BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via the Chat Transfer Function
- [webapps] Simple File List WordPress Plugin 4.2.2 - File Upload to RCE
- [webapps] Pie Register WordPress Plugin 3.7.1.4 - Authentication Bypass to RCE
- [webapps] Joomla JS Jobs plugin 1.4.2 - SQL injection
- [remote] Microsoft Edge Windows 10 Version 1511 - Cross Site Scripting (XSS)
- [remote] Tenda FH451 1.0.0.9 Router - Stack-based Buffer Overflow
- [webapps] LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via Telegram Bot Username
- [webapps] LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via Operator Surname
- [webapps] Discourse 3.1.1 - Unauthenticated Chat Message Access
- [webapps] LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via Department Assignment Alias Nick Field
Xerox Printer Vulnerabilities Enable Credential Capture
/in General NewsAttackers are using patched bugs to potentially gain unfettered access to an organization’s Windows environment under certain conditions.
darkreading – Read More
$10 Infostealers Are Breaching Critical US Security: Military and Even the FBI Hit
/in General NewsA new report reveals how cheap Infostealer malware is exposing US military and defense data, putting national security at risk. Hackers exploit human error to gain access.
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
SANS Institute Launches AI Cybersecurity Hackathon
/in General NewsPost Content
darkreading – Read More
China-Linked Threat Group Targets Japanese Orgs’ Servers
/in General NewsWinnti once used a variety of malware but is now focused on SQL vulnerabilities and obfuscation, updated encryption, and new evasion methods to gain access.
darkreading – Read More
Thrive Acquires Secured Network Services
/in General NewsPost Content
darkreading – Read More
Hackers use ‘sophisticated’ macOS malware to steal cryptocurrency, Microsoft says
/in General NewsIn a report released on Monday, threat intelligence specialists at Microsoft said that they have discovered the new XCSSET strain in limited attacks. XCSSET, first spotted in the wild in August 2020, spreads by infecting Xcode projects, which developers use to create apps for Apple devices.
The Record from Recorded Future News – Read More
Microsoft: New Variant of macOS Threat XCSSET Spotted in the Wild
/in General NewsMicrosoft is warning the modular and potentially wormable Apple-focused infostealer boasts new capabilities for obfuscation, persistence, and infection, and could lead to a supply chain attack.
darkreading – Read More
Elon Musk just released an AI that’s smarter than ChatGPT — here’s why that matters
/in General NewsElon Musk’s xAI launches Grok 3, outperforming ChatGPT and Google Gemini in benchmarks with 200,000 GPUs and advanced reasoning capabilities, intensifying AI competition days after failed OpenAI bid.Read More
Security News | VentureBeat – Read More
Pangea Launches AI Guard and Prompt Guard to Combat Gen-AI Security Risks
/in General NewsGuardrail specialist releases new products to aid the development and use of secure gen-AI apps.
The post Pangea Launches AI Guard and Prompt Guard to Combat Gen-AI Security Risks appeared first on SecurityWeek.
SecurityWeek – Read More
VC giant Insight Partners confirms January cyberattack
/in General NewsThe VC firm has $90 billion in assets under management and invested in several unicorn cybersecurity startups
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More