BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] WP Publications WordPress Plugin 1.2 - Stored XSS
- [local] Microsoft Graphics Component Windows 11 Pro (Build 26100+) - Local Elevation of Privileges
- [remote] Keras 2.15 - Remote Code Execution (RCE)
- [local] Microsoft Brokering File System Windows 11 Version 22H2 - Elevation of Privilege
- [webapps] PivotX 3.0.0 RC3 - Remote Code Execution (RCE)
- [hardware] TOTOLINK N300RB 8.54 - Command Execution
- [webapps] SugarCRM 14.0.0 - SSRF/Code Injection
- [webapps] Langflow 1.2.x - Remote Code Execution (RCE)
- [remote] NodeJS 24.x - Path Traversal
- [remote] MikroTik RouterOS 7.19.1 - Reflected XSS
Phishing Emails Impersonating Qantas Target Credit Card Info
/in General NewsFake Qantas emails in a sophisticated phishing scam steal credit card and personal info from Australians, bypassing major…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
How Riot Games is fighting the war against video game hackers
/in General NewsRiot’s “anti-cheat artisan” Phillip Koskinas explains how he and his team go after cheaters and cheat developers to protect the integrity of games, such as Valorant and League of Legends.
Security News | TechCrunch – Read More
Hacking Spree Hits UK Retail Giants
/in General NewsPlus: France blames Russia for a series of cyberattacks, the US is taking steps to crack down on a gray market allegedly used by scammers, and Microsoft pushes the password one step closer to death.
Security Latest – Read More
Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware
/in General NewsAn Iranian state-sponsored threat group has been attributed to a long-term cyber intrusion aimed at a critical national infrastructure (CNI) in the Middle East that lasted nearly two years.
The activity, which lasted from at least May 2023 to February 2025, entailed “extensive espionage operations and suspected network prepositioning – a tactic often used to maintain persistent access for future
The Hacker News – Read More
U.S. Charges Yemeni Hacker Behind Black Kingdom Ransomware Targeting 1,500 Systems
/in General NewsThe U.S. Department of Justice (DoJ) on Thursday announced charges against a 36-year-old Yemeni national for allegedly deploying the Black Kingdom ransomware against global targets, including businesses, schools, and hospitals in the United States.
Rami Khaled Ahmed of Sana’a, Yemen, has been charged with one count of conspiracy, one count of intentional damage to a protected computer, and one
The Hacker News – Read More
RSAC 2025: Why the AI agent era means more demand for CISOS
/in General NewsRSAC 2025 made one thing clear: AI agents are entering security workflows, but boards want proof they work.Read More
Security News | VentureBeat – Read More
What NYDFS Rules Mean for Businesses (Inside & Outside of NY)
/in General NewsStarting this month, finance companies operating in New York must implement a variety of protections against unauthorized access to IT systems.
darkreading – Read More
UK Retailers Reeling From Likely Ransomware Attacks
/in General NewsA series of cyberattacks have struck multiple major British retailers in recent weeks, and a ransomware gang has reportedly claimed responsibility.
darkreading – Read More
US indicts Yemeni man in Black Kingdom ransomware attacks
/in General NewsThe U.S. Attorney’s Office for the Central District of California announced charges against Rami Khaled Ahmed for allegedly helping to develop and deploy Black Kingdom, which infected “approximately 1,500 computer systems.”
The Record from Recorded Future News – Read More
Mike Waltz Has Somehow Gotten Even Worse at Using Signal
/in General NewsA photo taken this week showed Mike Waltz using an app that looks like—but is not—Signal to communicate with top officials. “I don’t even know where to start with this,” says one expert.
Security Latest – Read More