BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
Best antivirus for Mac in 2025: I tested your top software options
/in General NewsProtect yourself and your Mac with the top antivirus software for Mac in the market, tested and recommended by our experts.
Latest stories for ZDNET in Security – Read More
Terra Security Raises $8M for Agentic AI Penetration Testing Platform
/in General NewsCybersecurity startup Terra Security has raised $8 million in seed funding from SYN Ventures, FXP Ventures, and Underscore VC.
The post Terra Security Raises $8M for Agentic AI Penetration Testing Platform appeared first on SecurityWeek.
SecurityWeek – Read More
Ripple’s xrpl.js npm Package Backdoored to Steal Private Keys in Major Supply Chain Attack
/in General NewsThe Ripple cryptocurrency npm JavaScript library named xrpl.js has been compromised by unknown threat actors as part of a software supply chain attack designed to harvest and exfiltrate users’ private keys.
The malicious activity has been found to affect five different versions of the package: 4.2.1, 4.2.2, 4.2.3, 4.2.4, and 2.14.2. The issue has been addressed in versions 4.2.5 and 2.14.3.
The Hacker News – Read More
Korean Telco Giant SK Telecom Hacked
/in General NewsSK Telecom, South Korea’s largest telecom company, disclosed a data leak involving a malware infection.
The post Korean Telco Giant SK Telecom Hacked appeared first on SecurityWeek.
SecurityWeek – Read More
The Tech That Safeguards the Conclave’s Secrecy
/in General NewsFollowing the death of Pope Francis, the Vatican is preparing to organize a new conclave in less than 20 days. This is how they’ll tamp down on leaks.
Security Latest – Read More
Tech resilience, breakout startups, and banking reinvented: The big conversations at StrictlyVC London in May
/in General NewsStrictlyVC is heading to London on May 13, uniting top investors and entrepreneurs to spark meaningful connections and drive forward innovation. We’re thrilled to welcome industry leaders like Nazo Moosa, general partner at Paladin Capital Group; Sonali De Rycker, partner at Accel; and TS Anil, CEO of Monzo Bank, to the stage. Paladin is proud […]
Security News | TechCrunch – Read More
Zambia’s Updated Cyber Laws Prompt Surveillance Warnings
/in General NewsCritics — which include the US embassy in Zambia — contend the just-signed Cyber Security Act and the Cyber Crime Act allow suppression of dissent and too much concentration of power.
darkreading – Read More
Verizon: Edge Bugs Soar, Ransoms Lag, SMBs Bedeviled
/in General NewsThe cybersecurity landscape confounded expectations in 2024, as anticipated threats and risk didn’t materialize and less widely touted attack scenarios shot up.
darkreading – Read More
Thousands of Baltimore students, teachers affected by data breach following February ransomware attack
/in General NewsThousands of students, teachers and administrators had information stolen from the Baltimore City Public Schools system during a ransomware attack in February.
The Record from Recorded Future News – Read More
Microsoft Purges Millions of Cloud Tenants in Wake of Storm-0558
/in General NewsThe tech giant is boosting Entra ID and MSA security as part of the wide-ranging Secure Future Initiative (SFI) that the company launched following a Chinese APT’s breach of its Exchange Online environment in 2023.
darkreading – Read More