BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
Trump nominates Sean Plankey to run top US cyber agency
/in General NewsSean Plankey, who served in cybersecurity roles in the first Trump administration, has been officially nominated to run the Cybersecurity and Infrastructure Security Agency (CISA), according to posting of nominations.
The Record from Recorded Future News – Read More
What Really Happened With the DDoS Attacks That Took Down X
/in General NewsElon Musk said a “massive cyberattack” disrupted X on Monday and pointed to “IP addresses originating in the Ukraine area” as the source of the attack. Security experts say that’s not how it works.
Security Latest – Read More
Edimax Says No Patches Coming for Zero-Day Exploited by Botnets
/in General NewsEdimax is aware that CVE-2025-1316 has been exploited in the wild, but the impacted devices were discontinued over a decade ago.
The post Edimax Says No Patches Coming for Zero-Day Exploited by Botnets appeared first on SecurityWeek.
SecurityWeek – Read More
Ballista Botnet Exploits Unpatched TP-Link Vulnerability, Infects Over 6,000 Devices
/in General NewsUnpatched TP-Link Archer routers have become the target of a new botnet campaign dubbed Ballista, according to new findings from the Cato CTRL team.
“The botnet exploits a remote code execution (RCE) vulnerability in TP-Link Archer routers (CVE-2023-1389) to spread itself automatically over the Internet,” security researchers Ofek Vardi and Matan Mittelman said in a technical report shared with
The Hacker News – Read More
SAP Patches High-Severity Vulnerabilities in Commerce, NetWeaver
/in General NewsSAP released 21 new security notes and updated three security notes on March 2025 security patch day.
The post SAP Patches High-Severity Vulnerabilities in Commerce, NetWeaver appeared first on SecurityWeek.
SecurityWeek – Read More
Sola Security Deposits Hefty $30M Seed Funding
/in General NewsThe financing was provided by S Capital and investor Mike Moritz, S32, Glilot Capital Partners, and several angel investors.
The post Sola Security Deposits Hefty $30M Seed Funding appeared first on SecurityWeek.
SecurityWeek – Read More
1,600 Victims Hit by South American APT’s Malware
/in General NewsSouth American cyberespionage group Blind Eagle has infected over 1,600 organizations in Colombia in a recent campaign.
The post 1,600 Victims Hit by South American APT’s Malware appeared first on SecurityWeek.
SecurityWeek – Read More
How to Use NordPass: A Step-by-Step Guide
/in General NewsLearn how to set up and use NordPass to store and manage your passwords with this step-by-step guide.
Security | TechRepublic – Read More
Some say passkeys are clunky — this startup wants to change that
/in General NewsHawcx, backed by Engineering Capital, aims to solve passkeys’ adoption challenge with its new tech.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
SideWinder APT Targets Maritime, Nuclear, and IT Sectors Across Asia, Middle East, and Africa
/in General NewsMaritime and logistics companies in South and Southeast Asia, the Middle East, and Africa have become the target of an advanced persistent threat (APT) group dubbed SideWinder.
The attacks, observed by Kaspersky in 2024, spread across Bangladesh, Cambodia, Djibouti, Egypt, the United Arab Emirates, and Vietnam. Other targets of interest include nuclear power plants and nuclear energy
The Hacker News – Read More