BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
- Uro - Declutters Url Lists For Crawling/Pentesting
- Wshlient - A Simple Tool To Interact With Web Shells And Command Injection Vulnerabilities
Exploit DB
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
- [webapps] Casdoor 1.901.0 - Cross-Site Request Forgery (CSRF)
- [webapps] Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference (IDOR)
- [local] Daikin Security Gateway 14 - Remote Password Reset
- [local] ZTE ZXV10 H201L - RCE via authentication bypass
How to delete your X/Twitter account for good (and protect your data)
/in General NewsLeaving X isn’t as simple as logging off. Here’s what to do before joining the exodus.
Latest stories for ZDNET in Security – Read More
Managing Threats When Most of the Security Team Is Out of the Office
/in General NewsDuring holidays and slow weeks, teams thin out and attackers move in. Here are strategies to bridge gaps, stay vigilant, and keep systems secure during those lulls.
darkreading – Read More
TP-Link routers may be banned in the US next year – what that means for you
/in General NewsSome of the world’s most popular router and modem models have been connected to several high-profile hacking incidents. (Also, they’re made in China.)
Latest stories for ZDNET in Security – Read More
How Nation-State Cybercriminals Are Targeting the Enterprise
/in General NewsCombating nation-state threat actors at the enterprise level requires more than just cyber readiness and investment — it calls for a collaborative effort.
darkreading – Read More
Top AI Trends Every Software Development Company to Follow in 2025
/in General NewsThe software development industry is expanding tremendously. It drives up the need for technical people and new solutions.…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
In Other News: McDonald’s API Hacking, Netflix Fine, Malware Kills ICS Process
/in General NewsNoteworthy stories that might have slipped under the radar: McDonald’s API hacking, Netflix fined nearly $5 million in Netherlands, experimental malware killing ICS process.
The post In Other News: McDonald’s API Hacking, Netflix Fine, Malware Kills ICS Process appeared first on SecurityWeek.
SecurityWeek – Read More
Ransomware Group Claims Theft of Personal, Financial Data From Krispy Kreme
/in General NewsThe Play ransomware group claims to have stolen sensitive data from donut and coffee retail chain Krispy Kreme.
The post Ransomware Group Claims Theft of Personal, Financial Data From Krispy Kreme appeared first on SecurityWeek.
SecurityWeek – Read More
Botnet of 190,000 BadBox-Infected Android Devices Discovered
/in General NewsBitsight has discovered a BadBox botnet consisting of over 190,000 Android devices, mainly Yandex smart TVs and Hisense smartphones.
The post Botnet of 190,000 BadBox-Infected Android Devices Discovered appeared first on SecurityWeek.
SecurityWeek – Read More
Rockwell PowerMonitor Vulnerabilities Allow Remote Hacking of Industrial Systems
/in General NewsRockwell’s PowerMonitor is affected by critical vulnerabilities that can enable remote access to industrial systems for disruption or further attacks.
The post Rockwell PowerMonitor Vulnerabilities Allow Remote Hacking of Industrial Systems appeared first on SecurityWeek.
SecurityWeek – Read More
Sophos Issues Hotfixes for Critical Firewall Flaws: Update to Prevent Exploitation
/in General NewsSophos has released hotfixes to address three security flaws in Sophos Firewall products that could be exploited to achieve remote code execution and allow privileged system access under certain conditions.
Of the three, two are rated Critical in severity. There is currently no evidence that the shortcomings have been exploited in the wild. The list of vulnerabilities is as follows –
The Hacker News – Read More