BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [remote] Apache Tomcat 10.1.39 - Denial of Service (DoS)
- [remote] Grandstream GSD3710 1.0.11.13 - Stack Overflow
- [webapps] CloudClassroom PHP Project 1.0 - SQL Injection
- [remote] Microsoft Windows Server 2025 JScript Engine - Remote Code Execution (RCE)
- [remote] ABB Cylon Aspect 3.08.04 DeploySource - Remote Code Execution (RCE)
- [local] macOS LaunchDaemon iOS 17.2 - Privilege Escalation
- [remote] Automic Agent 24.3.0 HF4 - Privilege Escalation
- [remote] Fortra GoAnywhere MFT 7.4.1 - Authentication Bypass
- [webapps] WordPress Digits Plugin 8.4.6.1 - Authentication Bypass via OTP Bruteforcing
- [remote] SolarWinds Serv-U 15.4.2 HF1 - Directory Traversal
DeepSeek Exposes Major Cybersecurity Blind Spot
/in General NewsMillions of uninformed users have flocked to DeepSeek and share personal information without considering security or privacy risks.
The post DeepSeek Exposes Major Cybersecurity Blind Spot appeared first on SecurityWeek.
SecurityWeek – Read More
Munich Cyber Security and Security Conferences 2025 [Live Updates]
/in General NewsLive updates from the Munich Security and Cyber Security Conference from reporters Alexander Martin, Daryna Antoniuk and Dina Temple-Raston.
The Record from Recorded Future News – Read More
How Public & Private Sectors Can Better Align Cyber Defense
/in General NewsWith investment in cybersecurity capabilities and proactive measures to address emerging challenges, we can work together to navigate the complexities of combating cybercrime.
darkreading – Read More
Astaroth Phishing Kit Bypasses 2FA to Hijack Gmail and Microsoft Accounts
/in General NewsNew Astaroth Phishing Kit bypasses 2FA (two-factor authentication) to steal Gmail, Yahoo and Microsoft login credentials using a…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Chinese Cyberspy Possibly Launching Ransomware Attacks as Side Job
/in General NewsA toolset associated with China-linked espionage intrusions was employed in a ransomware attack, likely by a single individual.
The post Chinese Cyberspy Possibly Launching Ransomware Attacks as Side Job appeared first on SecurityWeek.
SecurityWeek – Read More
CyberArk snaps up Zilla Security for up to $175M
/in General NewsIdentity security company CyberArk has acquired identity governance and administration (IGA) platform Zilla Security in a deal worth up to $175 million. The transaction consists of a $165 million cash portion and an additional $10 million “earn-out” which is payable upon meeting certain milestones — it can be seen as an incentive for the founders […]
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Sophos lays off 6% of workforce following Secureworks acquisition
/in General NewsThe layoffs come soon after Sophos completed its $859 million acquisition of Secureworks.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
FortiOS Vulnerability Allows Super-Admin Privilege Escalation – Patch Now!
/in General NewsSuper-admin access vulnerability discovered in FortiOS Security Fabric. Exploitation could lead to widespread network breaches. Update now. Fortinet has…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
SecurityWeek Analysis: Over 400 Cybersecurity M&A Deals Announced in 2024
/in General NewsAn analysis conducted by SecurityWeek shows that 405 cybersecurity-related mergers and acquisitions were announced in 2024.
The post SecurityWeek Analysis: Over 400 Cybersecurity M&A Deals Announced in 2024 appeared first on SecurityWeek.
SecurityWeek – Read More
Palo Alto Networks Patches Potentially Serious Firewall Vulnerability
/in General NewsPalo Alto Networks has published 10 new security advisories, including one for a high-severity firewall authentication bypass vulnerability.
The post Palo Alto Networks Patches Potentially Serious Firewall Vulnerability appeared first on SecurityWeek.
SecurityWeek – Read More