BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [remote] Windows File Explorer Windows 10 Pro x64 - TAR Extraction
- [webapps] Roundcube 1.6.10 - Remote Code Execution (RCE)
- [remote] Freefloat FTP Server 1.0 - Remote Buffer Overflow
- [remote] ProSSHD 1.2 20090726 - Denial of Service (DoS)
- [local] Microsoft Windows 11 Version 24H2 Cross Device Service - Elevation of Privilege
- [webapps] Laravel Pulse 1.3.1 - Arbitrary Code Injection
- [local] TightVNC 2.8.83 - Control Pipe Manipulation
- [remote] Microsoft Windows Server 2025 JScript Engine - Remote Code Execution (RCE)
- [remote] Apache Tomcat 10.1.39 - Denial of Service (DoS)
- [webapps] CloudClassroom PHP Project 1.0 - SQL Injection
Databarracks Launches Air Gap Recover
/in General NewsPost Content
darkreading – Read More
Google’s DMARC Push Pays Off, but Email Security Challenges Remain
/in General NewsA year after Google and Yahoo started requiring DMARC, the adoption rate of the email authentication specification has doubled; and yet, 87% of domains remain unprotected.
darkreading – Read More
HPE begins notifying data breach victims after Russian government hack
/in General NewsHackers with Russian foreign intelligence were blamed for the breach, which also targeted Microsoft.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Cyber Attack Severity Rating System Established in UK
/in General NewsThe U.K.’s new cyberattack rating system ranks incidents from 1 to 5, but experts warn businesses must go beyond awareness and strengthen their defences.
Security | TechRepublic – Read More
7,000 Exposed Ollama APIs Leave DeepSeek AI Models Wide Open to Attack
/in General NewsUpGuard discovers exposed Ollama APIs revealing DeepSeek model adoption globally. See where these AI models are running and the security risks involved.
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
How to use Tor to privately browse the web – it’s easier than you think
/in General NewsIf you want the highest level of privacy and security online, you should be using Tor.
Latest stories for ZDNET in Security – Read More
Information of 883,000 Stolen in Crippling Attack on Hospital Sisters Health System
/in General NewsHospital Sisters Health System says the personal information of 883,000 individuals was compromised in a 2023 crippling cyberattack.
The post Information of 883,000 Stolen in Crippling Attack on Hospital Sisters Health System appeared first on SecurityWeek.
SecurityWeek – Read More
In Other News: Cybersecurity Salaries, NanoLock Collapse, NSO Transparency Report
/in General NewsNoteworthy stories that might have slipped under the radar: NanoLock Security ceases operations, NSO publishes transparency report, cybersecurity salaries data.
The post In Other News: Cybersecurity Salaries, NanoLock Collapse, NSO Transparency Report appeared first on SecurityWeek.
SecurityWeek – Read More
UK government demands Apple backdoor to encrypted cloud data: report
/in General NewsApple is likely to stop providing its encrypted cloud service to U.K. users
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
CISA Warns of Active Exploitation in Trimble Cityworks Vulnerability Leading to IIS RCE
/in General NewsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned that a security flaw impacting Trimble Cityworks GIS-centric asset management software has come under active exploitation in the wild.
The vulnerability in question is CVE-2025-0994 (CVSS v4 score: 8.6), a deserialization of untrusted data bug that could permit an attacker to conduct remote code execution.
“This could
The Hacker News – Read More