BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Stacks Mobile App Builder 5.2.3 - Authentication Bypass via Account Takeover
- [remote] Microsoft PowerPoint 2019 - Remote Code Execution (RCE)
- [remote] ScriptCase 9.12.006 (23) - Remote Command Execution (RCE)
- [local] Sudo chroot 1.9.17 - Local Privilege Escalation
- [local] Sudo 1.9.17 Host Option - Elevation of Privilege
- [local] Microsoft Defender for Endpoint (MDE) - Elevation of Privilege
- [webapps] Discourse 3.2.x - Anonymous Cache Poisoning
- [remote] Microsoft Outlook - Remote Code Execution (RCE)
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
75 million deepfakes blocked: Persona leads the corporate fight against hiring fraud
/in General NewsPersona blocks 75 million fake job candidates as AI hiring fraud explodes across corporate America, forcing companies to deploy advanced identity verification tools to combat deepfake infiltration.Read More
Security News | VentureBeat – Read More
2 clever ways Android 16 guards your security – but you need to enable them
/in General NewsOnce you turn on these new Android 16 security features, your information and phone will be better protected against harm.
Latest stories for ZDNET in Security – Read More
US bans WhatsApp from House of Representatives staff devices
/in General NewsThe U.S. government has banned WhatsApp from devices used by U.S. House of Representatives staff, saying the app poses potential security risks.
Security News | TechCrunch – Read More
Prometei Botnet Activity Spikes
/in General NewsPalo Alto Networks has observed a spike in Prometei activity since March 2025, pointing to a resurgence of the botnet.
The post Prometei Botnet Activity Spikes appeared first on SecurityWeek.
SecurityWeek – Read More
Hackers Exploit Misconfigured Docker APIs to Mine Cryptocurrency via Tor Network
/in General NewsMisconfigured Docker instances are the target of a campaign that employs the Tor anonymity network to stealthily mine cryptocurrency in susceptible environments.
“Attackers are exploiting misconfigured Docker APIs to gain access to containerized environments, then using Tor to mask their activities while deploying crypto miners,” Trend Micro researchers Sunil Bharti and Shubham Singh said in an
The Hacker News – Read More
Identity Is the New Perimeter: Why Proofing and Verification Are Business Imperatives
/in General NewsThe future of secure digital engagement depends on continuous identity verification and proofing that can scale with risk.
The post Identity Is the New Perimeter: Why Proofing and Verification Are Business Imperatives appeared first on SecurityWeek.
SecurityWeek – Read More
Photo-Stealing Spyware Sneaks Into Apple App Store, Google Play
/in General NewsNewly discovered spyware has sneaked into Apple’s App Store and Google Play to steal images from users’ mobile devices.
The post Photo-Stealing Spyware Sneaks Into Apple App Store, Google Play appeared first on SecurityWeek.
SecurityWeek – Read More
U.S. House Bans WhatsApp on Official Devices Over Security and Data Protection Issues
/in General NewsThe U.S. House of Representatives has formally banned congressional staff members from using WhatsApp on government-issued devices, citing security concerns.
The development was first reported by Axios.
The decision, according to the House Chief Administrative Officer (CAO), was motivated by worries about the app’s security.
“The Office of Cybersecurity has deemed WhatsApp a high-risk to users
The Hacker News – Read More
Chinese APT Hacking Routers to Build Espionage Infrastructure
/in General NewsA Chinese APT has been infecting SOHO routers with the ShortLeash backdoor to build stealthy espionage infrastructure.
The post Chinese APT Hacking Routers to Build Espionage Infrastructure appeared first on SecurityWeek.
SecurityWeek – Read More
Apple, Netflix, Microsoft Sites ‘Hacked’ for Tech Support Scams
/in General NewsTech support scammers are using sponsored ads and search parameter injection to trick users into calling them.
The post Apple, Netflix, Microsoft Sites ‘Hacked’ for Tech Support Scams appeared first on SecurityWeek.
SecurityWeek – Read More