BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
The Citizen Lab’s director dissects spyware and the ‘proliferating’ market for it
/in General NewsIn an interview with Recorded Future News, Deibert explained the technical aspects of the Citizen Lab’s methods and how spyware companies continue to evolve to evade detection.
The Record from Recorded Future News – Read More
Virtual Event Today: Supply Chain & Third-Party Risk Security Summit
/in General NewsJoin the virtual event as we explore of the critical nature of software and vendor supply chain security issues.
The post Virtual Event Today: Supply Chain & Third-Party Risk Security Summit appeared first on SecurityWeek.
SecurityWeek – Read More
Chinese Hacking Group MirrorFace Targeting Europe
/in General NewsChinese hacking group MirrorFace has targeted a Central European diplomatic institute with the Anel backdoor and AsyncRAT.
The post Chinese Hacking Group MirrorFace Targeting Europe appeared first on SecurityWeek.
SecurityWeek – Read More
Hackers Hide VenomRAT Malware Inside Virtual Hard Disk Image File
/in General NewsHackers are using .VHD files to spread VenomRAT malware, bypassing security software, reveals Forcepoint X-Labs. Learn how this stealthy attack works and how to protect yourself.
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Linux Foundation’s trust scorecards aim to battle rising open-source security threats
/in General NewsHow do you tell the difference between trustworthy open-source developers and hackers? Here’s one idea.
Latest stories for ZDNET in Security – Read More
SpyCloud’s 2025 Identity Exposure Report Reveals the Scale and Hidden Risks of Digital Identity Threats
/in General NewsAustin, TX, United States, 19th March 2025, CyberNewsWire
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Scareware Combined With Phishing in Attacks Targeting macOS Users
/in General NewsA long-running campaign phishing for credentials through scareware recently switched to targeting macOS users.
The post Scareware Combined With Phishing in Attacks Targeting macOS Users appeared first on SecurityWeek.
SecurityWeek – Read More
Researchers name several countries as potential Paragon spyware customers
/in General NewsThe Citizen Lab said it believes several governments may be customers of spyware maker Paragon Solutions.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
5 Identity Threat Detection & Response Must-Haves for Super SaaS Security
/in General NewsIdentity-based attacks are on the rise. Attackers are targeting identities with compromised credentials, hijacked authentication methods, and misused privileges. While many threat detection solutions focus on cloud, endpoint, and network threats, they overlook the unique risks posed by SaaS identity ecosystems. This blind spot is wreaking havoc on heavily SaaS-reliant organizations big and small
The Hacker News – Read More
Top 10 Passwords Hackers Use to Breach RDP – Is Yours at Risk?
/in General NewsTop 10 Passwords hackers use to breach RDP revealed! Weak credentials cause successful cyberattacks- check if yours is on the list and secure your system now.
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More