BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
- Uro - Declutters Url Lists For Crawling/Pentesting
- Wshlient - A Simple Tool To Interact With Web Shells And Command Injection Vulnerabilities
Exploit DB
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
- [webapps] Casdoor 1.901.0 - Cross-Site Request Forgery (CSRF)
- [webapps] Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference (IDOR)
- [local] Daikin Security Gateway 14 - Remote Password Reset
- [local] ZTE ZXV10 H201L - RCE via authentication bypass
Prepare for 2025 with This CompTIA Training Bundle for $50
/in General NewsLearn at your own pace from your own space with lifetime Access to 310+ hours of learning from IT experts.
Security | TechRepublic – Read More
WhatsApp fixes bug that let users bypass ‘View Once’ privacy feature
/in General NewsWeeks after a researcher reported the bug to WhatsApp, the company says it rolled out a long-term fix.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Large-Scale Incidents & the Art of Vulnerability Prioritization
/in General NewsWe can anticipate a growing number of emerging vulnerabilities in the near future, emphasizing the need for an effective prioritization strategy.
darkreading – Read More
Medical Device Maker Artivion Scrambling to Restore Systems After Ransomware Attack
/in General NewsMedical devices manufacturer Artivion says a ransomware attack caused disruptions to order and shipping processes.
The post Medical Device Maker Artivion Scrambling to Restore Systems After Ransomware Attack appeared first on SecurityWeek.
SecurityWeek – Read More
Behind Vectra AI’s deliberate approach to building AI agents for cybersecurity
/in General NewsUnlike traditional security tools, Vectra uses AI agents to scrutinize encrypted and decrypted traffic metadata in a dynamic and holistic way.Read More
Security News | VentureBeat – Read More
Ultralytics AI Library with 60M Downloads Compromised for Cryptomining
/in General NewsAnother day, another supply chain attack!
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Blue Yonder Probing Data Theft Claims After Ransomware Gang Takes Credit for Attack
/in General NewsThe Blue Yonder ransomware attack that caused disruptions to Starbucks and major grocery stores may have also involved information theft.
The post Blue Yonder Probing Data Theft Claims After Ransomware Gang Takes Credit for Attack appeared first on SecurityWeek.
SecurityWeek – Read More
Deloitte Responds After Ransomware Group Claims Data Theft
/in General NewsDeloitte has issued a response after the Brain Cipher ransomware group claimed to have stolen over 1 Tb of information belonging to the company.
The post Deloitte Responds After Ransomware Group Claims Data Theft appeared first on SecurityWeek.
SecurityWeek – Read More
Researchers Uncover Prompt Injection Vulnerabilities in DeepSeek and Claude AI
/in General NewsDetails have emerged about a now-patched security flaw in the DeepSeek artificial intelligence (AI) chatbot that, if successfully exploited, could permit a bad actor to take control of a victim’s account by means of a prompt injection attack.
Security researcher Johann Rehberger, who has chronicled many a prompt injection attack targeting various AI tools, found that providing the input “Print
The Hacker News – Read More
Anna Jaques Hospital Data Breach Impacts 316,000 People
/in General NewsAnna Jaques Hospital says the personal information of over 316,000 individuals was compromised in a year-old data breach.
The post Anna Jaques Hospital Data Breach Impacts 316,000 People appeared first on SecurityWeek.
SecurityWeek – Read More