BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [remote] Apache Tomcat 10.1.39 - Denial of Service (DoS)
- [remote] Grandstream GSD3710 1.0.11.13 - Stack Overflow
- [webapps] CloudClassroom PHP Project 1.0 - SQL Injection
- [remote] Microsoft Windows Server 2025 JScript Engine - Remote Code Execution (RCE)
- [remote] ABB Cylon Aspect 3.08.04 DeploySource - Remote Code Execution (RCE)
- [local] macOS LaunchDaemon iOS 17.2 - Privilege Escalation
- [remote] Automic Agent 24.3.0 HF4 - Privilege Escalation
- [remote] Fortra GoAnywhere MFT 7.4.1 - Authentication Bypass
- [webapps] WordPress Digits Plugin 8.4.6.1 - Authentication Bypass via OTP Bruteforcing
- [remote] SolarWinds Serv-U 15.4.2 HF1 - Directory Traversal
Operation Endgame Takes Down DanaBot Malware, Neutralizes 300 Servers
/in General NewsOperation Endgame takes down DanaBot malware network; 300 servers neutralized, €21.2M in crypto seized, 16 charged, 20 international warrants.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Most AI chatbots devour your user data – these are the worst offenders
/in General NewsThe greediest AI of all gobbles up 90% of user data types – far more than most. Take a wild guess which one it is.
Latest stories for ZDNET in Security – Read More
Massive data breach exposes 184 million passwords for Google, Microsoft, Facebook, and more
/in General NewsThe file was unencrypted. No password protection. No security. Just a plain text file with millions of sensitive pieces of data.
Latest stories for ZDNET in Security – Read More
US, Europol arrest 270 dark web drug traffickers in Operation RapTor
/in General NewsU.S. and EU law enforcement seized more than $200 million and 144 kilograms of fentanyl or fentanyl-laced narcotics alongside 180 firearms as part of the international effort.
The Record from Recorded Future News – Read More
At TechCrunch Sessions: AI, Artemis Seaford and Ion Stoica confront the ethical crisis — when AI crosses the line
/in General NewsAs generative AI becomes faster, cheaper, and more convincing, the ethical stakes are no longer theoretical. What happens when the tools to deceive become widely accessible? And how do we build systems that are powerful — but safe enough to trust? At TechCrunch Sessions: AI, taking place June 5 at UC Berkeley’s Zellerbach Hall, Artemis […]
Security News | TechCrunch – Read More
Oversharing online? 5 ways it makes you an easy target for cybercriminals
/in General NewsHere’s why scammers and other malicious actors love when you share details about your life on social media.
Latest stories for ZDNET in Security – Read More
Rethinking Data Privacy in the Age of Generative AI
/in General NewsThe key to navigating this new GenAI landscape is a balanced approach — one that fosters transparency, strengthens regulatory frameworks, and embraces privacy-enhancing technologies.
darkreading – Read More
Companies Look to AI to Tame the Chaos of Event Security, Operations
/in General NewsAs the summer event season kicks off, venue managers and security firms aim to make AI part of the solution for keeping control of crowds and protecting against cyber-physical threats.
darkreading – Read More
ViciousTrap Uses Cisco Flaw to Build Global Honeypot from 5,300 Compromised Devices
/in General NewsCybersecurity researchers have disclosed that a threat actor codenamed ViciousTrap has compromised nearly 5,300 unique network edge devices across 84 countries and turned them into a honeypot-like network.
The threat actor has been observed exploiting a critical security flaw impacting Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers (CVE-2023-20118) to corral them into
The Hacker News – Read More
Chrome 0-Day CVE-2025-4664 Exposes Windows, Linux Browser Activity
/in General NewsA Chrome zero-day bug, CVE-2025-4664, exposes login tokens on Windows and Linux. Google has issued a fix, users should update immediately.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More