BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [local] TightVNC 2.8.83 - Control Pipe Manipulation
- [remote] ProSSHD 1.2 20090726 - Denial of Service (DoS)
- [webapps] Laravel Pulse 1.3.1 - Arbitrary Code Injection
- [local] Microsoft Windows 11 Version 24H2 Cross Device Service - Elevation of Privilege
- [remote] ABB Cylon Aspect 3.08.04 DeploySource - Remote Code Execution (RCE)
- [remote] Grandstream GSD3710 1.0.11.13 - Stack Overflow
- [webapps] CloudClassroom PHP Project 1.0 - SQL Injection
- [remote] Microsoft Windows Server 2025 JScript Engine - Remote Code Execution (RCE)
- [local] macOS LaunchDaemon iOS 17.2 - Privilege Escalation
- [remote] Apache Tomcat 10.1.39 - Denial of Service (DoS)
Nearly 70,000 impacted by Coinbase breach involving $20 million ransom demand
/in General NewsIn documents filed with regulators in Maine on Tuesday, Coinbase said the information leaked included details like photos of passports and government IDs, as well as account information such as balances and transaction history.
The Record from Recorded Future News – Read More
College student to plead guilty to PowerSchool hack
/in General NewsThe 19-year-old Assumption College student, Matthew Lane, also was charged Tuesday with hacking and demanding a ransom payment from an unnamed telecommunications company, according to Massachusetts federal prosecutors.
The Record from Recorded Future News – Read More
Critical Flaw Allows Remote Hacking of AutomationDirect Industrial Gateway
/in General NewsMore than 100 AutomationDirect MB-Gateway devices may be vulnerable to attacks from the internet due to CVE-2025-36535.
The post Critical Flaw Allows Remote Hacking of AutomationDirect Industrial Gateway appeared first on SecurityWeek.
SecurityWeek – Read More
Authorities Carry Out Elaborate Global Takedown of Infostealer Heavily Used by Cybercriminals
/in General NewsUS, European, and Japanese authorities, along with tech companies including Microsoft and Cloudflare, say they’ve disrupted Lumma, an infostealer popular with criminal gangs.
Security Latest – Read More
The Hidden Cybersecurity Risks of M&A
/in General NewsMerger and acquisition due diligence typically focuses on financials, legal risks, and operational efficiencies. Cybersecurity is often an afterthought — and that’s a problem.
darkreading – Read More
The Day I Found an APT Group In the Most Unlikely Place
/in General NewsDark Reading Confidential Episode 6: Cyber researchers Ismael Valenzuela and Vitor Ventura share riveting stories about the creative tricks they used to track down advanced persistent threat groups, and the surprises they discovered along the way.
darkreading – Read More
Coinbase Says Rogue Contractor Data Breach Affects 69,461 Users
/in General NewsA mandatory filing to the Maine Attorney General says 69,461 customers nationwide were affected and dates the breach back to last December.
The post Coinbase Says Rogue Contractor Data Breach Affects 69,461 Users appeared first on SecurityWeek.
SecurityWeek – Read More
KrebsOnSecurity Hit with 6.3 Tbps DDoS Attack via Aisuru Botnet
/in General NewsKrebsOnSecurity hit and survided a record-breaking 6.3 Tbps DDoS attack linked to the Aisuru IoT botnet, but it shows the vulnerable state of IoT devices.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Coinbase says its data breach affects at least 69,000 customers
/in General NewsThe crypto giant said the unauthorized access to customer data dates back to late December 2024.
Security News | TechCrunch – Read More
M&S says cyberattack will hit profits by £300 million, disruption to last until July
/in General NewsBritish retailer M&S reported that a recent cyberattack will have a £300 million impact on its operating profit “before cost mitigation, insurance and trading actions.”
The Record from Recorded Future News – Read More