BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
New MassJacker Malware Targets Piracy Users, Hijacking Cryptocurrency Transactions
/in General NewsUsers searching for pirated software are the target of a new malware campaign that delivers a previously undocumented clipper malware called MassJacker, according to findings from CyberArk.
Clipper malware is a type of cryware (as coined by Microsoft) that’s designed to monitor a victim’s clipboard content and facilitate cryptocurrency theft by substituting copied cryptocurrency wallet addresses
The Hacker News – Read More
OBSCURE#BAT Malware Uses Fake CAPTCHA Pages to Deploy Rootkit r77 and Evade Detection
/in General NewsA new malware campaign has been observed leveraging social engineering tactics to deliver an open-source rootkit called r77.
The activity, condemned OBSCURE#BAT by Securonix, enables threat actors to establish persistence and evade detection on compromised systems. It’s currently not known who is behind the campaign.
The rootkit “has the ability to cloak or mask any file, registry key or task
The Hacker News – Read More
Ransomware attack takes down health system network in Micronesia
/in General NewsOne of the four states that make up the Pacific nation of Micronesia is battling against ransomware hackers who have forced all of the computers used by its government health agency offline.
The Record from Recorded Future News – Read More
AI Chatbot DeepSeek R1 Can Be Manipulated to Create Malware
/in General NewsTenable Research reveals that AI chatbot DeepSeek R1 can be manipulated to generate keyloggers and ransomware code. While…
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
FBI, CISA Raise Alarms As Medusa Ransomware Attacks Grow
/in General NewsMedusa developers have been targeting a wide variety of critical infrastructure sectors, from healthcare and technology to manufacturing and insurance, racking up its victim count as it seemingly adds to its numbers of affiliates.
darkreading – Read More
OBSCURE#BAT Malware Highlights Risks of API Hooking
/in General NewsResearchers discovered an attack chain that uses several layers of obfuscated batch files and PowerShell scripts to deliver an advanced and persistent rootkit.
darkreading – Read More
FBI and CISA Urge Enabling 2FA to Counter Medusa Ransomware
/in General NewsFBI and CISA warn of Medusa ransomware attacks impacting critical infrastructure. Learn about Medusa’s tactics, prevention tips, and…
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Ransomware Hits Record High: 126% Surge in Attacks in February 2025
/in General NewsFebruary 2025 saw a record 126% surge in ransomware attacks, with Cl0p leading the charge. Hackers exploited file…
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Amazon is still hosting stalkerware victims’ data weeks after breach alert
/in General NewsAmazon won’t say if it will stop hosting data from three phone surveillance operations that spilled private data on millions of people.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Unpatched Edimax Camera Flaw Exploited Since at Least May 2024
/in General NewsA recently disclosed Edimax zero-day vulnerability has been exploited in the wild by Mirai botnets for nearly a year.
The post Unpatched Edimax Camera Flaw Exploited Since at Least May 2024 appeared first on SecurityWeek.
SecurityWeek – Read More