Dialysis company DaVita reviewing data leaked by ransomware gang
/in General NewsThe Interlock ransomware gang posted samples from a trove of data it is claiming to have stolen from the company.
The Record from Recorded Future News – Read More
NFC-Powered Android Malware Enables Instant Cash-Outs
/in General NewsResearchers at security vendor Cleafy detailed a malware known as “SuperCard X” that uses the NFC reader on a victim’s own phone to steal credit card funds instantly.
darkreading – Read More
Backdoor Found in Official XRP Ledger NPM Package
/in General NewsXRP Ledger SDK hit by supply chain attack: Malicious NPM versions stole private keys; users urged to update…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More