BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
CYREBRO Recognized in Gartner Emerging Tech Report for Detection and Response Startups
/in General NewsRamat Gan, Israel, 25th March 2025, CyberNewsWire
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Security teams can respond 80% faster to events with Cyberhaven’s AI-powered data lineage tools
/in General NewsThe security platform built specific large lineage models (LLiMs) to track data lifecycles across users and endpoints and detect shadow AI.Read More
Security News | VentureBeat – Read More
Chinese APT Weaver Ant Targeting Telecom Providers in Asia
/in General NewsWeaver Ant, a cyberespionage-focused APT operating out of China, is targeting telecom providers for persistent access.
The post Chinese APT Weaver Ant Targeting Telecom Providers in Asia appeared first on SecurityWeek.
SecurityWeek – Read More
Ransomware Shifts Tactics as Payouts Drop: Critical Infrastructure in the Crosshairs
/in General NewsThreats themselves change very little, but the tactics used are continually revised to maximize the criminals’ return on investment and effort.
The post Ransomware Shifts Tactics as Payouts Drop: Critical Infrastructure in the Crosshairs appeared first on SecurityWeek.
SecurityWeek – Read More
Medusa Ransomware Disables Anti-Malware Tools with Stolen Certificates
/in General NewsCybercriminals exploit AbyssWorker driver to disable EDR systems, deploying MEDUSA ransomware with revoked certificates for stealthy attacks.
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
IngressNightmare Flaws Expose Many Kubernetes Clusters to Remote Hacking
/in General NewsCritical remote code execution vulnerabilities found by Wiz researchers in Ingress NGINX Controller for Kubernetes.
The post IngressNightmare Flaws Expose Many Kubernetes Clusters to Remote Hacking appeared first on SecurityWeek.
SecurityWeek – Read More
Hacker Conversations: Frank Trezza – From Phreaker to Pentester
/in General NewsFrank Trezza is fairly typical of most hackers. Early pranks sometimes leading to something more serious.
The post Hacker Conversations: Frank Trezza – From Phreaker to Pentester appeared first on SecurityWeek.
SecurityWeek – Read More
300 Arrested in Crackdown on Cybercrime Rings in Africa
/in General NewsAuthorities in seven African countries arrested 300 suspects in an international crackdown on cybercriminal networks targeting businesses.
The post 300 Arrested in Crackdown on Cybercrime Rings in Africa appeared first on SecurityWeek.
SecurityWeek – Read More
Hackers Use .NET MAUI to Target Indian and Chinese Users with Fake Banking, Social Apps
/in General NewsCybersecurity researchers are calling attention to an Android malware campaign that leverages Microsoft’s .NET Multi-platform App UI (.NET MAUI) framework to create bogus banking and social media apps targeting Indian and Chinese-speaking users.
“These threats disguise themselves as legitimate apps, targeting users to steal sensitive information,” McAfee Labs researcher Dexter Shin said.
.NET
The Hacker News – Read More
INTERPOL Arrests 306 Suspects, Seizes 1,842 Devices in Cross-Border Cybercrime Bust
/in General NewsLaw enforcement authorities in seven African countries have arrested 306 suspects and confiscated 1,842 devices as part of an international operation codenamed Red Card that took place between November 2024 and February 2025.
The coordinated effort “aims to disrupt and dismantle cross-border criminal networks which cause significant harm to individuals and businesses,” INTERPOL said, adding it
The Hacker News – Read More