BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Stacks Mobile App Builder 5.2.3 - Authentication Bypass via Account Takeover
- [remote] Microsoft PowerPoint 2019 - Remote Code Execution (RCE)
- [remote] ScriptCase 9.12.006 (23) - Remote Command Execution (RCE)
- [local] Sudo chroot 1.9.17 - Local Privilege Escalation
- [local] Sudo 1.9.17 Host Option - Elevation of Privilege
- [local] Microsoft Defender for Endpoint (MDE) - Elevation of Privilege
- [webapps] Discourse 3.2.x - Anonymous Cache Poisoning
- [remote] Microsoft Outlook - Remote Code Execution (RCE)
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
Leak of data belonging to 7.4 million Paraguayans traced back to infostealers
/in General NewsThe leaks to the dark web contain information “about the entire population” of Paraguay, researchers said, and likely originated with malware that infected a government employee device.
The Record from Recorded Future News – Read More
AT&T customer? You might get a cut of $177 million data breach settlement
/in General NewsMillions of customers had their data stolen. Now AT&T is offering compensation.
Latest stories for ZDNET in Security – Read More
Androxgh0st Botnet Expands Reach, Exploiting US University Servers
/in General NewsNew CloudSEK findings show Androxgh0st botnet evolving. Academic institutions, including UC San Diego, hit. Discover how this sophisticated…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
How to get Windows 10 extended security updates for free: 2 options
/in General NewsDon’t want to fork over $30 for a one-year subscription to Windows 10 Extended Security Updates? Microsoft is offering a couple of ways to avoid the fee. But there is a catch.
Latest stories for ZDNET in Security – Read More
Kali Linux 2025.1c Fixes Key Issue, Adds New Tools and Interface Updates
/in General NewsKali Linux 2025.1c includes a new signing key to fix update errors, adds new tools, a redesigned menu with MITRE ATT&CK, and major system upgrades.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Researchers Find Way to Shut Down Cryptominer Campaigns Using Bad Shares and XMRogue
/in General NewsCybersecurity researchers have detailed two novel methods that can be used to disrupt cryptocurrency mining botnets.
The methods take advantage of the design of various common mining topologies in order to shut down the mining process, Akamai said in a new report published today.
“We developed two techniques by leveraging the mining topologies and pool policies that enable us to reduce a
The Hacker News – Read More
How the US Military Is Redefining Zero Trust
/in General NewsTrust no longer comes from network boundaries alone but from continuously validating and protecting data and identities at every interaction.
darkreading – Read More
How CISOs became the gatekeepers of $309B AI infrastructure spending
/in General NewsSecurity vendors race to control $309B AI infrastructure market. How AgenticOps, eBPF and silicon-speed security will determine the winners.Read More
Security News | VentureBeat – Read More
Russia releases REvil members after convictions for payment card fraud
/in General NewsFour convicted members of the REvil cybercrime gang were released from custody after being sentenced in St. Petersburg for offenses related to payment card fraud.
The Record from Recorded Future News – Read More
Want a free VPN? How to use ProtonVPN on Android without having to pay
/in General NewsThe best part is you don’t need to sign in or even create a ProtonVPN account. Here’s how.
Latest stories for ZDNET in Security – Read More