BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Stacks Mobile App Builder 5.2.3 - Authentication Bypass via Account Takeover
- [remote] Microsoft PowerPoint 2019 - Remote Code Execution (RCE)
- [remote] ScriptCase 9.12.006 (23) - Remote Command Execution (RCE)
- [local] Sudo chroot 1.9.17 - Local Privilege Escalation
- [local] Sudo 1.9.17 Host Option - Elevation of Privilege
- [local] Microsoft Defender for Endpoint (MDE) - Elevation of Privilege
- [webapps] Discourse 3.2.x - Anonymous Cache Poisoning
- [remote] Microsoft Outlook - Remote Code Execution (RCE)
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
Aflac Finds Suspicious Activity on US Network That May Impact Social Security Numbers, Other Data
/in General NewsAflac said that it’s in the early stages of a review of the incident, and so far is unable to determine the total number of affected individuals.
The post Aflac Finds Suspicious Activity on US Network That May Impact Social Security Numbers, Other Data appeared first on SecurityWeek.
SecurityWeek – Read More
AWS Enhances Cloud Security With Better Visibility Features
/in General NewsAt this week’s re:Inforce 2025 conference, the cloud giant introduced new capabilities to several core security products to provide customers with better visibility and more context on potential threats.
darkreading – Read More
Hospital cyber attacks cost $600K/hour. Here’s how AI is changing the math
/in General NewsHow Alberta Health Services is using advanced AI to bolster its defenses as attackers increasingly target healthcare facilities.Read More
Security News | VentureBeat – Read More
Anubis Ransomware Lists Disneyland Paris as New Victim
/in General NewsAnubis ransomware group claims a 64GB data breach at Disneyland Paris, leaking some engineering files and attraction plans via its dark web site.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Hackers Post Dozens of Malicious Copycat Repos to GitHub
/in General NewsAs package registries find better ways to combat cyberattacks, threat actors are finding other methods for spreading their malware to developers.
darkreading – Read More
Anthropic study: Leading AI models show up to 96% blackmail rate against executives
/in General NewsAnthropic research reveals AI models from OpenAI, Google, Meta and others chose blackmail, corporate espionage and lethal actions when facing shutdown or conflicting goals.Read More
Security News | VentureBeat – Read More
Qilin Ransomware Adds “Call Lawyer” Feature to Pressure Victims for Larger Ransoms
/in General NewsThe threat actors behind the Qilin ransomware-as-a-service (RaaS) scheme are now offering legal counsel for affiliates to put more pressure on victims to pay up, as the cybercrime group intensifies its activity and tries to fill the void left by its rivals.
The new feature takes the form of a “Call Lawyer” feature on the affiliate panel, per Israeli cybersecurity company Cybereason.
The
The Hacker News – Read More
Iran’s government says it shut down internet to protect against cyberattacks
/in General NewsThe government cited the recent hacks on Bank Sepah and cryptocurrency exchange Nobite as reasons to shut down internet access to virtually all Iranians.
Security News | TechCrunch – Read More
16 billion passwords leaked from Apple, Google, more: Here are the facts and how to protect yourself
/in General NewsWondering if your information is posted online from a data breach? Here’s how to check if your accounts are at risk and what to do next.
Latest stories for ZDNET in Security – Read More
New Detection Method Uses Hackers’ Own Jitter Patterns Against Them
/in General NewsA new detection method from Varonis Threat Labs turns hackers’ sneaky random patterns into a way to catch hidden cyberattacks. Learn about Jitter-Trap and how it boosts cybersecurity defenses.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More