BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
Microsoft Warns of New StilachiRAT Malware
/in General NewsMicrosoft has shared details on StilachiRAT, an evasive and persistent piece of malware that facilitates sensitive data theft.
The post Microsoft Warns of New StilachiRAT Malware appeared first on SecurityWeek.
SecurityWeek – Read More
Critical mySCADA myPRO Flaws Could Let Attackers Take Over Industrial Control Systems
/in General NewsCybersecurity researchers have disclosed details of two critical flaws impacting mySCADA myPRO, a Supervisory Control and Data Acquisition (SCADA) system used in operational technology (OT) environments, that could allow malicious actors to take control of susceptible systems.
“These vulnerabilities, if exploited, could grant unauthorized access to industrial control networks, potentially
The Hacker News – Read More
CISA Warns of Active Exploitation in GitHub Action Supply Chain Compromise
/in General NewsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a vulnerability linked to the supply chain compromise of the GitHub Action, tj-actions/changed-files, to its Known Exploited Vulnerabilities (KEV) catalog.
The high-severity flaw, tracked as CVE-2025-30066 (CVSS score: 8.6), involves the breach of the GitHub Action to inject malicious code that enables a remote
The Hacker News – Read More
Knocknoc Raises Seed Funding to Scale Its Just-In-Time Network Access Control Technology
/in General NewsSydney, Australia, 19th March 2025, CyberNewsWire
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Nvidia’s GTC 2025 keynote: 40x AI performance leap, open-source ‘Dynamo’, and a walking Star Wars-inspired ‘Blue’ robot
/in General NewsNvidia CEO Jensen Huang unveils 40x faster Blackwell platform, Vera Rubin roadmap through 2027, open-source Dynamo software, humanoid robotics AI, and GM partnership at GTC 2025, positioning the company to counter DeepSeek’s efficiency challenge.Read More
Security News | VentureBeat – Read More
Knostic Nabs $11M to Eliminate Enterprise AI Data Leaks
/in General NewsPost Content
darkreading – Read More
Google Acquires Wiz for Record $32 Billion
/in General News$32B Wiz acquisition: Google ramps up cloud security. Following Mandiant, this deal signals major GCP defense upgrade.
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Fujifilm Signs Strategic Collaboration Agreement With Amazon Web Services
/in General NewsPost Content
darkreading – Read More
Automox Demonstrates IT and Security Impact With Launch of Precision Analytics
/in General NewsPost Content
darkreading – Read More
Wireless Airspace Defense Firm Bastille Reveals Top Threats of 2025
/in General NewsPost Content
darkreading – Read More