BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
Former CISA director Chris Krebs vows to fight back against Trump-ordered federal investigation
/in General NewsThe former cybersecurity chief is the latest to push back on the Trump administration’s targeting of critics and dissenters.
Security News | TechCrunch – Read More
Multiple Groups Exploit NTLM Flaw in Microsoft Windows
/in General NewsThe attacks have been going on since shortly after Microsoft patched the vulnerability in March.
darkreading – Read More
Krebs Exits SentinelOne After Security Clearance Pulled
/in General NewsChris Krebs has resigned from SentinelOne after security clearance withdrawn and an order to review CISA’s conduct under his leadership.
The post Krebs Exits SentinelOne After Security Clearance Pulled appeared first on SecurityWeek.
SecurityWeek – Read More
Apple Quashes Two Zero-Days With iOS, MacOS Patches
/in General NewsThe vulnerabilities are described as code execution and mitigation bypass issues that affect Apple’s iOS, iPadOS and macOS platforms.
The post Apple Quashes Two Zero-Days With iOS, MacOS Patches appeared first on SecurityWeek.
SecurityWeek – Read More
Ransomware gang ‘CrazyHunter’ Targets Critical Taiwanese Orgs
/in General NewsTrend Micro researchers detailed an emerging ransomware campaign by a new group known as “CrazyHunter” that is targeting critical sectors in Taiwan.
darkreading – Read More
CISA warns of potential data breaches caused by legacy Oracle Cloud leak
/in General NewsThe Cybersecurity and Infrastructure Security Agency on Wednesday said that while the scope of the reported Oracle issue remains unconfirmed, it “presents potential risk to organizations and individuals.”
The Record from Recorded Future News – Read More
Why the CVE database for tracking security flaws nearly went dark – and what happens next
/in General NewsExpired US government funding nearly disrupted this global security system. How can we prevent this from happening again in 11 months?
Latest stories for ZDNET in Security – Read More
Developers Beware: Slopsquatting & Vibe Coding Can Increase Risk of AI-Powered Attacks
/in General NewsSlopsquatting and vibe coding are fueling a new wave of AI-driven cyberattacks, exposing developers to hidden risks through fake, hallucinated packages.
Security | TechRepublic – Read More
OpenAI launches o3 and o4-mini, AI models that ‘think with images’ and use tools autonomously
/in General NewsOpenAI launches groundbreaking o3 and o4-mini AI models that can manipulate and reason with images, representing a major advance in visual problem-solving and tool-using artificial intelligence.Read More
Security News | VentureBeat – Read More
Apple says zero-day bugs exploited against ‘specific targeted individuals’ using iOS
/in General NewsOne of the bugs was discovered by Google’s security researchers who investigate government-backed cyberattacks.
Security News | TechCrunch – Read More