BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [remote] Apache Tomcat 10.1.39 - Denial of Service (DoS)
- [remote] Grandstream GSD3710 1.0.11.13 - Stack Overflow
- [webapps] CloudClassroom PHP Project 1.0 - SQL Injection
- [remote] Microsoft Windows Server 2025 JScript Engine - Remote Code Execution (RCE)
- [remote] ABB Cylon Aspect 3.08.04 DeploySource - Remote Code Execution (RCE)
- [local] macOS LaunchDaemon iOS 17.2 - Privilege Escalation
- [remote] Automic Agent 24.3.0 HF4 - Privilege Escalation
- [remote] Fortra GoAnywhere MFT 7.4.1 - Authentication Bypass
- [webapps] WordPress Digits Plugin 8.4.6.1 - Authentication Bypass via OTP Bruteforcing
- [remote] SolarWinds Serv-U 15.4.2 HF1 - Directory Traversal
SentinelOne Reports Services Are Back Online After Global Outage
/in General NewsThe outage reportedly hit 10 commercial customer consoles for SentinelOne’s Singularity platform, including Singularity Endpoint, XDR, Cloud Security, Identity, Data Lake, RemoteOps, and more.
darkreading – Read More
ConnectWise says nation-state attack targeted multiple ScreenConnect customers
/in General NewsThe company said it “recently learned of suspicious activity” within its environment that it believes “was tied to a sophisticated nation state actor, which affected a very small number of ScreenConnect customers.”
The Record from Recorded Future News – Read More
A Swedish MMA Tournament Spotlights the Trump Administration’s Handling of Far-Right Terrorism
/in General NewsA member of a California-based fight club seems to have attended an event hosted by groups with ties to an organization the US government labeled a terrorist group. Will the Trump administration care?
Security Latest – Read More
PumaBot Targets Linux Devices in Latest Botnet Campaign
/in General NewsWhile the botnet may not be completely automated, it uses certain tactics when targeting devices that indicate that it may, at the very least, be semiautomated.
darkreading – Read More
Fake ChatGPT and InVideo AI Downloads Deliver Ransomware
/in General NewsCisco Talos uncovers CyberLock ransomware, Lucky_Gh0$t, and Numero malware masquerading as legitimate software and AI tool installers. Learn…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
US government sanctions tech company involved in cyber scams
/in General NewsThe Treasury said FUNNULL was involved in providing infrastructure for pig butchering crypto scams.
Security News | TechCrunch – Read More
Southeast Asian provider of ‘infrastructure laundering’ for scams is sanctioned by US
/in General NewsFunnull Technology supports “hundreds of thousands of websites” dedicated to the scams, otherwise known as pig butchering, according to the sanctions announcement by the Treasury Department’s Office of Foreign Assets Control.
The Record from Recorded Future News – Read More
Unbound Raises $4 Million to Secure Gen-AI Adoption
/in General NewsSecurity startup Unbound has raised $4 million in funding to help organizations adopt generative-AI tools securely and responsibly.
The post Unbound Raises $4 Million to Secure Gen-AI Adoption appeared first on SecurityWeek.
SecurityWeek – Read More
Your Asus router may be compromised – here’s how to tell and what to do
/in General NewsCybercriminals have hacked into thousands of Asus routers, possibly as a prelude to a widescale botnet attack, says a security firm.
Latest stories for ZDNET in Security – Read More
A decade in, bootstrapped Thinkst Canary reaches $20M in ARR without VC funding
/in General NewsReflecting on 10 years since its launch, the honeypot maker explains why the company did not take on any VC funding.
Security News | TechCrunch – Read More