BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
Hunters International Ransomware Gang Rebranding, Shifting Focus
/in General NewsThe notorious cybercrime group Hunters International is dropping ransomware to focus on data theft and extortion.
The post Hunters International Ransomware Gang Rebranding, Shifting Focus appeared first on SecurityWeek.
SecurityWeek – Read More
AI Image Site GenNomis Exposed 47GB of Underage Deepfakes
/in General NewsCybersecurity researcher Jeremiah Fowler uncovers a massive 47.8GB database with disturbing AI-generated content belonging to GenNomis.
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Cybersecurity M&A Roundup: 23 Deals Announced in March 2025
/in General NewsLess than two dozen cybersecurity merger and acquisition (M&A) deals were announced in March 2025.
The post Cybersecurity M&A Roundup: 23 Deals Announced in March 2025 appeared first on SecurityWeek.
SecurityWeek – Read More
Details Emerge on CVE Controversy Around Exploited CrushFTP Vulnerability
/in General NewsTwo CVEs now exist for an actively exploited CrushFTP vulnerability and much of the security industry is using the ‘wrong one’.
The post Details Emerge on CVE Controversy Around Exploited CrushFTP Vulnerability appeared first on SecurityWeek.
SecurityWeek – Read More
39 Million Secrets Leaked on GitHub in 2024
/in General NewsGitHub has announced new capabilities to help organizations and developers keep secrets in their code protected.
The post 39 Million Secrets Leaked on GitHub in 2024 appeared first on SecurityWeek.
SecurityWeek – Read More
Want AI to work for your business? Then privacy needs to come first
/in General NewsCisco’s latest study reveals how strong privacy practices are becoming a competitive advantage for businesses adopting AI – and why companies are shifting budgets to keep up.
Latest stories for ZDNET in Security – Read More
Vulnerabilities Expose Cisco Meraki and ECE Products to DoS Attacks
/in General NewsCisco fixes two high-severity denial-of-service vulnerabilities in Meraki devices and Enterprise Chat and Email.
The post Vulnerabilities Expose Cisco Meraki and ECE Products to DoS Attacks appeared first on SecurityWeek.
SecurityWeek – Read More
Google Patches Quick Share Vulnerability Enabling Silent File Transfers Without Consent
/in General NewsCybersecurity researchers have disclosed details of a new vulnerability impacting Google’s Quick Share data transfer utility for Windows that could be exploited to achieve a denial-of-service (DoS) or send arbitrary files to a target’s device without their approval.
The flaw, tracked as CVE-2024-10668 (CVSS score: 5.9), is a bypass for two of the 10 shortcomings that were originally disclosed by
The Hacker News – Read More
Google Released Second Fix for Quick Share Flaws After Patch Bypass
/in General NewsGoogle’s patches for Quick Share for Windows vulnerabilities leading to remote code execution were incomplete and could be easily bypassed.
The post Google Released Second Fix for Quick Share Flaws After Patch Bypass appeared first on SecurityWeek.
SecurityWeek – Read More
The big VPN choice: System-wide or just in the browser? How to decide
/in General NewsVPNs are a must for privacy, but should you protect your whole system or just use a VPN in your browser? Here’s the difference and how to decide which option is best for you.
Latest stories for ZDNET in Security – Read More