BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- VulnKnox - A Go-based Wrapper For The KNOXSS API To Automate XSS Vulnerability Testing
- Camtruder - Advanced RTSP Camera Discovery and Vulnerability Assessment Tool
- Frogy2.0 - An Automated External Reconnaissance And Attack Surface Management (ASM) Toolkit
- PEGASUS-NEO - A Comprehensive Penetration Testing Framework Designed For Security Professionals And Ethical Hackers. It Combines Multiple Security Tools And Custom Modules For Reconnaissance, Exploitation, Wireless Attacks, Web Hacking, And More
- Text4Shell-Exploit - A Custom Python-based Proof-Of-Concept (PoC) Exploit Targeting Text4Shell (CVE-2022-42889), A Critical Remote Code Execution Vulnerability In Apache Commons Text Versions < 1.10
- Ghost-Route - Ghost Route Detects If A Next JS Site Is Vulnerable To The Corrupt Middleware Bypass Bug (CVE-2025-29927)
- Bytesrevealer - Online Reverse Enginerring Viewer
- CentralizedFirewall - Provides A Firewall Manager API Designed To Centralize And Streamline The Management Of Firewall Configurations
- Maryam - Open-source Intelligence(OSINT) Framework
- TruffleHog Explorer - A User-Friendly Web-Based Tool To Visualize And Analyze Data Extracted Using TruffleHog
Exploit DB
- [local] Microsoft Windows 11 - Kernel Privilege Escalation
- [local] tar-fs 3.0.0 - Arbitrary File Write/Overwrite
- [remote] code-projects Online Exam Mastering System 1.0 - Reflected Cross-Site Scripting (XSS)
- [remote] OpenSSH server (sshd) 9.8p1 - Race Condition
- [local] Microsoft Windows 11 23h2 - CLFS.sys Elevation of Privilege
- [webapps] WordPress Core 6.2 - Directory Traversal
- [remote] WonderCMS 3.4.2 - Remote Code Execution (RCE)
- [remote] Firefox ESR 115.11 - PDF.js Arbitrary JavaScript execution
- [webapps] FoxCMS 1.2.5 - Remote Code Execution (RCE)
- [webapps] Drupal 11.x-dev - Full Path Disclosure
Sam Altman at TED 2025: Inside the most uncomfortable — and important — AI interview of the year
/in General NewsAt TED 2025, OpenAI CEO Sam Altman faced tough questions on AI ethics, artist compensation, and the risks of autonomous agents in a tense interview with TED’s Chris Anderson, revealing new details about OpenAI’s explosive growth and future plans.Read More
Security News | VentureBeat – Read More
Operation BULUT: Encrypted Chats from Sky ECC, ANOM Lead to 232 Arrests
/in General NewsIntelligence from encrypted platforms like Sky ECC and ANOM has led to the arrest of 232 individuals and…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
For security, Android phones will now auto-reboot after three days
/in General NewsThe update comes months after Apple pushed its own “inactivity reboot” feature.
Security News | TechCrunch – Read More
Gartner’s 12 Emerging Tech Disruptors & Why ‘Technology Leaders Must Take Action Now’
/in General NewsA Gartner distinguished VP analyst offers TechRepublic readers advice about which early-stage technologies that will define the future of business systems to prioritize.
Security | TechRepublic – Read More
Virtue AI Attracts $30M Investment to Address Critical AI Deployment Risks
/in General NewsSan Francisco startup banks $30 million in Seed and Series A funding led by Lightspeed Venture Partners and Walden Catalyst Ventures.
The post Virtue AI Attracts $30M Investment to Address Critical AI Deployment Risks appeared first on SecurityWeek.
SecurityWeek – Read More
Suspected 4chan Hack Could Expose Longtime, Anonymous Admins
/in General NewsThough the exact details of the situation have not been confirmed, community infighting seems to have spilled out in a breach of the notorious image board.
Security Latest – Read More
4chan Breached? Hacker from Rival Soyjak Forum Claims Source Code Leak
/in General News4chan is down amid claims from a rival Soyjak forum user who says they’ve breached the site and…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
China accuses NSA of launching cyberattacks on Asian Winter Games
/in General NewsChina on Tuesday accused three alleged employees of the U.S. National Security Agency of carrying out cyberattacks on the Asian Winter Games in February.
The Record from Recorded Future News – Read More
Hertz Falls Victim to Cleo Zero-Day Attacks
/in General NewsCustomer data such as birth dates, credit card numbers and driver’s license information were stolen when threat actors exploited zero-day vulnerabilities in Cleo-managed file transfer products.
darkreading – Read More
Fake PDFCandy Websites Spread Malware via Google Ads
/in General NewsCloudSEK uncovers a sophisticated malware campaign where attackers impersonate PDFCandy.com to distribute the ArechClient2 information stealer. Learn how…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More