BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] WP Publications WordPress Plugin 1.2 - Stored XSS
- [local] Microsoft Graphics Component Windows 11 Pro (Build 26100+) - Local Elevation of Privileges
- [remote] Keras 2.15 - Remote Code Execution (RCE)
- [local] Microsoft Brokering File System Windows 11 Version 22H2 - Elevation of Privilege
- [webapps] PivotX 3.0.0 RC3 - Remote Code Execution (RCE)
- [hardware] TOTOLINK N300RB 8.54 - Command Execution
- [webapps] SugarCRM 14.0.0 - SSRF/Code Injection
- [webapps] Langflow 1.2.x - Remote Code Execution (RCE)
- [remote] NodeJS 24.x - Path Traversal
- [remote] MikroTik RouterOS 7.19.1 - Reflected XSS
Why Developers Should Care About Generative AI (Even They Aren’t AI Expert)
/in General NewsSoftware development is about to undergo a generative change. What this means is that AI (Artificial Intelligence) has…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Mobile Applications: A Cesspool of Security Issues
/in General NewsAn analysis of more than a half-million mobile apps find encryption problems, privacy issues, and known vulnerabilities in third-party code. What can users and developers do?
darkreading – Read More
Largest telecom in Africa warns of cyber incident exposing customer data
/in General NewsMTN Group said an “unknown third-party has claimed to have accessed data linked” to parts of its system and that the incident “resulted in unauthorised access to personal information of some MTN customers in certain markets.”
The Record from Recorded Future News – Read More
Interlock Ransomware Say It Stole 20TB of DaVita Healthcare Data
/in General NewsInterlock ransomware group claims it stole 20TB of sensitive patient data from DaVita Healthcare. While the group has…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
North Korean Hackers Spread Malware via Fake Crypto Firms and Job Interview Lures
/in General NewsNorth Korea-linked threat actors behind the Contagious Interview have set up front companies as a way to distribute malware during the fake hiring process.
“In this new campaign, the threat actor group is using three front companies in the cryptocurrency consulting industry—BlockNovas LLC (blocknovas[.] com), Angeloper Agency (angeloper[.]com), and SoftGlide LLC (softglide[.]co)—to spread
The Hacker News – Read More
Marks & Spencer pauses online shopping following cyberattack
/in General NewsThe massive British retailer is still struggling to recover from the cyberattack, which it first acknowledged on Tuesday.
The Record from Recorded Future News – Read More
Lattica Emerges From Stealth With FHE Platform for AI
/in General NewsLattica has raised $3.25 million in pre-seed funding for a platform that uses FHE to enable AI models to process encrypted data.
The post Lattica Emerges From Stealth With FHE Platform for AI appeared first on SecurityWeek.
SecurityWeek – Read More
Former Google Cloud CISO Phil Venables Joins Ballistic Ventures
/in General NewsVenables has served as CISO and security executive across several large organizations, including Google Cloud, Goldman Sachs, Deutsche Bank.
The post Former Google Cloud CISO Phil Venables Joins Ballistic Ventures appeared first on SecurityWeek.
SecurityWeek – Read More
How Organizations Can Leverage Cyber Insurance Effectively
/in General NewsBy focusing on prevention, education, and risk transfer through insurance, organizations — especially SMEs — can protect themselves from the rapidly escalating threats of cyberattacks.
darkreading – Read More
Vehicles Face 45% More Attacks, 4 Times More Hackers
/in General NewsTwo kinds of attacks are in high gear: ransomware attacks against OEMs and compromised electric vehicle chargers, according to data from Q1 2025.
darkreading – Read More