BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
This rugged Android breaks the curse of ugly-yet-durable smartphones (and it’s on sale)
/in General NewsIf you’re looking for a rugged Android that performs better than most low-to-mid-range phones, the Oukitel WP35 offers extreme durability in a stylish package.
Latest news – Read More
Dyson’s new wireless headphones ‘OnTrac’ to challenge AirPods Max
/in General NewsCheaper than Dyson’s previous headphones, the new OnTrac model offers greater battery life, active noise cancellation, and replaceable ear cushions.
Latest news – Read More
I replaced my TV with this long-throw projector and it’s absolutely worth it – especially for $200 off
/in General NewsXgimi’s Horizon Ultra projector is the best home theatre system I’ve tested in a while, and it’s more accessible than ever.
Latest news – Read More
Will the Galaxy S25 get satellite texting? Samsung is working on the feature again
/in General NewsSamsung has been working on satellite connectivity for at least a year. Will it finally catch up to Apple in the space race?
Latest news – Read More
Unidentified Attacker “Revolver Rabbit” Uses RDGA to Register 500,000 Domains
/in General NewsAlthough not new, Registered Domain Generation Algorithms (RDGAs) have become a major cybersecurity threat, exploited by threat actors…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Chinese Hacking Group APT41 Infiltrates Global Shipping and Tech Sectors, Mandiant Warns
/in General NewsChinese government-backed hacking team caught breaking into organizations in shipping, logistics and automotive sectors in Europe and Asia.
The post Chinese Hacking Group APT41 Infiltrates Global Shipping and Tech Sectors, Mandiant Warns appeared first on SecurityWeek.
SecurityWeek – Read More
Microsoft-Signed Chinese Adware Opens the Door to Kernel Privileges
/in General NewsAn official stamp of approval might give the impression that a purported “HotPage” adtech tool is not, in fact, a dangerous kernel-level malware — but that’s just subterfuge.
darkreading – Read More
This sports watch has a ChatGPT-like running coach. Here’s how it works
/in General NewsThe Amazfit Cheetah smartwatch is built with runners in mind, so much so that it comes with its own AI training bot.
Latest news – Read More
Watch on Demand: Cloud & Data Security Summit
/in General NewsJoin us as we explore the latest trends in the world of SaaS security, cyberattacks against cloud infrastructure, data security posture management (DSPM), and the hype and promise of AI and LLM technologies.
The post Watch on Demand: Cloud & Data Security Summit appeared first on SecurityWeek.
SecurityWeek – Read More
J.D. Vance Left His Venmo Public. Here’s What It Shows
/in General NewsThe Republican VP nominee’s Venmo network reveals connections ranging from the architects of Project 2025 to enemies of Donald Trump—and the populist’s close ties to the very elites he rails against.
Security Latest – Read More