BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [local] TightVNC 2.8.83 - Control Pipe Manipulation
- [remote] ProSSHD 1.2 20090726 - Denial of Service (DoS)
- [webapps] Laravel Pulse 1.3.1 - Arbitrary Code Injection
- [local] Microsoft Windows 11 Version 24H2 Cross Device Service - Elevation of Privilege
- [remote] ABB Cylon Aspect 3.08.04 DeploySource - Remote Code Execution (RCE)
- [remote] Grandstream GSD3710 1.0.11.13 - Stack Overflow
- [webapps] CloudClassroom PHP Project 1.0 - SQL Injection
- [remote] Microsoft Windows Server 2025 JScript Engine - Remote Code Execution (RCE)
- [local] macOS LaunchDaemon iOS 17.2 - Privilege Escalation
- [remote] Apache Tomcat 10.1.39 - Denial of Service (DoS)
DeepSeek Phishing Sites Pursue User Data, Crypto Wallets
/in General NewsRiding the wave of notoriety from the Chinese company’s R1 AT chatbot, attackers are spinning up lookalike sites for different malicious use cases.
darkreading – Read More
House Lawmakers Push to Ban AI App DeepSeek From US Government Devices
/in General NewsA bipartisan duo in the the U.S. House is proposing legislation to ban the Chinese artificial intelligence app DeepSeek from federal devices.
The post House Lawmakers Push to Ban AI App DeepSeek From US Government Devices appeared first on SecurityWeek.
SecurityWeek – Read More
1,000 Apps Used in Malicious Campaign Targeting Android Users in India
/in General NewsZimperium warns that threat actors have stolen the information of tens of thousands of Android users in India using over 1,000 malicious applications.
The post 1,000 Apps Used in Malicious Campaign Targeting Android Users in India appeared first on SecurityWeek.
SecurityWeek – Read More
Spyware maker Paragon terminates contract with Italian government: media reports
/in General NewsFollowing allegations of potential abuse, Paragon Solutions has cut off Italy from its spyware systems.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Russia uses messaging apps to recruit terrorists, Ukraine’s police says
/in General NewsRussian intelligence services are using messaging apps and online forums to recruit Ukrainian citizens for terrorist attacks, promising quick payoffs, according to Ukraine’s law enforcement.
The Record from Recorded Future News – Read More
DeepSeek-R1 LLM Fails Over Half of Jailbreak Attacks in Security Analysis
/in General NewsDeepSeek-R1 LLM fails 58% of jailbreak attacks in Qualys security analysis. Learn about the vulnerabilities, compliance concerns, and risks for enterprise adoption.
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Ransomware Payments Decreased by 35% in 2024, Research Finds
/in General NewsRansomware payments dropped 35% in 2024 due to law enforcement crackdowns and stronger cyber defenses, forcing attackers to adapt with new tactics.
Security | TechRepublic – Read More
Grubhub breach exposed customer data. Should you be worried?
/in General NewsHere’s what happened, what Grubhub has done about it, and what you should do too.
Latest stories for ZDNET in Security – Read More
The Cyber Savanna: A Rigged Race You Can’t Win, but Must Run Anyway
/in General NewsWhen it comes to protecting your company from cyberattacks, you don’t have to be the fastest gazelle — you just can’t afford to be the slowest.
darkreading – Read More
Astra, Invary Raise Millions for AI-Powered Pentesting, Runtime Security
/in General NewsAstra Security and Invary have received new funding to fuel development of their vulnerability scanning and runtime security solutions.
The post Astra, Invary Raise Millions for AI-Powered Pentesting, Runtime Security appeared first on SecurityWeek.
SecurityWeek – Read More