BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
- [remote] Microsoft Excel 2024 Use after free - Remote Code Execution (RCE)
How an Email, Crypto Wallet and YouTube Activity Led the FBI to IntelBroker
/in General NewsFBI tracked IntelBroker as UK’s Kai West using an email address, crypto trails, YouTube activity and forum posts after dozens of high-profile data breaches and darknet activity.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
‘IntelBroker’ Suspect Arrested, Charged in High-Profile Breaches
/in General NewsA British national arrested earlier this year in France was charged by the US Department of Justice in connection with a string of major cyberattacks.
darkreading – Read More
Scam compounds labeled a ‘living nightmare’ as Cambodian government accused of turning a blind eye
/in General NewsAmnesty International said it identified dozens of scam compounds in Cambodia, calling the government’s response to the nexus of cybercrime and human trafficking “grossly inadequate.”
The Record from Recorded Future News – Read More
Critical Open VSX Registry Flaw Exposes Millions of Developers to Supply Chain Attacks
/in General NewsCybersecurity researchers have disclosed a critical vulnerability in the Open VSX Registry (“open-vsx[.]org”) that, if successfully exploited, could have enabled attackers to take control of the entire Visual Studio Code extensions marketplace, posing a severe supply chain risk.
“This vulnerability provides attackers full control over the entire extensions marketplace, and in turn, full control
The Hacker News – Read More
Homeland Security warns of Iran-backed cyberattacks targeting US networks
/in General NewsDHS said low-level cyberattacks targeting U.S. networks are “likely” in the wake of military conflict between the US and Israel, and Iran.
Security News | TechCrunch – Read More
Bipartisan Bill Aims to Block Chinese AI From Federal Agencies
/in General NewsThe proposal seeks to ban all use of the technology in the U.S. government, with exceptions for use in research and counterterrorism efforts.
The post Bipartisan Bill Aims to Block Chinese AI From Federal Agencies appeared first on SecurityWeek.
SecurityWeek – Read More
US, French authorities confirm arrest of BreachForums hackers
/in General NewsKai West was arrested in France, along with four other hackers, all suspected of being part of the well-known hacking forum, BreachForums.
Security News | TechCrunch – Read More
Microsoft rolls out Windows security changes to prevent another CrowdStrike meltdown
/in General NewsIt’s been almost a year since CrowdStrike crashed Windows PCs and disrupted businesses worldwide. New changes to the Windows security architecture will make those outages less likely and easier to recover from.
Latest stories for ZDNET in Security – Read More
Flowable Named in the latest Gartner® Market Guide for BPA Tools
/in General NewsZURICH, Switzerland – Zurich-based automation platform Flowable has been recognized as a Representative Vendor in the Gartner newly released…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
How Geopolitical Tensions Are Shaping Cyber Warfare
/in General NewsIn today’s cyber battlefield, resilience starts with readiness, and the cost of falling short increases by the day.
darkreading – Read More