BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Skyvern 0.1.85 - Remote Code Execution (RCE) via SSTI
- [remote] PCMan FTP Server 2.0.7 - Buffer Overflow
- [webapps] Litespeed Cache WordPress Plugin 6.3.0.1 - Privilege Escalation
- [local] Parrot and DJI variants Drone OSes - Kernel Panic Exploit
- [remote] Windows 11 SMB Client - Privilege Escalation & Remote Code Execution (RCE)
- [remote] AirKeyboard iOS App 1.0.5 - Remote Input Injection
- [webapps] PHP CGI Module 8.3.4 - Remote Code Execution (RCE)
- [remote] WebDAV Windows 10 - Remote Code Execution (RCE)
- [local] Microsoft Excel Use After Free - Local Code Execution
- [remote] Windows File Explorer Windows 10 Pro x64 - TAR Extraction
Justice Department Sues to Block $14 Billion Juniper Buyout by Hewlett Packard Enterprise
/in General NewsThe lawsuit said that the combination of businesses would eliminate competition, raise prices and reduce innovation.
The post Justice Department Sues to Block $14 Billion Juniper Buyout by Hewlett Packard Enterprise appeared first on SecurityWeek.
SecurityWeek – Read More
VMware Patches High-Risk Flaws in Oft-Targeted Aria Operations Products
/in General NewsVMWare calls attention to patches for multiple ‘high-risk’ security defects in its Aria Operations and Aria Operations for Logs products.
The post VMware Patches High-Risk Flaws in Oft-Targeted Aria Operations Products appeared first on SecurityWeek.
SecurityWeek – Read More
DeepSeek Locked Down Public Database Access That Exposed Chat History
/in General NewsResearch Firm Wiz Research began investigating DeepSeek soon after its generative AI took the tech world by storm.
Security | TechRepublic – Read More
US Justice Department says cybercrime forum allegedly affected 17 million Americans
/in General NewsU.S. prosecutors accused an Argentinian national living in Spain of being an “active administrator” of Nulled, one of the two hacking forums seized and shut down by authorities.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Conifers.ai Scores $25M Investment for Agentic AI SOC Technology
/in General NewsBacked by SYN Ventures, Conifers.ai plans to use “agentic AI” technology to tackle complex security operations center (SOC) problems.
The post Conifers.ai Scores $25M Investment for Agentic AI SOC Technology appeared first on SecurityWeek.
SecurityWeek – Read More
Mistral Small 3 brings open source AI to the masses—smaller, faster, and cheaper
/in General NewsFrench AI startup Mistral unveils a breakthrough 24B parameter language model that matches the performance of models three times its size, challenging tech giants with faster speeds and lower computing costs while targeting enterprise deployments.Read More
Security News | VentureBeat – Read More
Taming Shadow AI: Valence Security, Endor Labs Unveil New Protections to Counter Hidden AI Threats
/in General NewsValence Security and Endor Labs have introduced extensions to their existing platforms specifically to tackle the invisibility and wrongful use of Shadow AI.
The post Taming Shadow AI: Valence Security, Endor Labs Unveil New Protections to Counter Hidden AI Threats appeared first on SecurityWeek.
SecurityWeek – Read More
Backline Emerges From Stealth With $9M in Funding for Vulnerability Remediation Platform
/in General NewsBackline has emerged from stealth mode with an autonomous security remediation platform and $9 million in seed funding.
The post Backline Emerges From Stealth With $9M in Funding for Vulnerability Remediation Platform appeared first on SecurityWeek.
SecurityWeek – Read More
Cyber Insights 2025: Cyberinsurance – The Debate Continues
/in General NewsBetter risk management could lead to reduced premiums on top of value for money, making cyberinsurance a silent driver for improved cybersecurity.
The post Cyber Insights 2025: Cyberinsurance – The Debate Continues appeared first on SecurityWeek.
SecurityWeek – Read More
Google: Over 57 Nation-State Threat Groups Using AI for Cyber Operations
/in General NewsOver 57 distinct threat actors with ties to China, Iran, North Korea, and Russia have been observed using artificial intelligence (AI) technology powered by Google to further enable their malicious cyber and information operations.
“Threat actors are experimenting with Gemini to enable their operations, finding productivity gains but not yet developing novel capabilities,” Google Threat
The Hacker News – Read More