BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [local] TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow
- [webapps] WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
- [webapps] Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)
- [local] RDPGuard 9.9.9 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
Hugging Face’s SmolVLM could cut AI costs for businesses by a huge margin
/in General NewsHugging Face launches SmolVLM, a compact and efficient vision-language AI model, offering businesses a cost-effective solution for advanced AI implementation without sacrificing performance.Read More
Security News | VentureBeat – Read More
BIC, Starbucks, Morrisons continue recovery after Blue Yonder ransomware attack
/in General NewsStarbucks spokesperson Abigail Covington told Recorded Future News on Wednesday that the attack on Blue Yonder disrupted a back-end Starbucks process that manages how employees view and manage their schedules, and see the number of hours people worked.
The Record from Recorded Future News – Read More
ESET Flags Prototype UEFI Bootkit Targeting Linux
/in General NewsESET warns of a new reality: “UEFI bootkits are no longer confined to Windows systems alone.”
The post ESET Flags Prototype UEFI Bootkit Targeting Linux appeared first on SecurityWeek.
SecurityWeek – Read More
Russian Hackers Exploit Firefox and Windows 0-Days to Deploy Backdoor
/in General NewsWatch out for the Russian hackers from the infamous RomRom group, also known as Storm-0978, Tropical Scorpius, or UNC2596, and their use of a custom backdoor.
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
How Learning to Fly Made Me a Better Cybersecurity CEO
/in General NewsThe lessons I’ve learned soaring through the skies have extended far beyond the runway.
darkreading – Read More
Starbucks, Supermarkets Targeted in Ransomware Attack
/in General NewsBlue Yonder, a prominent supply chain software provider, has been targeted in a ransomware attack, leading to disruption at major retail outlets.
Security | TechRepublic – Read More
AmberWolf Launches NachoVPN Tool to Tackle VPN Security Risks
/in General NewsResearchers reveal major vulnerabilities in popular corporate VPN clients, allowing remote attacks. Discover the NachoVPN tool and expert…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Russian Script Kiddie Assembles Massive DDoS Botnet
/in General NewsOver the past year, “Matrix” has used publicly available malware tools and exploit scripts to target weakly secured IoT devices — and enterprise servers.
darkreading – Read More
Microsoft Finally Releases Recall as Part of Windows Insider Preview
/in General NewsThe original version of Recall lacked basic encryption and other data protection measures. The preview version now includes multiple security-focused additions Microsoft had promised to include, such as SecureBoot, BitLocker, and Windows Hello.
darkreading – Read More
Source Code of $3,000-a-Month macOS Malware ‘Banshee Stealer’ Leaked
/in General NewsThe Banshee Stealer macOS malware operation, which emerged earlier this year, was reportedly shut down following a source code leak.
The post Source Code of $3,000-a-Month macOS Malware ‘Banshee Stealer’ Leaked appeared first on SecurityWeek.
SecurityWeek – Read More