BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Wshlient - A Simple Tool To Interact With Web Shells And Command Injection Vulnerabilities
- Pulsegram - Integrated Keylogger With Telegram
- Scrapling - An Undetectable, Powerful, Flexible, High-Performance Python Library That Makes Web Scraping Simple And Easy Again!
- VulnKnox - A Go-based Wrapper For The KNOXSS API To Automate XSS Vulnerability Testing
- Camtruder - Advanced RTSP Camera Discovery and Vulnerability Assessment Tool
- Frogy2.0 - An Automated External Reconnaissance And Attack Surface Management (ASM) Toolkit
- PEGASUS-NEO - A Comprehensive Penetration Testing Framework Designed For Security Professionals And Ethical Hackers. It Combines Multiple Security Tools And Custom Modules For Reconnaissance, Exploitation, Wireless Attacks, Web Hacking, And More
- Text4Shell-Exploit - A Custom Python-based Proof-Of-Concept (PoC) Exploit Targeting Text4Shell (CVE-2022-42889), A Critical Remote Code Execution Vulnerability In Apache Commons Text Versions < 1.10
- Ghost-Route - Ghost Route Detects If A Next JS Site Is Vulnerable To The Corrupt Middleware Bypass Bug (CVE-2025-29927)
- Bytesrevealer - Online Reverse Enginerring Viewer
Exploit DB
- [local] unzip-stream 0.3.1 - Arbitrary File Write
- [remote] OpenSSH server (sshd) 9.8p1 - Race Condition
- [local] tar-fs 3.0.0 - Arbitrary File Write/Overwrite
- [remote] code-projects Online Exam Mastering System 1.0 - Reflected Cross-Site Scripting (XSS)
- [local] Microsoft Windows 11 23h2 - CLFS.sys Elevation of Privilege
- [webapps] WordPress Core 6.2 - Directory Traversal
- [remote] WonderCMS 3.4.2 - Remote Code Execution (RCE)
- [local] Microsoft Windows 11 - Kernel Privilege Escalation
- [remote] Firefox ESR 115.11 - PDF.js Arbitrary JavaScript execution
- [webapps] FoxCMS 1.2.5 - Remote Code Execution (RCE)
Japanese global logistics company confirms ransomware attack
/in General NewsTokyo-based Kintetsu World Express, which specializes in freight forwarding, said a ransomware attack had disrupted some systems.
The Record from Recorded Future News – Read More
Structify raises $4.1M seed to turn unstructured web data into enterprise-ready datasets
/in General NewsBrooklyn-based Structify emerges from stealth with $4.1 million in seed funding to transform how businesses prepare data for AI, promising to save data scientists from the task that consumes 80% of their time.Read More
Security News | VentureBeat – Read More
The FBI’s Brett Leatherman gives the latest ‘Typhoon’ forecast
/in General NewsRecorded Future News sat down with the deputy assistant director of the FBI’s cyber division at the RSA Conference to talk about the latest updates in countering China-linked hackers.
The Record from Recorded Future News – Read More
RSA Conference 2025 Announcement Summary (Day 2)
/in General NewsHundreds of companies are showcasing their products and services this week at the 2025 edition of the RSA Conference in San Francisco.
The post RSA Conference 2025 Announcement Summary (Day 2) appeared first on SecurityWeek.
SecurityWeek – Read More
China Hackers Used Trojanized UyghurEditPP App to Target Uyghur Activists
/in General NewsChina-linked hackers targeted Uyghur activists using a Trojanized UyghurEditPP app in a spear-phishing campaign, Citizen Lab researchers reveal.…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
RansomHub Went Dark April 1; Affiliates Fled to Qilin, DragonForce Claimed Control
/in General NewsCybersecurity researchers have revealed that RansomHub’s online infrastructure has “inexplicably” gone offline as of April 1, 2025, prompting concerns among affiliates of the ransomware-as-a-service (RaaS) operation.
Singaporean cybersecurity company Group-IB said that this may have caused affiliates to migrate to Qilin, given that “disclosures on its DLS [data leak site] have doubled since
The Hacker News – Read More
Customer Account Takeovers: The Multi-Billion Dollar Problem You Don’t Know About
/in General NewsEveryone has cybersecurity stories involving family members. Here’s a relatively common one. The conversation usually goes something like this:
“The strangest thing happened to my streaming account. I got locked out of my account, so I had to change my password. When I logged back in, all my shows were gone. Everything was in Spanish and there were all these Spanish shows I’ve never seen
The Hacker News – Read More
Meta Releases Llama AI Open Source Protection Tools
/in General NewsMeta has released new Llama protection tools to help the open source AI community build more secure applications.
The post Meta Releases Llama AI Open Source Protection Tools appeared first on SecurityWeek.
SecurityWeek – Read More
France Blames Russia for Cyberattacks on Dozen Entities
/in General NewsFrance says the Russian state-sponsored group APT28 is responsible for targeting or compromising a dozen French entities.
The post France Blames Russia for Cyberattacks on Dozen Entities appeared first on SecurityWeek.
SecurityWeek – Read More
Link11 brings three brands together on one platform with new branding
/in General NewsFrankfurt am Main, Germany, 30th April 2025, CyberNewsWire
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More