BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
- Uro - Declutters Url Lists For Crawling/Pentesting
Exploit DB
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
- [webapps] Casdoor 1.901.0 - Cross-Site Request Forgery (CSRF)
- [webapps] Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference (IDOR)
- [local] Daikin Security Gateway 14 - Remote Password Reset
- [local] ZTE ZXV10 H201L - RCE via authentication bypass
The code whisperer: How Anthropic’s Claude is changing the game for software developers
/in General NewsThe software development world is experiencing its biggest transformation since the advent of open-source coding. Artificial intelligence assistants, once viewed with skepticism by professional developers, have become indispensable tools in the $736.96 billion global software development market. One of the products leading this seismic shift is An…Read More
Security News | VentureBeat – Read More
How CISOs Can Communicate With Their Boards Effectively
/in General NewsWith the increased frequency of board reporting, CISOs need to ensure their interactions are brief, productive, and valuable.
darkreading – Read More
AI Could Generate 10,000 Malware Variants, Evading Detection in 88% of Case
/in General NewsCybersecurity researchers have found that it’s possible to use large language models (LLMs) to generate new variants of malicious JavaScript code at scale in a manner that can better evade detection.
“Although LLMs struggle to create malware from scratch, criminals can easily use them to rewrite or obfuscate existing malware, making it harder to detect,” Palo Alto Networks Unit 42 researchers
The Hacker News – Read More
Middle East Cyberwar Rages On, With No End in Sight
/in General NewsSince October 2023, cyberattacks among countries in the Middle East have persisted, fueled by the conflict between Israel and Hamas, reeling in others on a global scale.
darkreading – Read More
Navigating the Cyber Threat Landscape: Lessons Learned & What’s Ahead
/in General NewsA look at the cyber threat landscape of 2024, including major breaches and trends. An expert weighs in on key lessons and what to expect in 2025.
Security | TechRepublic – Read More
Best Patch Management Software (2024): Compare Features & Pricing
/in General NewsPatch management software ensures that known vulnerabilities are patched efficiently to prevent breaches while streamlining IT workflows. Find the best patch management solution for your business.
Security | TechRepublic – Read More
Why Ethereum Will Be a Key Platform for Businesses in the Future
/in General NewsExplore how Ethereum revolutionizes industries with smart contracts, DeFi, NFTs, gaming, DAOs, and sustainability, shaping the future of…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Supply Chain Attack Hits Rspack, Vant npm Packages with Monero Miner
/in General NewsPopular npm packages, Rspack and Vant, were recently compromised with malicious code. Learn about the attack, the impact, and how to protect your projects from similar threats.
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Sophos Patches Critical Firewall Vulnerabilities
/in General NewsSophos has released patches for a critical-severity firewall vulnerability that could lead to remote code execution.
The post Sophos Patches Critical Firewall Vulnerabilities appeared first on SecurityWeek.
SecurityWeek – Read More
WhatsApp scores historic victory against NSO Group in long-running spyware hacking case
/in General NewsA US judge ruled that the Israeli spyware maker breached hacking laws by using WhatsApp to infect devices with Pegasus
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More