BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [local] TightVNC 2.8.83 - Control Pipe Manipulation
- [remote] ProSSHD 1.2 20090726 - Denial of Service (DoS)
- [webapps] Laravel Pulse 1.3.1 - Arbitrary Code Injection
- [local] Microsoft Windows 11 Version 24H2 Cross Device Service - Elevation of Privilege
- [remote] ABB Cylon Aspect 3.08.04 DeploySource - Remote Code Execution (RCE)
- [remote] Grandstream GSD3710 1.0.11.13 - Stack Overflow
- [webapps] CloudClassroom PHP Project 1.0 - SQL Injection
- [remote] Microsoft Windows Server 2025 JScript Engine - Remote Code Execution (RCE)
- [local] macOS LaunchDaemon iOS 17.2 - Privilege Escalation
- [remote] Apache Tomcat 10.1.39 - Denial of Service (DoS)
INE Security Partners with Abadnet Institute for Cybersecurity Training Programs in Saudi Arabia
/in General NewsCary, North Carolina, 22nd May 2025, CyberNewsWire
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
GitLab, Atlassian Patch High-Severity Vulnerabilities
/in General NewsGitLab and Atlassian have released patches for over a dozen vulnerabilities in their products, including high-severity bugs.
The post GitLab, Atlassian Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
SecurityWeek – Read More
Microsoft Dismantles Lumma Stealer Network, Seizes 2,000+ Domains
/in General NewsMicrosoft disrupts Lumma Stealer network, seizing 2,000 domains linked to 394,000 infections in global cybercrime crackdown with law enforcement partners.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Ivanti EPMM Exploitation Tied to Previous Zero-Day Attacks
/in General NewsWiz researchers found an opportunistic threat actor has been targeting vulnerable edge devices, including Ivanti VPNs and Palo Alto firewalls.
darkreading – Read More
Lumma Stealer Takedown Reveals Sprawling Operation
/in General NewsThe FBI and partners have disrupted “the world’s most popular malware,” a sleek enterprise with thousands of moving parts, responsible for millions of cyberattacks in every part of the world.
darkreading – Read More
I thought my favorite browser blocked trackers but this free privacy tool proved me wrong
/in General NewsCover Your Tracks opened my eyes… and made me switch browsers ASAP.
Latest stories for ZDNET in Security – Read More
Threat Actor Selling 1.2 Billion Facebook Records, But Details Don’t Add Up
/in General NewsThreat actor ‘ByteBreaker’ claims to sell 1.2B Facebook records scraped via API abuse, but inconsistencies in data size and identity raise doubts.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Unimicron, Presto Attacks Mark Industrial Ransomware Surge
/in General NewsA number of major industrial organizations suffered ransomware attacks last quarter, such as PCB manufacturer Unimicron, appliance maker Presto, and more — a harbinger of a rapidly developing and diversifying threat landscape.
darkreading – Read More
Microsoft Sinkholes Domains, Disrupts Notorious ‘Lumma Stealer’ Malware Operation
/in General NewsRedmond’s threat hunters found 394,000 Windows systems talking to Lumma controllers, a victim pool included global manufacturers.
The post Microsoft Sinkholes Domains, Disrupts Notorious ‘Lumma Stealer’ Malware Operation appeared first on SecurityWeek.
SecurityWeek – Read More
Wyden: AT&T, T-Mobile, and Verizon weren’t notifying senators of surveillance requests
/in General NewsSen. Ron Wyden said in a letter that one U.S. phone carrier turned over Senate data to law enforcement without notifying the target.
Security News | TechCrunch – Read More