BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Text4Shell-Exploit - A Custom Python-based Proof-Of-Concept (PoC) Exploit Targeting Text4Shell (CVE-2022-42889), A Critical Remote Code Execution Vulnerability In Apache Commons Text Versions < 1.10
- Ghost-Route - Ghost Route Detects If A Next JS Site Is Vulnerable To The Corrupt Middleware Bypass Bug (CVE-2025-29927)
- Bytesrevealer - Online Reverse Enginerring Viewer
- CentralizedFirewall - Provides A Firewall Manager API Designed To Centralize And Streamline The Management Of Firewall Configurations
- Maryam - Open-source Intelligence(OSINT) Framework
- TruffleHog Explorer - A User-Friendly Web-Based Tool To Visualize And Analyze Data Extracted Using TruffleHog
- PANO - Advanced OSINT Investigation Platform Combining Graph Visualization, Timeline Analysis, And AI Assistance To Uncover Hidden Connections In Data
- Wappalyzer-Next - Python library that uses Wappalyzer extension (and its fingerprints) to detect technologies
- Telegram-Checker - A Python Tool For Checking Telegram Accounts Via Phone Numbers Or Usernames
- Torward - An Improved Version Based On The Torghost-Gn And Darktor Scripts, Designed To Enhance Anonymity On The Internet
Exploit DB
- [local] Microsoft Windows 11 - Kernel Privilege Escalation
- [local] tar-fs 3.0.0 - Arbitrary File Write/Overwrite
- [remote] code-projects Online Exam Mastering System 1.0 - Reflected Cross-Site Scripting (XSS)
- [remote] OpenSSH server (sshd) 9.8p1 - Race Condition
- [local] Microsoft Windows 11 23h2 - CLFS.sys Elevation of Privilege
- [webapps] WordPress Core 6.2 - Directory Traversal
- [remote] WonderCMS 3.4.2 - Remote Code Execution (RCE)
- [remote] Firefox ESR 115.11 - PDF.js Arbitrary JavaScript execution
- [webapps] FoxCMS 1.2.5 - Remote Code Execution (RCE)
- [webapps] Drupal 11.x-dev - Full Path Disclosure
Ethical Zero Day Marketplace Desired Effect Emerges From Stealth
/in General NewsDesired Effect provides an ethical vulnerability exchange marketplace to help defenders get ahead of attackers.
The post Ethical Zero Day Marketplace Desired Effect Emerges From Stealth appeared first on SecurityWeek.
SecurityWeek – Read More
Endor Labs Raises $93 Million for AppSec Platform
/in General NewsEndor Labs has raised $93 million in a Series B funding round and announced a major expansion of its AppSec platform.
The post Endor Labs Raises $93 Million for AppSec Platform appeared first on SecurityWeek.
SecurityWeek – Read More
Blue Shield of California shared the private health data of millions with Google for years
/in General NewsThe health insurance giant is notifying at least 4.7 million patients of the security lapse.
Security News | TechCrunch – Read More
The Foundations of a Resilient Cyber Workforce
/in General NewsIn a world where insider threats, nation-state adversaries, and technological evolution create new challenges, companies must prioritize transparency, ethical leadership, and a culture rooted in trust.
darkreading – Read More
Microsoft just launched powerful AI ‘agents’ that could completely transform your workday — and challenge Google’s workplace dominance
/in General NewsMicrosoft unveils new AI reasoning agents and Copilot features to transform workplace productivity, with Chief Product Officer Aparna Chennapragada sharing exclusive insights on the company’s vision for human-agent collaboration.Read More
Security News | VentureBeat – Read More
Endor Labs, which builds tools to scan AI-generated code for vulnerabilities, lands $93M
/in General NewsAI-generated code is no doubt changing how software is built, but it’s also introducing new security challenges. More than 50% of organizations encounter security issues with AI-produced code sometimes or frequently, according to a late 2023 survey by developer security platform Synk. For Endor Labs, that opportunity proved alluring enough that it chose to change […]
Security News | TechCrunch – Read More
Files Deleted From GitHub Repos Leak Valuable Secrets
/in General NewsA security researcher has discovered hundreds of leaked secrets by restoring files deleted from GitHub repositories.
The post Files Deleted From GitHub Repos Leak Valuable Secrets appeared first on SecurityWeek.
SecurityWeek – Read More
Cynomi cinches $37M for its AI-based ‘virtual CISO’ for SMB cybersecurity
/in General NewsSmall and medium businesses are the newest targets for cybersecurity attacks, with 1 in 3 breached last year. SMBs are becoming more proactive in detecting and stopping these threats, and today a startup called Cynomi is announcing $37 million in funding to meet that demand. Insight Partners and Entrée Capital are co-leading the round, with previous backers […]
Security News | TechCrunch – Read More
Miggo Security Banks $17M Series A for ADR Technology
/in General NewsIsraeli runtime application security startups closes a $17 million Series A round led by Florida‑based SYN Ventures and YL Ventures.
The post Miggo Security Banks $17M Series A for ADR Technology appeared first on SecurityWeek.
SecurityWeek – Read More
Ransomware Surge Hits US Healthcare: AOA, DaVita and Bell Ambulance Breached
/in General NewsAOA, DaVita, and Bell Ambulance hit by ransomware in 2025. Over 245K affected as hackers steal patient data,…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More