BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] WP Publications WordPress Plugin 1.2 - Stored XSS
- [local] Microsoft Graphics Component Windows 11 Pro (Build 26100+) - Local Elevation of Privileges
- [remote] Keras 2.15 - Remote Code Execution (RCE)
- [local] Microsoft Brokering File System Windows 11 Version 22H2 - Elevation of Privilege
- [webapps] PivotX 3.0.0 RC3 - Remote Code Execution (RCE)
- [hardware] TOTOLINK N300RB 8.54 - Command Execution
- [webapps] White Star Software Protop 4.4.2-2024-11-27 - Local File Inclusion (LFI)
- [webapps] Langflow 1.2.x - Remote Code Execution (RCE)
- [remote] NodeJS 24.x - Path Traversal
- [remote] MikroTik RouterOS 7.19.1 - Reflected XSS
Russian Seashell Blizzard Hackers Gain, Maintain Access to High-Value Targets: Microsoft
/in General NewsA subgroup of the Russia-linked Seashell Blizzard is tasked with broad initial access operations to sustain long-term persistence.
The post Russian Seashell Blizzard Hackers Gain, Maintain Access to High-Value Targets: Microsoft appeared first on SecurityWeek.
SecurityWeek – Read More
Patch Tuesday: Microsoft Fixes 63 Bugs with 2 Zero-Days
/in General NewsMicrosoft’s February Patch Tuesday addresses 63 security vulnerabilities, including two actively exploited zero-days. Update your systems now to…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
SGNL snags $30M for a new take on ID security based on zero-standing privileges
/in General NewsSecurity experts often describe identity as the “new perimeter” in the world of security: in the world of cloud services where network assets and apps can range far and wide, the biggest vulnerabilities are often leaked and spoofed log-in credentials. A startup called SGNL has built a new approach that it believes is better at […]
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Researchers Find New Exploit Bypassing Patched NVIDIA Container Toolkit Vulnerability
/in General NewsCybersecurity researchers have discovered a bypass for a now-patched security vulnerability in the NVIDIA Container Toolkit that could be exploited to break out of a container’s isolation protections and gain complete access to the underlying host.
The new vulnerability is being tracked as CVE-2025-23359 (CVSS score: 8.3). It affects the following versions –
NVIDIA Container Toolkit (All
The Hacker News – Read More
Is AI a Friend or Foe of Healthcare Security?
/in General NewsWhen it comes to keeping patient information safe, people empowerment is just as necessary as deploying new technologies.
darkreading – Read More
Ivanti, Fortinet Patch Remote Code Execution Vulnerabilities
/in General NewsIvanti and Fortinet on Tuesday released patches for multiple critical- and high-severity vulnerabilities in their products.
The post Ivanti, Fortinet Patch Remote Code Execution Vulnerabilities appeared first on SecurityWeek.
SecurityWeek – Read More
Apple Confirms ‘Extremely Sophisticated’ Exploit Threatening iOS Security
/in General NewsApple fixes the USB Restricted Mode flaw in iOS 18.3.1 and iPadOS 18.3.1. Vulnerability exploited in targeted attacks.…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Drata to Acquire SafeBase in $250 Million Deal
/in General NewsSecurity and compliance automation firm Drata has acquired trust center platform SafeBase in a quarter billion dollar deal.
The post Drata to Acquire SafeBase in $250 Million Deal appeared first on SecurityWeek.
SecurityWeek – Read More
What Is GRC? Understanding Governance, Risk, and Compliance
/in General NewsFind out what GRC stands for, its history, and where it can be used today.
Security | TechRepublic – Read More
GAO Tells Coast Guard to Improve Cybersecurity of Maritime Transportation System
/in General NewsA new GAO report assesses that the Coast Guard needs to improve Maritime Transportation System (MTS) cybersecurity.
The post GAO Tells Coast Guard to Improve Cybersecurity of Maritime Transportation System appeared first on SecurityWeek.
SecurityWeek – Read More