BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Stacks Mobile App Builder 5.2.3 - Authentication Bypass via Account Takeover
- [remote] Microsoft PowerPoint 2019 - Remote Code Execution (RCE)
- [remote] ScriptCase 9.12.006 (23) - Remote Command Execution (RCE)
- [local] Sudo chroot 1.9.17 - Local Privilege Escalation
- [local] Sudo 1.9.17 Host Option - Elevation of Privilege
- [local] Microsoft Defender for Endpoint (MDE) - Elevation of Privilege
- [webapps] Discourse 3.2.x - Anonymous Cache Poisoning
- [remote] Microsoft Outlook - Remote Code Execution (RCE)
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
Iran’s Internet Blackout Adds New Dangers for Civilians Amid Israeli Bombings
/in General NewsIran is limiting internet connectivity for citizens amid Israeli airstrikes—pushing people towards domestic apps, which may not be secure, and limiting their ability to access vital information.
Security Latest – Read More
Halo Security Honored with 2025 MSP Today Product of the Year Award
/in General NewsMiami, Florida, 18th June 2025, CyberNewsWire
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
NordPass lets you store passports and other IDs now – but is this safe?
/in General NewsYou can store any physical document that can be scanned or saved electronically with NordPass now. Here’s how it works.
Latest stories for ZDNET in Security – Read More
Gerrit Misconfiguration Exposed Google Projects to Malicious Code Injection
/in General NewsMisconfigured permissions in Google’s Gerrit code collaboration platform could have led to the compromise of ChromiumOS and other Google projects.
The post Gerrit Misconfiguration Exposed Google Projects to Malicious Code Injection appeared first on SecurityWeek.
SecurityWeek – Read More
1,500+ Minecraft Players Infected by Java Malware Masquerading as Game Mods on GitHub
/in General NewsA new multi-stage malware campaign is targeting Minecraft users with a Java-based malware that employs a distribution-as-service (DaaS) offering called Stargazers Ghost Network.
“The campaigns resulted in a multi-stage attack chain targeting Minecraft users specifically,” Check Point researchers Jaromír Hořejší and Antonis Terefos said in a report shared with The Hacker News.
“The malware was
The Hacker News – Read More
Israel-Tied Predatory Sparrow Hackers Are Waging Cyberwar on Iran’s Financial System
/in General NewsAfter an attack on Iran’s Sepah bank, the hyper-aggressive Israel-linked hacker group has now destroyed more than $90 million held at Iranian crypto exchange Nobitex.
Security Latest – Read More
Hackers steal and destroy millions from Iran’s largest crypto exchange
/in General NewsIt’s the latest cyberattack on Iran claimed by a pro-Israeli hacking group since the latest flare up in tensions between the two countries.
Security News | TechCrunch – Read More
How CISOs Can Govern AI & Meet Evolving Regulations
/in General NewsSecurity teams are no longer just the last line of defense — they are the foundation for responsible AI adoption.
darkreading – Read More
Eufy’s new smart display gives Amazon and Google a run for their money – how it works
/in General NewsThe Smart Display E10 tablet offers facial recognition, quad-view live stream, event summaries, and a built-in battery for portability.
Latest stories for ZDNET in Security – Read More
Serpentine#Cloud Uses Cloudflare Tunnels in Sneak Attacks
/in General NewsAn unidentified threat actor is using .lnk Windows shortcut files in a series of sophisticated attacks utilizing in-memory code execution and living-off-the-land cyberattack strategies.
darkreading – Read More