BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [remote] Apache Tomcat 10.1.39 - Denial of Service (DoS)
- [remote] Grandstream GSD3710 1.0.11.13 - Stack Overflow
- [webapps] CloudClassroom PHP Project 1.0 - SQL Injection
- [remote] Microsoft Windows Server 2025 JScript Engine - Remote Code Execution (RCE)
- [remote] ABB Cylon Aspect 3.08.04 DeploySource - Remote Code Execution (RCE)
- [local] macOS LaunchDaemon iOS 17.2 - Privilege Escalation
- [remote] Automic Agent 24.3.0 HF4 - Privilege Escalation
- [remote] Fortra GoAnywhere MFT 7.4.1 - Authentication Bypass
- [webapps] WordPress Digits Plugin 8.4.6.1 - Authentication Bypass via OTP Bruteforcing
- [remote] SolarWinds Serv-U 15.4.2 HF1 - Directory Traversal
Enhancing Traveler Data Security: Best Practices for Managing Sensitive Info
/in General NewsProtect traveler data with these tips: use VPNs, manage app permissions, and secure travel documents. Travel companies should…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Hackers Redirect $250,000 Payment in iLearningEngines Cyberattack
/in General NewsAI-powered learning automation firm iLearningEngines has been targeted in a cyberattack that resulted in the theft of $250,000.
The post Hackers Redirect $250,000 Payment in iLearningEngines Cyberattack appeared first on SecurityWeek.
SecurityWeek – Read More
Akira Ransomware Drops 30 Victims on Leak Site in One Day
/in General NewsCyberint has observed the Akira ransomware group leaking in a single day the information allegedly stolen from 32 victims.
The post Akira Ransomware Drops 30 Victims on Leak Site in One Day appeared first on SecurityWeek.
SecurityWeek – Read More
Cybersecurity Aphorisms: A Humorous and Insightful Look at Industry’s Truths
/in General NewsThe aphorism is a valuable cultural phenomenon for spreading the wisdom of experience — and cybersecurity, with its complexities, nuances, contradictions, and perpetual stress, is a fertile field.
The post Cybersecurity Aphorisms: A Humorous and Insightful Look at Industry’s Truths appeared first on SecurityWeek.
SecurityWeek – Read More
Ford Investigating Potential Breach After Hackers Claim Data Theft
/in General NewsFord has launched an investigation after hackers claimed to have stolen 44,000 customer data records.
The post Ford Investigating Potential Breach After Hackers Claim Data Theft appeared first on SecurityWeek.
SecurityWeek – Read More
Palo Alto Patches Firewall Zero-Day Exploited in Operation Lunar Peek
/in General NewsPalo Alto Networks has released patches and CVEs for the firewall zero-days exploited in what the company calls Operation Lunar Peek.
The post Palo Alto Patches Firewall Zero-Day Exploited in Operation Lunar Peek appeared first on SecurityWeek.
SecurityWeek – Read More
ICE Can Already Sidestep Sanctuary City Laws Through Data-Sharing Fusion Centers
/in General NewsBuilt to combat terrorism, fusion centers give US Immigration and Customs Enforcement a way to gain access to data that’s meant to be protected under city laws limiting local police cooperation with ICE.
Security Latest – Read More
Chinese Hackers Exploit T-Mobile and Other U.S. Telecoms in Broader Espionage Campaign
/in General NewsU.S. telecoms giant T-Mobile has confirmed that it was also among the companies that were targeted by Chinese threat actors to gain access to valuable information.
The adversaries, tracked as Salt Typhoon, breached the company as part of a “monthslong campaign” designed to harvest cellphone communications of “high-value intelligence targets.” It’s not clear what information was taken, if any,
The Hacker News – Read More
CISA Alert: Active Exploitation of VMware vCenter and Kemp LoadMaster Flaws
/in General NewsNow-patched security flaws impacting Progress Kemp LoadMaster and VMware vCenter Server have come under active exploitation in the wild, it has emerged.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added CVE-2024-1212 (CVSS score: 10.0), a maximum-severity security vulnerability in Progress Kemp LoadMaster to its Known Exploited Vulnerabilities (KEV) catalog. It was
The Hacker News – Read More
AnyChat brings together ChatGPT, Google Gemini, and more for ultimate AI flexibility
/in General NewsAnyChat unifies ChatGPT, Google Gemini, Claude, and more under one platform, offering developers and enterprises unprecedented flexibility to switch between leading AI models seamlessly.Read More
Security News | VentureBeat – Read More