BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [local] TightVNC 2.8.83 - Control Pipe Manipulation
- [remote] ProSSHD 1.2 20090726 - Denial of Service (DoS)
- [webapps] Laravel Pulse 1.3.1 - Arbitrary Code Injection
- [local] Microsoft Windows 11 Version 24H2 Cross Device Service - Elevation of Privilege
- [remote] ABB Cylon Aspect 3.08.04 DeploySource - Remote Code Execution (RCE)
- [remote] Grandstream GSD3710 1.0.11.13 - Stack Overflow
- [webapps] CloudClassroom PHP Project 1.0 - SQL Injection
- [remote] Microsoft Windows Server 2025 JScript Engine - Remote Code Execution (RCE)
- [local] macOS LaunchDaemon iOS 17.2 - Privilege Escalation
- [remote] Apache Tomcat 10.1.39 - Denial of Service (DoS)
Authorities Carry Out Elaborate Global Takedown of Infostealer Heavily Used by Cybercriminals
/in General NewsUS, European, and Japanese authorities, along with tech companies including Microsoft and Cloudflare, say they’ve disrupted Lumma, an infostealer popular with criminal gangs.
Security Latest – Read More
The Hidden Cybersecurity Risks of M&A
/in General NewsMerger and acquisition due diligence typically focuses on financials, legal risks, and operational efficiencies. Cybersecurity is often an afterthought — and that’s a problem.
darkreading – Read More
The Day I Found an APT Group In the Most Unlikely Place
/in General NewsDark Reading Confidential Episode 6: Cyber researchers Ismael Valenzuela and Vitor Ventura share riveting stories about the creative tricks they used to track down advanced persistent threat groups, and the surprises they discovered along the way.
darkreading – Read More
Coinbase Says Rogue Contractor Data Breach Affects 69,461 Users
/in General NewsA mandatory filing to the Maine Attorney General says 69,461 customers nationwide were affected and dates the breach back to last December.
The post Coinbase Says Rogue Contractor Data Breach Affects 69,461 Users appeared first on SecurityWeek.
SecurityWeek – Read More
KrebsOnSecurity Hit with 6.3 Tbps DDoS Attack via Aisuru Botnet
/in General NewsKrebsOnSecurity hit and survided a record-breaking 6.3 Tbps DDoS attack linked to the Aisuru IoT botnet, but it shows the vulnerable state of IoT devices.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Coinbase says its data breach affects at least 69,000 customers
/in General NewsThe crypto giant said the unauthorized access to customer data dates back to late December 2024.
Security News | TechCrunch – Read More
M&S says cyberattack will hit profits by £300 million, disruption to last until July
/in General NewsBritish retailer M&S reported that a recent cyberattack will have a £300 million impact on its operating profit “before cost mitigation, insurance and trading actions.”
The Record from Recorded Future News – Read More
US Student to Plead Guilty Over PowerSchool Hack
/in General NewsMatthew Lane allegedly hacked PowerSchool using stolen credentials and admitted to extorting a telecoms provider.
The post US Student to Plead Guilty Over PowerSchool Hack appeared first on SecurityWeek.
SecurityWeek – Read More
Cellcom Service Disruption Caused by Cyberattack
/in General NewsWireless carrier Cellcom has confirmed that a week-long widespread service outage is the result of a cyberattack.
The post Cellcom Service Disruption Caused by Cyberattack appeared first on SecurityWeek.
SecurityWeek – Read More
3 Teens Almost Got Away With Murder. Then Police Found Their Google Searches
/in General NewsAn arson attack in Colorado had detectives stumped. The way they solved the case could put everyone at risk.
Security Latest – Read More