BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Stacks Mobile App Builder 5.2.3 - Authentication Bypass via Account Takeover
- [remote] Microsoft PowerPoint 2019 - Remote Code Execution (RCE)
- [remote] ScriptCase 9.12.006 (23) - Remote Command Execution (RCE)
- [local] Sudo chroot 1.9.17 - Local Privilege Escalation
- [local] Sudo 1.9.17 Host Option - Elevation of Privilege
- [local] Microsoft Defender for Endpoint (MDE) - Elevation of Privilege
- [webapps] Discourse 3.2.x - Anonymous Cache Poisoning
- [remote] Microsoft Outlook - Remote Code Execution (RCE)
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
Kelly Benefits Data Breach Impact Grows to 400,000 Individuals
/in General NewsKelly Benefits has determined that the impact of the recently disclosed data breach is much bigger than initially believed.
The post Kelly Benefits Data Breach Impact Grows to 400,000 Individuals appeared first on SecurityWeek.
SecurityWeek – Read More
7 ways to lock down your phone’s security – before it’s too late
/in General NewsFrom border crossings to data breaches, there are more reasons than ever to protect your smartphone. Here’s a practical guide to securing your device and your digital life.
Latest stories for ZDNET in Security – Read More
Man Admits Hacking Disney and Leaking Data Disguised as Hacktivist
/in General NewsA 25-year-old has admitted hacking Disney systems and leaking data under the guise of a hacktivist collective named NullBulge.
The post Man Admits Hacking Disney and Leaking Data Disguised as Hacktivist appeared first on SecurityWeek.
SecurityWeek – Read More
Germany Most Targeted Country in Q1 2025 DDoS Attacks
/in General NewsCloudflare’s Q1 2025 DDoS Threat Report: DDoS attacks surged 358% YoY to 20.5M. Germany hit hardest; gaming and…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Ransomware Group Claims Attacks on UK Retailers
/in General NewsThe DragonForce ransomware group has claimed responsibility for the recent cyberattacks on UK retailers Co-op, Harrods, and M&S.
The post Ransomware Group Claims Attacks on UK Retailers appeared first on SecurityWeek.
SecurityWeek – Read More
TeleMessage, a modified Signal clone used by US govt. officials, has been hacked
/in General NewsA hacker has exploited a vulnerability in TeleMessage, which provides modded versions of encrypted messaging apps such as Signal, Telegram and WhatsApp, to extract archived messages and other data relating to U.S. government officials and companies who used the tool, 404 Media reported. TeleMessage came into the spotlight last week after it was reported that […]
Security News | TechCrunch – Read More
PoC Published for Exploited SonicWall Vulnerabilities
/in General NewsPoC code targeting two exploited SonicWall flaws was published just CISA added them to the KEV catalog.
The post PoC Published for Exploited SonicWall Vulnerabilities appeared first on SecurityWeek.
SecurityWeek – Read More
Security Researchers Warn a Widely Used Open Source Tool Poses a ‘Persistent’ Risk to the US
/in General NewsThe open source software easyjson is used by the US government and American companies. But its ties to Russia’s VK, whose CEO has been sanctioned, have researchers sounding the alarm.
Security Latest – Read More
Cybersecurity M&A Roundup: 31 Deals Announced in April 2025
/in General NewsThirty-one cybersecurity merger and acquisition (M&A) deals were announced in April 2025.
The post Cybersecurity M&A Roundup: 31 Deals Announced in April 2025 appeared first on SecurityWeek.
SecurityWeek – Read More
TikTok Fined $600 Million for China Data Transfers That Broke EU Privacy Rules
/in General NewsEU privacy watchdog fined TikTok $600 million after a four-year investigation found that data transfers to China put users at risk of spying, in breach of strict EU data privacy rules.
The post TikTok Fined $600 Million for China Data Transfers That Broke EU Privacy Rules appeared first on SecurityWeek.
SecurityWeek – Read More