BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Frogy2.0 - An Automated External Reconnaissance And Attack Surface Management (ASM) Toolkit
- PEGASUS-NEO - A Comprehensive Penetration Testing Framework Designed For Security Professionals And Ethical Hackers. It Combines Multiple Security Tools And Custom Modules For Reconnaissance, Exploitation, Wireless Attacks, Web Hacking, And More
- Text4Shell-Exploit - A Custom Python-based Proof-Of-Concept (PoC) Exploit Targeting Text4Shell (CVE-2022-42889), A Critical Remote Code Execution Vulnerability In Apache Commons Text Versions < 1.10
- Ghost-Route - Ghost Route Detects If A Next JS Site Is Vulnerable To The Corrupt Middleware Bypass Bug (CVE-2025-29927)
- Bytesrevealer - Online Reverse Enginerring Viewer
- CentralizedFirewall - Provides A Firewall Manager API Designed To Centralize And Streamline The Management Of Firewall Configurations
- Maryam - Open-source Intelligence(OSINT) Framework
- TruffleHog Explorer - A User-Friendly Web-Based Tool To Visualize And Analyze Data Extracted Using TruffleHog
- PANO - Advanced OSINT Investigation Platform Combining Graph Visualization, Timeline Analysis, And AI Assistance To Uncover Hidden Connections In Data
- Wappalyzer-Next - Python library that uses Wappalyzer extension (and its fingerprints) to detect technologies
Exploit DB
- [local] Microsoft Windows 11 - Kernel Privilege Escalation
- [local] tar-fs 3.0.0 - Arbitrary File Write/Overwrite
- [remote] code-projects Online Exam Mastering System 1.0 - Reflected Cross-Site Scripting (XSS)
- [remote] OpenSSH server (sshd) 9.8p1 - Race Condition
- [local] Microsoft Windows 11 23h2 - CLFS.sys Elevation of Privilege
- [webapps] WordPress Core 6.2 - Directory Traversal
- [remote] WonderCMS 3.4.2 - Remote Code Execution (RCE)
- [remote] Firefox ESR 115.11 - PDF.js Arbitrary JavaScript execution
- [webapps] FoxCMS 1.2.5 - Remote Code Execution (RCE)
- [webapps] Drupal 11.x-dev - Full Path Disclosure
Hackers Claim Magento Breach via Third-Party, Leak CRM Data of 700K Users
/in General NewsAnother day, another data breach claim involving a high-profile company!
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
US banking regulator reports on ‘major’ cyber incident involving senior officials’ emails
/in General NewsThe U.S. Office of the Comptroller of the Currency told Congress that a breach of its email systems reported in February involved “highly sensitive information” in the accounts of high-ranking officials.
The Record from Recorded Future News – Read More
Using Post-Quantum Planning to Improve Security Hygiene
/in General NewsWith careful planning, the transition to post-quantum cryptography can significantly improve security and risk management for the present and future.
darkreading – Read More
5 simple ways to start taking control of your online privacy today
/in General NewsA new survey from Malwarebytes reveals that most people are worried about their personal data being misused by corporations. But it doesn’t have to be a losing battle. Here’s how to better protect yourself.
Latest stories for ZDNET in Security – Read More
Qevlar AI Raises $10 Million for Autonomous Investigation Platform
/in General NewsFrench cybersecurity startup Qevlar AI has raised $10 million in a funding round led by EQT Ventures and Forgepoint Capital International.
The post Qevlar AI Raises $10 Million for Autonomous Investigation Platform appeared first on SecurityWeek.
SecurityWeek – Read More
How Google’s new Unified Security platform aims to simplify the fight against cyberthreats
/in General NewsDesigned for enterprise security professionals, Google Unified Security brings different tools together in one platform to reduce complexity and confusion.
Latest stories for ZDNET in Security – Read More
Google Cloud intros AI security agents, unified security platform to consolidate ops, triage, threat intel
/in General NewsGoogle Cloud releases new Google Unified Security platform to simplify cybersecurity, along with new semi-autonomous AI security agents.Read More
Security News | VentureBeat – Read More
Google’s new Ironwood chip is 24x more powerful than the world’s fastest supercomputer
/in General NewsGoogle unveils Ironwood, its seventh-generation TPU chip delivering 42.5 exaflops of AI compute power — 24x more than the world’s fastest supercomputer — ushering in the “age of inference.”Read More
Security News | VentureBeat – Read More
Fortinet Patches Critical FortiSwitch Vulnerability
/in General NewsFortinet fixes a critical-severity bug in FortiSwitch that could allow an attacker to modify administrative passwords.
The post Fortinet Patches Critical FortiSwitch Vulnerability appeared first on SecurityWeek.
SecurityWeek – Read More
Gcore Super Transit Brings Advanced DDoS Protection and Acceleration for Superior Enterprise Security and Speed
/in General NewsLuxembourg, Luxembourg, 9th April 2025, CyberNewsWire
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More