BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Skyvern 0.1.85 - Remote Code Execution (RCE) via SSTI
- [remote] PCMan FTP Server 2.0.7 - Buffer Overflow
- [webapps] Litespeed Cache WordPress Plugin 6.3.0.1 - Privilege Escalation
- [local] Parrot and DJI variants Drone OSes - Kernel Panic Exploit
- [remote] Windows 11 SMB Client - Privilege Escalation & Remote Code Execution (RCE)
- [remote] AirKeyboard iOS App 1.0.5 - Remote Input Injection
- [webapps] PHP CGI Module 8.3.4 - Remote Code Execution (RCE)
- [remote] WebDAV Windows 10 - Remote Code Execution (RCE)
- [local] Microsoft Excel Use After Free - Local Code Execution
- [remote] Windows File Explorer Windows 10 Pro x64 - TAR Extraction
Chinese Cyberspies Target South Korean VPN in Supply Chain Attack
/in General NewsAdvanced persistent threat group PlushDaemon, active since 2019, is using a sophisticated modular backdoor to collect data from infected systems in South Korea.
darkreading – Read More
BreachForums admin to be resentenced after appeals court slams supervised release
/in General NewsA three-judge panel vacated a controversial district court decision that set free Conor Fitzpatrick, the administrator of the massive illicit marketplace, after just 17 days in prison.
The Record from Recorded Future News – Read More
Google releases free Gemini 2.0 Flash Thinking model, pressuring OpenAI’s premium strategy
/in General NewsGoogle challenges OpenAI with free Gemini 2.0 Flash Thinking model, offering million-token processing, native code execution, and breakthrough performance in math and science benchmarks.Read More
Security News | VentureBeat – Read More
Trump Pardons ‘Silk Road’ Dark Web Drug Market Creator
/in General NewsThe pardon comes after 11 years in prison for Ross Ulbricht, who was sentenced to life without parole on several charges, including computer hacking, distribution of narcotics, and money laundering.
darkreading – Read More
Zendesk’s Subdomain Registration Exposed to Phishing, Pig Butchering Scams
/in General NewsCloudSEK uncovers a Zendesk vulnerability allowing cybercriminals to exploit subdomains for phishing and investment scams. Learn about the…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Trump pardons Silk Road founder Ross Ulbricht
/in General NewsThe new president kept a promise to libertarian supporters that he would pardon Ross Ulbricht, the founder of the Silk Road dark web marketplace, who was convicted a decade ago of charges related to drug distribution, illegal hacking, identity theft and money laundering.
The Record from Recorded Future News – Read More
Cloudflare Mitigates Massive 5.6 Tbps Mirai-Variant DDoS Attack
/in General NewsCloudflare mitigates a record-breaking 5.6 Tbps DDoS attack, highlighting the growing threat of hyper-volumetric assaults. Learn about the…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
DHS Disbands Cyber Safety Review Board, Ending One of CISA’s Few Bright Spots
/in General NewsThe Trump administration has disbanded the Cyber Safety Review Board (CSRB), ending one of the few bright spots at CISA.
The post DHS Disbands Cyber Safety Review Board, Ending One of CISA’s Few Bright Spots appeared first on SecurityWeek.
SecurityWeek – Read More
3 extensions to use for anonymous browsing – and what that even means
/in General NewsIf you value your privacy, it’s time to start using your web browser wisely. If you don’t want to switch browsers, try one of these browser extensions to simplify browsing anonymously.
Latest stories for ZDNET in Security – Read More
Application Security Firm DryRun Raises $8.7 Million in Seed Funding
/in General NewsDryRun Security has raised $8.7 million in a seed funding round for its AI-powered application security solutions.
The post Application Security Firm DryRun Raises $8.7 Million in Seed Funding appeared first on SecurityWeek.
SecurityWeek – Read More