BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [remote] Windows File Explorer Windows 10 Pro x64 - TAR Extraction
- [webapps] Roundcube 1.6.10 - Remote Code Execution (RCE)
- [remote] Freefloat FTP Server 1.0 - Remote Buffer Overflow
- [remote] ProSSHD 1.2 20090726 - Denial of Service (DoS)
- [local] Microsoft Windows 11 Version 24H2 Cross Device Service - Elevation of Privilege
- [webapps] Laravel Pulse 1.3.1 - Arbitrary Code Injection
- [local] TightVNC 2.8.83 - Control Pipe Manipulation
- [remote] Microsoft Windows Server 2025 JScript Engine - Remote Code Execution (RCE)
- [remote] Apache Tomcat 10.1.39 - Denial of Service (DoS)
- [webapps] CloudClassroom PHP Project 1.0 - SQL Injection
Palindrome Technologies Approved as Cybersecurity Label Administrator for FCC’s IoT Program
/in General NewsPost Content
darkreading – Read More
US to Launch Cyber Trust Mark to Label Secure Smart Devices
/in General NewsThe Cyber Trust Mark is designed to help consumers make more informed decisions about the cybersecurity of devices they may purchase.
Security | TechRepublic – Read More
Ivanti warns hackers are exploiting new vulnerability
/in General NewsThe company released an advisory and a corresponding blog about two bugs — CVE-2025-0282 and CVE-2025-0283 — and warned that some customers have already seen CVE-2025-0282 exploited in their environments.
The Record from Recorded Future News – Read More
Ivanti Warns of New Zero-Day Attacks Hitting Connect Secure Product
/in General NewsIvanti confirms zero-day exploitation of a remotely exploitable code execution flaw in its Connect Security product line.
The post Ivanti Warns of New Zero-Day Attacks Hitting Connect Secure Product appeared first on SecurityWeek.
SecurityWeek – Read More
Pall Mall Process to tackle commercial hacking proliferation raises more concerns than solutions
/in General NewsAn initiative spearheaded by France and the U.K. last year to tackle commercial spyware has experienced setbacks and significant gaps, according to participants.
The Record from Recorded Future News – Read More
Neglected Domains Used in Malspam to Evade SPF and DMARC Security Protections
/in General NewsCybersecurity researchers have found that bad actors are continuing to have success by spoofing sender email addresses as part of various malspam campaigns.
Faking the sender address of an email is widely seen as an attempt to make the digital missive more legitimate and get past security mechanisms that could otherwise flag it as malicious.
While there are safeguards such as DomainKeys
The Hacker News – Read More
Data of more than 8,500 customers breached on Green Bay Packers shopping website
/in General NewsThe Green Bay Packers Pro Shop website was exposed to malicious code that stole data about more than 8,500 shoppers, the NFL team says.
The Record from Recorded Future News – Read More
Ukrainian hackers take credit for hacking Russian ISP that wiped out servers and caused internet outages
/in General NewsThe Russian ISP blamed the Ukrainian hackers for causing a “complete failure” across its internet infrastructure.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Education software firm’s hack exposes personal data for students, teachers nationwide
/in General NewsAn education software company which stores data belonging to more than 60 million K-12 students and teachers on Tuesday said it had been hacked.
The Record from Recorded Future News – Read More
Telegram Shared Data of Thousands of Users After CEO’s Arrest
/in General NewsAfter its CEO was arrested last summer, Telegram has been increasingly sharing user data at the request of authorities.
The post Telegram Shared Data of Thousands of Users After CEO’s Arrest appeared first on SecurityWeek.
SecurityWeek – Read More