BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
- Uro - Declutters Url Lists For Crawling/Pentesting
- Wshlient - A Simple Tool To Interact With Web Shells And Command Injection Vulnerabilities
- Pulsegram - Integrated Keylogger With Telegram
Exploit DB
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
- [webapps] Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference (IDOR)
- [webapps] Casdoor 1.901.0 - Cross-Site Request Forgery (CSRF)
- [local] Daikin Security Gateway 14 - Remote Password Reset
- [local] Microsoft Windows - XRM-MS File NTLM Information Disclosure Spoofing
- [local] Microsoft - NTLM Hash Disclosure Spoofing (library-ms)
- [local] ZTE ZXV10 H201L - RCE via authentication bypass
- [local] unzip-stream 0.3.1 - Arbitrary File Write
- [remote] OpenSSH server (sshd) 9.8p1 - Race Condition
- [local] tar-fs 3.0.0 - Arbitrary File Write/Overwrite
South Korea Fines Meta $15 Million for Illegally Collecting Information on Facebook Users
/in General NewsSouth Korea’s privacy watchdog has fined Meta 21.6 billion won ($15 million) for illegally collecting sensitive personal information from Facebook users.
The post South Korea Fines Meta $15 Million for Illegally Collecting Information on Facebook Users appeared first on SecurityWeek.
SecurityWeek – Read More
PLCHound Aims to Improve Detection of Internet-Exposed ICS
/in General NewsGeorgia Tech researchers have developed PLCHound, an algorithm that uses AI to improve the identification of internet-exposed ICS.
The post PLCHound Aims to Improve Detection of Internet-Exposed ICS appeared first on SecurityWeek.
SecurityWeek – Read More
South Korea Fines Meta $15.67M for Illegally Sharing Sensitive User Data with Advertisers
/in General NewsMeta has been fined 21.62 billion won ($15.67 million) by South Korea’s data privacy watchdog for illegally collecting sensitive personal information from Facebook users, including data about their political views and sexual orientation, and sharing it with advertisers without their consent.
The country’s Personal Information Protection Commission (PIPC) said Meta gathered information such as
The Hacker News – Read More
Google Cloud to Enforce Multi-Factor Authentication by 2025 for All Users
/in General NewsGoogle’s cloud division has announced that it will enforce mandatory multi-factor authentication (MFA) for all users by the end of 2025 as part of its efforts to improve account security.
“We will be implementing mandatory MFA for Google Cloud in a phased approach that will roll out to all users worldwide during 2025,” Mayank Upadhyay, vice president of engineering and distinguished engineer at
The Hacker News – Read More
Interpol operation nets 41 arrests, takedown of 22,000 malicious IPs
/in General NewsThe global operation was intended to root out malicious IP addresses used for phishing, ransomware and infostealer malware.
The Record from Recorded Future News – Read More
Attacker Hides Malicious Activity in Emulated Linux Environment
/in General NewsThe CRON#TRAP campaign involves a novel technique for executing malicious commands on a compromised system.
darkreading – Read More
Canadian Authorities Arrest Attacker Who Stole Snowflake Data
/in General NewsThe suspect, tracked as UNC5537, allegedly bragged about hacking several Snowflake victims on Telegram, drawing attention to himself.
darkreading – Read More
Android Botnet ‘ToxicPanda’ Bashes Banks Across Europe, Latin America
/in General NewsChinese-speaking adversaries are using a fresh Android banking Trojan to take over devices and initiate fraudulent money transfers from financial institutions across Latin America, Italy, Portugal, and Spain.
darkreading – Read More
Russia Is Going All Out on Election Day Interference
/in General NewsAlong with other foreign influence operations—including from Iran—Kremlin-backed campaigns to stoke division and fear have gone into overdrive.
Security Latest – Read More
Schneider Electric Clawed by ‘Hellcat’ Ransomware Gang
/in General NewsThe cybercriminal group holding the stolen information is demanding the vendor admit to the breach and pay up.
darkreading – Read More