BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] WP Publications WordPress Plugin 1.2 - Stored XSS
- [local] Microsoft Graphics Component Windows 11 Pro (Build 26100+) - Local Elevation of Privileges
- [remote] Keras 2.15 - Remote Code Execution (RCE)
- [local] Microsoft Brokering File System Windows 11 Version 22H2 - Elevation of Privilege
- [webapps] PivotX 3.0.0 RC3 - Remote Code Execution (RCE)
- [hardware] TOTOLINK N300RB 8.54 - Command Execution
- [webapps] White Star Software Protop 4.4.2-2024-11-27 - Local File Inclusion (LFI)
- [webapps] Langflow 1.2.x - Remote Code Execution (RCE)
- [remote] NodeJS 24.x - Path Traversal
- [remote] MikroTik RouterOS 7.19.1 - Reflected XSS
OmniGPT AI Chatbot Alleged Breach: Hacker Leaks User Data, 34M Messages
/in General NewsHacker claims to have breached OmniGPT, leaking over 30,000 user email address, phone numbers, and 34 million lines of chat messages. Data includes API keys, credentials, and file links.
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Apple Releases Urgent Patch for USB Vulnerability
/in General NewsThe vulnerability could allow a threat actor to disable the security feature on a locked device and gain access to user data.
darkreading – Read More
Cerebras-Perplexity deal targets $100B search market with ultra-fast AI
/in General NewsCerebras and Perplexity AI partner to launch ultra-fast Sonar search model running at 1,200 tokens per second, challenging traditional search engines with specialized AI chips and near-instant results.Read More
Security News | VentureBeat – Read More
CISA Places Election Security Staffers on Leave
/in General NewsThe staffers were tasked with building relationships on the ground across the country in local election jurisdictions, teaching election officials tactics on mitigating cyber threats, cyber hygiene, combating misinformation and foreign influence, and more.
darkreading – Read More
Russian bulletproof hosting service Zservers sanctioned by US for LockBit coordination
/in General NewsThe U.S., the U.K. and Australia sanctioned Russia-based Zservers, connecting the Russian company’s internet hosting services to the LockBit ransomware operation.
The Record from Recorded Future News – Read More
Microsoft Patches ‘Wormable’ Windows Flaw and File-Deleting Zero-Day
/in General NewsThe Microsoft Patch Tuesday machine hummed loudly this month urgent fixes for a pair of already-exploited Windows zero-days.
The post Microsoft Patches ‘Wormable’ Windows Flaw and File-Deleting Zero-Day appeared first on SecurityWeek.
SecurityWeek – Read More
Adobe Plugs 45 Software Security Holes, Warn of Code Execution Risks
/in General NewsPatch Tuesday: Adobe patches 45 vulnerabilities across multiple products and warn of remote code execution exploitation risks.
The post Adobe Plugs 45 Software Security Holes, Warn of Code Execution Risks appeared first on SecurityWeek.
SecurityWeek – Read More
Russian Cybercrime Network Targeted for Sanctions Across US, UK and Australia
/in General NewsRussia-based bulletproof hosting services provider Zservers was sanctioned for providing services to support LockBit ransomware operations.
The post Russian Cybercrime Network Targeted for Sanctions Across US, UK and Australia appeared first on SecurityWeek.
SecurityWeek – Read More
High-Severity OpenSSL Vulnerability Found by Apple Allows MitM Attacks
/in General NewsOpenSSL has patched CVE-2024-12797, a high-severity vulnerability found by Apple that can allow man-in-the-middle attacks.
The post High-Severity OpenSSL Vulnerability Found by Apple Allows MitM Attacks appeared first on SecurityWeek.
SecurityWeek – Read More
Another person targeted by Paragon spyware comes forward
/in General NewsFour people have so far come forward as victims of the Paragon spyware campaign targeting WhatsApp users, including one journalist and three activists.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More