BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
Cyberattack disrupts train ticket sales in Ukraine
/in General NewsUkrzaliznytsia, Ukraine’s state-owned railway operator, has been hit by a cyberattack that disrupted online ticket sales.
Security News | TechCrunch – Read More
Oracle Denies Cloud Breach After Hacker Offers to Sell Data
/in General NewsOracle has denied that Cloud systems have been breached after a hacker claimed to have stolen millions of records.
The post Oracle Denies Cloud Breach After Hacker Offers to Sell Data appeared first on SecurityWeek.
SecurityWeek – Read More
Russian Firm Offers $4 Million for Telegram Exploits
/in General NewsA Russian exploit acquisition firm says it is willing to pay up to $4 million for full-chain exploits targeting the popular messaging service Telegram. The firm, Operation Zero, is known for selling zero-day exploits exclusively to Russian government and private organizations. On March 20, the exploit broker announced on X that it was offering up […]
The post Russian Firm Offers $4 Million for Telegram Exploits appeared first on SecurityWeek.
SecurityWeek – Read More
Webinar Tomorrow: Which Security Testing Approach is Right for You?
/in General NewsUnderstand whether BAS, Automated Penetration Testing, or the combined approach of Adversarial Exposure Validation (AEV) aligns best with your organization’s unique security needs.
The post Webinar Tomorrow: Which Security Testing Approach is Right for You? appeared first on SecurityWeek.
SecurityWeek – Read More
US Lifts Sanctions Against Crypto Mixer Tornado Cash
/in General NewsThe US Department of the Treasury has removed sanctions against the fully decentralized cryptocurrency mixer service Tornado Cash.
The post US Lifts Sanctions Against Crypto Mixer Tornado Cash appeared first on SecurityWeek.
SecurityWeek – Read More
FCC Probes Whether Banned Chinese Telecom Providers Still Operating in US
/in General NewsThe FCC is investigating whether Chinese firms such as Huawei, ZTE and China Telecom are still operating in the US.
The post FCC Probes Whether Banned Chinese Telecom Providers Still Operating in US appeared first on SecurityWeek.
SecurityWeek – Read More
Cloak Ransomware Hits Virginia Attorney General’s Office, Disrupts IT Systems
/in General NewsCloak ransomware group claims attack on Virginia attorney general’s office, demands ransom for stolen data. Investigation underway. Find out the impact and what’s being done.
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Medusa Ransomware Uses Malicious Driver to Disable Security Tools
/in General NewsThe Medusa ransomware relies on a malicious Windows driver to disable the security tools running on the infected systems.
The post Medusa Ransomware Uses Malicious Driver to Disable Security Tools appeared first on SecurityWeek.
SecurityWeek – Read More
⚡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More
/in General NewsA quiet tweak in a popular open-source tool opened the door to a supply chain breach—what started as a targeted attack quickly spiraled, exposing secrets across countless projects.
That wasn’t the only stealth move. A new all-in-one malware is silently stealing passwords, crypto, and control—while hiding in plain sight. And over 300 Android apps joined the chaos, running ad
The Hacker News – Read More
Arsen Introduces AI-Powered Phishing Tests to Improve Social Engineering Resilience
/in General NewsParis, France, 24th March 2025, CyberNewsWire
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More