BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
Brass Typhoon: The Chinese Hacking Group Lurking in the Shadows
/in General NewsThough less well-known than groups like Volt Typhoon and Salt Typhoon, Brass Typhoon, or APT 41, is an infamous, longtime espionage actor that foreshadowed recent telecom hacks.
Security Latest – Read More
CyberAv3ngers: The Iranian Saboteurs Hacking Water and Gas Systems Worldwide
/in General NewsDespite their hacktivist front, CyberAv3ngers is a rare state-sponsored hacker group bent on putting industrial infrastructure at risk—and has already caused global disruption.
Security Latest – Read More
Black Basta: The Fallen Ransomware Gang That Lives On
/in General NewsAfter a series of setbacks, the notorious Black Basta ransomware gang went underground. Researchers are bracing for its probable return in a new form.
Security Latest – Read More
Fortinet Issues Fixes After Attackers Bypass Patches to Maintain Access
/in General NewsHackers exploit Fortinet flaws to plant stealth backdoors on FortiGate devices, maintaining access even after patches. Update to…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Data Breach at Planned Parenthood Lab Partner Exposes Info of 1.6M
/in General NewsData breach at Laboratory Services Cooperative (LSC) exposed the sensitive health and personal information of 1.6 million individuals…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Pakistan-Linked Hackers Expand Targets in India with CurlBack RAT and Spark RAT
/in General NewsA threat actor with ties to Pakistan has been observed targeting various sectors in India with various remote access trojans like Xeno RAT, Spark RAT, and a previously undocumented malware family called CurlBack RAT.
The activity, detected by SEQRITE in December 2024, targeted Indian entities under railway, oil and gas, and external affairs ministries, marking an expansion of the hacking crew’s
The Hacker News – Read More
Morocco Investigates Social Security Agency Data Leak
/in General NewsA threat actor has claimed responsibility for the alleged politically motivated attack and has uploaded the stolen data to a Dark Web forum.
darkreading – Read More
Homeland Security Email Tells a US Citizen to ‘Immediately’ Self-Deport
/in General NewsAn email sent by the Department of Homeland Security instructs people in the US on a temporary legal status to leave the country. But who the email actually applies to—and who actually received it—is far from clear.
Security Latest – Read More
China Secretly (and Weirdly) Admits It Hacked US Infrastructure
/in General NewsPlus: The Department of Homeland Security begins surveilling immigrants’ social media, President Donald Trump targets former CISA director who refuted his claims of 2020 election fraud, and more.
Security Latest – Read More
5 warning signs that your phone’s been hacked – and how to fight back
/in General NewsHere are the biggest warning signs that your phone may be compromised and the secret codes that can tell you all about it.
Latest stories for ZDNET in Security – Read More