BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Stacks Mobile App Builder 5.2.3 - Authentication Bypass via Account Takeover
- [remote] Microsoft PowerPoint 2019 - Remote Code Execution (RCE)
- [remote] ScriptCase 9.12.006 (23) - Remote Command Execution (RCE)
- [local] Sudo chroot 1.9.17 - Local Privilege Escalation
- [local] Sudo 1.9.17 Host Option - Elevation of Privilege
- [local] Microsoft Defender for Endpoint (MDE) - Elevation of Privilege
- [webapps] Discourse 3.2.x - Anonymous Cache Poisoning
- [remote] Microsoft Outlook - Remote Code Execution (RCE)
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
Ring’s new generative AI feature is here to answer your ‘who’s there?’ or ‘what was that?’ questions
/in General NewsCalled Video Descriptions, the AI feature generates detailed descriptions of what your Ring camera sees and delivers it in your notifications.
Latest stories for ZDNET in Security – Read More
Ring cameras and doorbells now use AI to provide specific descriptions of motion activity
/in General NewsRing gets a new AI-powered feature that offers users specific text descriptions of current motion activity.
Security News | TechCrunch – Read More
SonicWall Warns of Trojanized NetExtender Stealing User Information
/in General NewsSonicWall says a modified version of the legitimate NetExtender application contains information-stealing code.
The post SonicWall Warns of Trojanized NetExtender Stealing User Information appeared first on SecurityWeek.
SecurityWeek – Read More
New Vulnerabilities Expose Millions of Brother Printers to Hacking
/in General NewsRapid7 has found several serious vulnerabilities affecting over 700 printer models from Brother and other vendors.
The post New Vulnerabilities Expose Millions of Brother Printers to Hacking appeared first on SecurityWeek.
SecurityWeek – Read More
Pro-Iranian Hacktivist Group Leaks Personal Records from the 2024 Saudi Games
/in General NewsThousands of personal records allegedly linked to athletes and visitors of the Saudi Games have been published online by a pro-Iranian hacktivist group called Cyber Fattah.
Cybersecurity company Resecurity said the breach was announced on Telegram on June 22, 2025, in the form of SQL database dumps, characterizing it as an information operation “carried out by Iran and its proxies.”
“The actors
The Hacker News – Read More
Code Execution Vulnerability Patched in GitHub Enterprise Server
/in General NewsA high-severity vulnerability in GitHub Enterprise Server could have allowed remote attackers to execute arbitrary code.
The post Code Execution Vulnerability Patched in GitHub Enterprise Server appeared first on SecurityWeek.
SecurityWeek – Read More
Why Sincerity Is a Strategic Asset in Cybersecurity
/in General NewsStrong security doesn’t just rely on tools—it starts with trust, clarity, and sincerity from the top down.
The post Why Sincerity Is a Strategic Asset in Cybersecurity appeared first on SecurityWeek.
SecurityWeek – Read More
Chrome 138, Firefox 140 Patch Multiple Vulnerabilities
/in General NewsChrome 138 and Firefox 140 are rolling out with fixes for two dozen vulnerabilities, including high-severity memory safety issues.
The post Chrome 138, Firefox 140 Patch Multiple Vulnerabilities appeared first on SecurityWeek.
SecurityWeek – Read More
SonicWall NetExtender Trojan and ConnectWise Exploits Used in Remote Access Attacks
/in General NewsUnknown threat actors have been distributing a trojanized version of SonicWall’s SSL VPN NetExtender application to steal credentials from unsuspecting users who may have installed it.
“NetExtender enables remote users to securely connect and run applications on the company network,” SonicWall researcher Sravan Ganachari said. “Users can upload and download files, access network drives, and use
The Hacker News – Read More
Mainline Health, Select Medical Each Disclose Data Breaches Impacting 100,000 People
/in General NewsMainline Health and Select Medical Holdings have suffered data breaches that affect more than 100,000 individuals.
The post Mainline Health, Select Medical Each Disclose Data Breaches Impacting 100,000 People appeared first on SecurityWeek.
SecurityWeek – Read More