BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [remote] Windows File Explorer Windows 10 Pro x64 - TAR Extraction
- [webapps] Roundcube 1.6.10 - Remote Code Execution (RCE)
- [remote] Freefloat FTP Server 1.0 - Remote Buffer Overflow
- [remote] ProSSHD 1.2 20090726 - Denial of Service (DoS)
- [local] Microsoft Windows 11 Version 24H2 Cross Device Service - Elevation of Privilege
- [webapps] Laravel Pulse 1.3.1 - Arbitrary Code Injection
- [local] TightVNC 2.8.83 - Control Pipe Manipulation
- [remote] Microsoft Windows Server 2025 JScript Engine - Remote Code Execution (RCE)
- [remote] Apache Tomcat 10.1.39 - Denial of Service (DoS)
- [webapps] CloudClassroom PHP Project 1.0 - SQL Injection
Thousands of Live Hacker Backdoors Found in Expired Domains
/in General NewsSUMMARY Cybersecurity researchers at watchTowr have identified over 4,000 live hacker backdoors, exploiting abandoned infrastructure and expired domains.…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Palo Alto Networks Patches High-Severity Vulnerability in Retired Migration Tool
/in General NewsPalo Alto Networks has released patches for multiple vulnerabilities in the Expedition migration tool, which was retired on December 31, 2024.
The post Palo Alto Networks Patches High-Severity Vulnerability in Retired Migration Tool appeared first on SecurityWeek.
SecurityWeek – Read More
From Silos to Synergy: Transforming Threat Intelligence Sharing in 2025
/in General NewsIn the face of ever-growing threats and adversaries, organizations must break down the silos between ALL teams involved in security.
The post From Silos to Synergy: Transforming Threat Intelligence Sharing in 2025 appeared first on SecurityWeek.
SecurityWeek – Read More
Cohere just launched ‘North’, its biggest AI bet yet for privacy-focused enterprises
/in General NewsCohere launches North, a secure enterprise AI platform outperforming Microsoft Copilot and Google Vertex AI in testing, with Royal Bank of Canada among early adopters implementing the technology for regulated industries.Read More
Security News | VentureBeat – Read More
Exploitation of New Ivanti VPN Zero-Day Linked to Chinese Cyberspies
/in General NewsGoogle Cloud’s Mandiant has linked the exploitation of CVE-2025-0282, a new Ivanti VPN zero-day, to Chinese cyberspies.
The post Exploitation of New Ivanti VPN Zero-Day Linked to Chinese Cyberspies appeared first on SecurityWeek.
SecurityWeek – Read More
The School Shootings Were Fake. The Terror Was Real
/in General NewsThe inside story of the teenager whose “swatting” calls sent armed police racing into hundreds of schools nationwide—and the private detective who tracked him down.
Security Latest – Read More
E.U. Commission Fined for Transferring User Data to Meta in Violation of Privacy Laws
/in General NewsThe European General Court on Wednesday fined the European Commission, the primary executive arm of the European Union responsible for proposing and enforcing laws for member states, for violating the bloc’s own data privacy regulations.
The development marks the first time the Commission has been held liable for infringing stringent data protection laws in the region.
The court determined that
The Hacker News – Read More
Ivanti Flaw CVE-2025-0282 Actively Exploited, Impacts Connect Secure and Policy Secure
/in General NewsIvanti is warning that a critical security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA Gateways has come under active exploitation in the wild beginning mid-December 2024.
The security vulnerability in question is CVE-2025-0282 (CVSS score: 9.0), a stack-based buffer overflow that affects Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2
The Hacker News – Read More
India Readies Overhauled National Data Privacy Rules
/in General NewsThe country awaits implementation guidelines for a framework that gives Indians greater autonomy and security over their personal data — and recognizes a right to personal privacy.
darkreading – Read More
The U.S. has a new cybersecurity safety label for smart devices
/in General NewsThe White House this week announced a new label for internet-connected devices, the U.S. Cyber Trust Mark, intended to help consumers make more-informed decisions about the cybersecurity of products they bring into their homes. To earn the U.S. Cyber Trust Mark, which is being administered by the Federal Communications Commission, companies have to test their […]
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More