BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [remote] Apache Tomcat 10.1.39 - Denial of Service (DoS)
- [remote] Grandstream GSD3710 1.0.11.13 - Stack Overflow
- [webapps] CloudClassroom PHP Project 1.0 - SQL Injection
- [remote] Microsoft Windows Server 2025 JScript Engine - Remote Code Execution (RCE)
- [remote] ABB Cylon Aspect 3.08.04 DeploySource - Remote Code Execution (RCE)
- [local] macOS LaunchDaemon iOS 17.2 - Privilege Escalation
- [remote] Automic Agent 24.3.0 HF4 - Privilege Escalation
- [remote] Fortra GoAnywhere MFT 7.4.1 - Authentication Bypass
- [webapps] WordPress Digits Plugin 8.4.6.1 - Authentication Bypass via OTP Bruteforcing
- [remote] SolarWinds Serv-U 15.4.2 HF1 - Directory Traversal
N. Korean Hackers Suspected in DEEP#DRIVE Attacks Against S. Korea
/in General NewsA phishing attack dubbed DEEP#DRIVE is targeting South Korean entities, with thousands already affected. North Korean hackers from…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
This Security Firm’s ‘Bias’ Is Also Its Superpower
/in General NewsCredible Security’s founders bring their varied experiences to help growing companies turn trust into a strategic advantage.
darkreading – Read More
Lazarus Group Deploys Marstech1 JavaScript Implant in Targeted Developer Attacks
/in General NewsThe North Korean threat actor known as the Lazarus Group has been linked to a previously undocumented JavaScript implant named Marstech1 as part of limited targeted attacks against developers.
The active operation has been dubbed Marstech Mayhem by SecurityScorecard, with the malware delivered by means of an open-source repository hosted on GitHub that’s associated with a profile named ”
The Hacker News – Read More
Meta confirms ‘Project Waterworth,’ a global subsea cable project spanning 50,000km
/in General NewsBack in November, we broke the news that Meta — owner of Facebook, Instagram and WhatsApp, with billions of users accounting for 10% of all fixed and 22% of all mobile traffic — was close to announcing work on a major new, $10 billion+ subsea cable project to connect up the globe. The aim was […]
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Pennsylvania utility says MOVEit breach at vendor exposed some customer data
/in General NewsA Pennsylvania utility company says that basic customer data stolen from one of its vendors in 2023 was recently exposed online, but the incident did not affect its core systems.
The Record from Recorded Future News – Read More
Virginia Attorney General’s Office Struck by Cyberattack Targeting Attorneys’ Computer Systems
/in General NewsThe chief deputy attorney general of the agency sent an email on Wednesday that said nearly all of is computer systems were offline.
The post Virginia Attorney General’s Office Struck by Cyberattack Targeting Attorneys’ Computer Systems appeared first on SecurityWeek.
SecurityWeek – Read More
Scammers Exploit JFK Files Release with Malware and Phishing
/in General NewsVeriti Research reported a developing cyber threat campaign centred around the declassification and release of the RFK, MLK…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Sean Cairncross is Trump Nominee for National Cyber Director
/in General NewsFormer RNC official Sean Cairncross has been nominated for the post of National Cyber Director to streamline the US cybersecurity strategy.
The post Sean Cairncross is Trump Nominee for National Cyber Director appeared first on SecurityWeek.
SecurityWeek – Read More
Open Source AI Models: Perfect Storm for Malicious Code, Vulnerabilities
/in General NewsCompanies pursing internal AI development using models from Hugging Face and other open source repositories need to focus on supply chain security and checking for vulnerabilities.
darkreading – Read More
How Banks Can Adapt to the Rising Threat of Financial Crime
/in General NewsBanking fraud and financial crimes are growing more sophisticated every day. By understanding the threats and building strong collaborations, banks can protect themselves and their clients.
darkreading – Read More