BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Stacks Mobile App Builder 5.2.3 - Authentication Bypass via Account Takeover
- [remote] Microsoft PowerPoint 2019 - Remote Code Execution (RCE)
- [remote] ScriptCase 9.12.006 (23) - Remote Command Execution (RCE)
- [local] Sudo chroot 1.9.17 - Local Privilege Escalation
- [local] Sudo 1.9.17 Host Option - Elevation of Privilege
- [local] Microsoft Defender for Endpoint (MDE) - Elevation of Privilege
- [webapps] Discourse 3.2.x - Anonymous Cache Poisoning
- [remote] Microsoft Outlook - Remote Code Execution (RCE)
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
Telecom Giant Viasat Is Latest Salt Typhoon Victim
/in General NewsThe communications company shared the discoveries of its investigation with government partners, but there is little information they can publicly disclose other than that there seems to be no impact to customers.
darkreading – Read More
How Cyberwarfare Changes the Face of Geopolitical Conflict
/in General NewsAs geopolitical tensions rise, the use of cyber operations and hacktivists continues to grow, with the current conflict between Israel and Iran showing the new face of cyber-augmented war.
darkreading – Read More
I found the easiest way to delete myself from the internet (and you shouldn’t wait to use it, too)
/in General NewsIf you’re looking for a data removal service that can remove you from data broker sales lists and people search websites, Incogni should be on your radar. Here’s why.
Latest stories for ZDNET in Security – Read More
Krispy Kreme: Over 160,000 people had data stolen during November 2024 cyberattack
/in General NewsA Krispy Kreme spokesperson said the “vast majority of those affected are Krispy Kreme employees, members of their families, and former employees.”
The Record from Recorded Future News – Read More
In Other News: Viasat Hacked by China, Washington Post Cyberattack, Crowhammer
/in General NewsNoteworthy stories that might have slipped under the radar: China’s Salt Typhoon targeted Viasat, Washington Post emails compromised in hack, Rowhammer attack named Crowhammer.
The post In Other News: Viasat Hacked by China, Washington Post Cyberattack, Crowhammer appeared first on SecurityWeek.
SecurityWeek – Read More
How to Lock Down the No-Code Supply Chain Attack Surface
/in General NewsSecuring the no-code supply chain isn’t just about mitigating risks — it’s about enabling the business to innovate with confidence.
darkreading – Read More
Aflac says it stopped ransomware attack launched by ‘sophisticated cybercrime group’
/in General NewsInsurance industry giant Aflac said it disrupted a cyberattack within hours of discovering it and is now working to determine how much data was potentially breached in the incident.
The Record from Recorded Future News – Read More
Godfather Android Trojan Creates Sandbox on Infected Devices
/in General NewsThe Godfather Android trojan uses on-device virtualization to hijack legitimate applications and steal users’ funds.
The post Godfather Android Trojan Creates Sandbox on Infected Devices appeared first on SecurityWeek.
SecurityWeek – Read More
Motors Theme Vulnerability Exploited to Hack WordPress Websites
/in General NewsThreat actors are exploiting a critical-severity vulnerability in Motors theme for WordPress to change arbitrary user passwords.
The post Motors Theme Vulnerability Exploited to Hack WordPress Websites appeared first on SecurityWeek.
SecurityWeek – Read More
New Mocha Manakin Malware Deploys NodeInitRAT via Clickfix Attack
/in General NewsRed Canary uncovers ‘Mocha Manakin,’ a new threat using paste and runs to deliver custom NodeInitRAT malware, potentially leading to ransomware. Learn to protect your systems.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More