BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
Canada says China-linked information campaign spreading false narratives about prime minister
/in General NewsA China-linked information campaign is using a network of WeChat accounts to attack Canadian Prime Minister Mark Carney ahead of the country’s upcoming federal election, authorities said.
The Record from Recorded Future News – Read More
WhatsApp Vulnerability Could Facilitate Remote Code Execution
/in General NewsAn update for the WhatsApp desktop app for Windows patches CVE-2025-30401, a spoofing vulnerability that could be used to trick users.
The post WhatsApp Vulnerability Could Facilitate Remote Code Execution appeared first on SecurityWeek.
SecurityWeek – Read More
HellCat Ransomware Hits 4 Firms using Infostealer-Stolen Jira Credentials
/in General NewsHellCat ransomware hits 4 companies by exploiting Jira credentials stolen through infostealer malware, continuing their global attack spree.
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Aurascape Banks Hefty $50 Million to Mitigate ‘Shadow AI’ Risks
/in General NewsSilicon Valley startup secures big investment from Menlo Ventures and Mayfield Fund to solve the “shadow AI” security problem.
The post Aurascape Banks Hefty $50 Million to Mitigate ‘Shadow AI’ Risks appeared first on SecurityWeek.
SecurityWeek – Read More
Tailscale Raises $160 Million for Secure Networking Platform
/in General NewsTailscale’s new Series C funding round brings the total raised by the company for its secure networking platform to $275 million.
The post Tailscale Raises $160 Million for Secure Networking Platform appeared first on SecurityWeek.
SecurityWeek – Read More
Corsha Raises $18 Million to Enhance and Extend Machine-to-Machine Security
/in General NewsThe new funds will be used to extend Corsha’s reach into critical infrastructure and further improve its own use of AI.
The post Corsha Raises $18 Million to Enhance and Extend Machine-to-Machine Security appeared first on SecurityWeek.
SecurityWeek – Read More
How to Use a VPN: 4 Easy Steps to Get Started
/in General NewsLearn how to set up and use a VPN with just four easy steps. This step-by-step guide takes you through how you can secure your connection and online data.
Security | TechRepublic – Read More
Android Update Patches Two Exploited Vulnerabilities
/in General NewsAndroid’s latest security update resolves two exploited Kernel vulnerabilities, as well as critical-severity bugs.
The post Android Update Patches Two Exploited Vulnerabilities appeared first on SecurityWeek.
SecurityWeek – Read More
Online Gaming Risks and How to Avoid Them
/in General NewsOnline gaming has become an integral part of modern entertainment, with millions of players connecting from all over…
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Exploited Vulnerability Puts 5,000 Ivanti VPN Appliances at Risk
/in General NewsMore than 5,000 Ivanti Connect Secure appliances are vulnerable to attacks exploiting CVE-2025-22457, which has been used by Chinese hackers.
The post Exploited Vulnerability Puts 5,000 Ivanti VPN Appliances at Risk appeared first on SecurityWeek.
SecurityWeek – Read More