BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [local] TightVNC 2.8.83 - Control Pipe Manipulation
- [remote] ProSSHD 1.2 20090726 - Denial of Service (DoS)
- [webapps] Laravel Pulse 1.3.1 - Arbitrary Code Injection
- [local] Microsoft Windows 11 Version 24H2 Cross Device Service - Elevation of Privilege
- [remote] ABB Cylon Aspect 3.08.04 DeploySource - Remote Code Execution (RCE)
- [remote] Grandstream GSD3710 1.0.11.13 - Stack Overflow
- [webapps] CloudClassroom PHP Project 1.0 - SQL Injection
- [remote] Microsoft Windows Server 2025 JScript Engine - Remote Code Execution (RCE)
- [local] macOS LaunchDaemon iOS 17.2 - Privilege Escalation
- [remote] Apache Tomcat 10.1.39 - Denial of Service (DoS)
Keeping LLMs on the Rails Poses Design, Engineering Challenges
/in General NewsDespite adding alignment training, guardrails, and filters, large language models continue to jump their imposed rails and give up secrets, make unfiltered statements, and provide dangerous information.
darkreading – Read More
Marlboro-Chesterfield Pathology Data Breach Impacts 235,000 People
/in General NewsMarlboro-Chesterfield Pathology has been targeted by the SafePay ransomware group, which stole personal information from its systems.
The post Marlboro-Chesterfield Pathology Data Breach Impacts 235,000 People appeared first on SecurityWeek.
SecurityWeek – Read More
19-Year-Old Admits to PowerSchool Data Breach Extortion
/in General NewsA 19-year-old college student faces charges after pleading guilty to cyber extortion targeting PowerSchool, exposing data of 60…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Identity Security Has an Automation Problem—And It’s Bigger Than You Think
/in General NewsFor many organizations, identity security appears to be under control. On paper, everything checks out. But new research from Cerby, based on insights from over 500 IT and security leaders, reveals a different reality: too much still depends on people—not systems—to function. In fact, fewer than 4% of security teams have fully automated their core identity workflows.
Core workflows, like
The Hacker News – Read More
Taming the Hacker Storm: Why Millions in Cybersecurity Spending Isn’t Enough
/in General NewsDespite massive investment, the explosion of sophisticated malware and deepfake attacks persists because organizations struggle to verify digital identities and establish fundamental trust.
The post Taming the Hacker Storm: Why Millions in Cybersecurity Spending Isn’t Enough appeared first on SecurityWeek.
SecurityWeek – Read More
Cisco Patches High-Severity DoS, Privilege Escalation Vulnerabilities
/in General NewsCisco published 10 security advisories detailing over a dozen vulnerabilities, including two high-severity flaws in its Identity Services Engine (ISE) and Unified Intelligence Center.
The post Cisco Patches High-Severity DoS, Privilege Escalation Vulnerabilities appeared first on SecurityWeek.
SecurityWeek – Read More
Signal’s new Windows update prevents the system from capturing screenshots of chats
/in General NewsSignal said today that it is updating its Windows app to prevent the system from capturing screenshots, thereby protecting the content that is on display. The company said that this new “screen security” setting is enabled by default on Windows 11. Signal said that this new feature is designed to protect users’ privacy from Microsoft’s […]
Security News | TechCrunch – Read More
INE Security Partners with Abadnet Institute for Cybersecurity Training Programs in Saudi Arabia
/in General NewsCary, North Carolina, 22nd May 2025, CyberNewsWire
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
GitLab, Atlassian Patch High-Severity Vulnerabilities
/in General NewsGitLab and Atlassian have released patches for over a dozen vulnerabilities in their products, including high-severity bugs.
The post GitLab, Atlassian Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
SecurityWeek – Read More
Microsoft Dismantles Lumma Stealer Network, Seizes 2,000+ Domains
/in General NewsMicrosoft disrupts Lumma Stealer network, seizing 2,000 domains linked to 394,000 infections in global cybercrime crackdown with law enforcement partners.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More