BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
New OBSCURE#BAT Malware Targets Users with Fake Captchas
/in General NewsOBSCURE#BAT malware campaign exploits social engineering & fake software downloads to evade detection, steal data and persist on…
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
DeepSeek’s Malware-Generation Capabilities Put to Test
/in General NewsResearchers have analyzed the ability of the Chinese gen-AI DeepSeek to create malware such as ransomware and keyloggers.
The post DeepSeek’s Malware-Generation Capabilities Put to Test appeared first on SecurityWeek.
SecurityWeek – Read More
North Korean Hackers Distributed Android Spyware via Google Play
/in General NewsThe North Korea-linked APT37 has been observed targeting Android users with spyware distributed via Google Play.
The post North Korean Hackers Distributed Android Spyware via Google Play appeared first on SecurityWeek.
SecurityWeek – Read More
Webinar on Demand: Protecting Executives and Enterprises from Digital, Narrative and Physical Attacks
/in General NewsHow hyper agenda-driven threat actors, cybercriminals, and nation-states integrate digital, narrative, and physical attacks to target organizations through their executives.
The post Webinar on Demand: Protecting Executives and Enterprises from Digital, Narrative and Physical Attacks appeared first on SecurityWeek.
SecurityWeek – Read More
QuamCore Emerges From Stealth With $9 Million to Build a Quantum Computer
/in General NewsQuamCore’s secret sauce is a patented architecture that will allow the integration of 1 million qubits in a single cryostat.
The post QuamCore Emerges From Stealth With $9 Million to Build a Quantum Computer appeared first on SecurityWeek.
SecurityWeek – Read More
Security Maturity Models: Leveraging Executive Risk Appetite for Your Secure Development Evolution
/in General NewsOrganizations can align their processes with one of two global industry standards for self-assessment and security maturity—BSIMM and OWASP SAMM.
The post Security Maturity Models: Leveraging Executive Risk Appetite for Your Secure Development Evolution appeared first on SecurityWeek.
SecurityWeek – Read More
INE Security Alert: Using AI-Driven Cybersecurity Training to Counter Emerging Threats
/in General NewsCary, North Carolina, 13th March 2025, CyberNewsWire
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
‘People Are Scared’: Inside CISA as It Reels From Trump’s Purge
/in General NewsEmployees at the Cybersecurity and Infrastructure Security Agency tell WIRED they’re struggling to protect the US while the administration dismisses their colleagues and poisons their partnerships.
Security Latest – Read More
How to set up Bitwarden for personal and work use – and why you should keep them separate
/in General NewsDon’t let work invade your personal life. Separate your passwords with two Bitwarden accounts for better security and peace of mind.
Latest stories for ZDNET in Security – Read More
OpenAI Operator Agent Used in Proof-of-Concept Phishing Attack
/in General NewsResearchers from Symantec showed how OpenAI’s Operator agent, currently in research preview, can be used to construct a basic phishing attack from start to finish.
darkreading – Read More