BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
China-Linked APT Aquatic Panda: 10-Month Campaign, 7 Global Targets, 5 Malware Families
/in General NewsThe China-linked advanced persistent threat (APT) group. known as Aquatic Panda has been linked to a “global espionage campaign” that took place in 2022 targeting seven organizations.
These entities include governments, catholic charities, non-governmental organizations (NGOs), and think tanks across Taiwan, Hungary, Turkey, Thailand, France, and the United States. The activity, which took place
The Hacker News – Read More
Chinese I-Soon Hackers Hit 7 Organizations in Operation FishMedley
/in General NewsThe FishMonger APT group, a subdivision of Chinese cybersecurity firm I-Soon, compromised seven organizations in a 2022 campaign.
The post Chinese I-Soon Hackers Hit 7 Organizations in Operation FishMedley appeared first on SecurityWeek.
SecurityWeek – Read More
Former NFL, Michigan Assistant Coach Matt Weiss Charged With Hacking for Athletes’ Intimate Photos
/in General NewsFormer NFL and University of Michigan assistant football coach Matt Weiss hacked into the computer accounts of thousands of college athletes seeking intimate photos and videos.
The post Former NFL, Michigan Assistant Coach Matt Weiss Charged With Hacking for Athletes’ Intimate Photos appeared first on SecurityWeek.
SecurityWeek – Read More
How to Avoid US-Based Digital Services—and Why You Might Want To
/in General NewsAmid growing concerns over Big Tech firms aligning with Trump administration policies, people are starting to move their digital lives to services based overseas. Here’s what you need to know.
Security Latest – Read More
Ransomware Group Claims Attacks on Ascom, Jaguar Land Rover
/in General NewsThe Hellcat ransomware group claims to have stolen tens of gigabytes of data from Ascom and Jaguar Land Rover.
The post Ransomware Group Claims Attacks on Ascom, Jaguar Land Rover appeared first on SecurityWeek.
SecurityWeek – Read More
Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility
/in General NewsTwo now-patched security flaws impacting Cisco Smart Licensing Utility are seeing active exploitation attempts, according to SANS Internet Storm Center.
The two critical-rated vulnerabilities in question are listed below –
CVE-2024-20439 (CVSS score: 9.8) – The presence of an undocumented static user credential for an administrative account that an attacker could exploit to log in to an
The Hacker News – Read More
Where Is Computer Vision Essential Today? Insights from Alltegrio’s CEO
/in General NewsToday, we are discussing Computer Vision applications, one of the most impactful AI-powered technologies that is reshaping our…
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Former Michigan football coach indicted in hacks of athlete databases of more than 100 colleges
/in General NewsFederal prosecutors said Matthew Weiss, a former assistant football coach at the University of Michigan, learned hacking skills to breach online databases, primarily targeting information about “female college athletes.”
The Record from Recorded Future News – Read More
Federal judge blocks DOGE’s access to Social Security Administration’s banks of personal information
/in General NewsThe order accused DOGE of engaging in a “fishing expedition” at the federal agency.
© 2025 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
North Korea launches new unit with a focus on AI hacking, per report
/in General NewsNorth Korea is reportedly launching a new cybersecurity unit called Research Center 227 within its intelligence agency Reconnaissance General Bureau (RGB).
© 2025 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More