BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Stacks Mobile App Builder 5.2.3 - Authentication Bypass via Account Takeover
- [remote] Microsoft PowerPoint 2019 - Remote Code Execution (RCE)
- [remote] ScriptCase 9.12.006 (23) - Remote Command Execution (RCE)
- [local] Sudo chroot 1.9.17 - Local Privilege Escalation
- [local] Sudo 1.9.17 Host Option - Elevation of Privilege
- [local] Microsoft Defender for Endpoint (MDE) - Elevation of Privilege
- [webapps] Discourse 3.2.x - Anonymous Cache Poisoning
- [remote] Microsoft Outlook - Remote Code Execution (RCE)
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
Generative AI and privacy are best frenemies – a new study ranks the best and worst offenders
/in General NewsLe Chat and Grok are the most respectful of your privacy. So which ones are the worst offenders?
Latest stories for ZDNET in Security – Read More
SparkKitty Spyware on App Store and Play Store, Steals Photos for Crypto Data
/in General NewsKaspersky uncovers SparkKitty, new spyware in Apple App Store & Google Play. Steals photos, targets crypto info, active since early 2024 via malicious apps.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
New U.S. Visa Rule Requires Applicants to Set Social Media Account Privacy to Public
/in General NewsThe United States Embassy in India has announced that applicants for F, M, and J nonimmigrant visas should make their social media accounts public.
The new guideline seeks to help officials verify the identity and eligibility of applicants under U.S. law. The U.S. Embassy said every visa application review is a “national security decision.”
“Effective immediately, all individuals applying for an
The Hacker News – Read More
Leak of data belonging to 7.4 million Paraguayans traced back to infostealers
/in General NewsThe leaks to the dark web contain information “about the entire population” of Paraguay, researchers said, and likely originated with malware that infected a government employee device.
The Record from Recorded Future News – Read More
AT&T customer? You might get a cut of $177 million data breach settlement
/in General NewsMillions of customers had their data stolen. Now AT&T is offering compensation.
Latest stories for ZDNET in Security – Read More
Androxgh0st Botnet Expands Reach, Exploiting US University Servers
/in General NewsNew CloudSEK findings show Androxgh0st botnet evolving. Academic institutions, including UC San Diego, hit. Discover how this sophisticated…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
How to get Windows 10 extended security updates for free: 2 options
/in General NewsDon’t want to fork over $30 for a one-year subscription to Windows 10 Extended Security Updates? Microsoft is offering a couple of ways to avoid the fee. But there is a catch.
Latest stories for ZDNET in Security – Read More
Kali Linux 2025.1c Fixes Key Issue, Adds New Tools and Interface Updates
/in General NewsKali Linux 2025.1c includes a new signing key to fix update errors, adds new tools, a redesigned menu with MITRE ATT&CK, and major system upgrades.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Researchers Find Way to Shut Down Cryptominer Campaigns Using Bad Shares and XMRogue
/in General NewsCybersecurity researchers have detailed two novel methods that can be used to disrupt cryptocurrency mining botnets.
The methods take advantage of the design of various common mining topologies in order to shut down the mining process, Akamai said in a new report published today.
“We developed two techniques by leveraging the mining topologies and pool policies that enable us to reduce a
The Hacker News – Read More
How the US Military Is Redefining Zero Trust
/in General NewsTrust no longer comes from network boundaries alone but from continuously validating and protecting data and identities at every interaction.
darkreading – Read More