BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [local] TightVNC 2.8.83 - Control Pipe Manipulation
- [remote] ProSSHD 1.2 20090726 - Denial of Service (DoS)
- [webapps] Laravel Pulse 1.3.1 - Arbitrary Code Injection
- [local] Microsoft Windows 11 Version 24H2 Cross Device Service - Elevation of Privilege
- [remote] ABB Cylon Aspect 3.08.04 DeploySource - Remote Code Execution (RCE)
- [remote] Grandstream GSD3710 1.0.11.13 - Stack Overflow
- [webapps] CloudClassroom PHP Project 1.0 - SQL Injection
- [remote] Microsoft Windows Server 2025 JScript Engine - Remote Code Execution (RCE)
- [local] macOS LaunchDaemon iOS 17.2 - Privilege Escalation
- [remote] Apache Tomcat 10.1.39 - Denial of Service (DoS)
NSO Group admits cutting off 10 customers because they abused its Pegasus spyware, say unsealed court documents
/in General NewsNewly unsealed documents brought by a WhatsApp lawsuit shows NSO Group’s spyware, Pegasus, was used to hack as many as “tens of thousands” of devices.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations
/in General NewsCybersecurity researchers have shed light on a new remote access trojan and information stealer used by Iranian state-sponsored actors to conduct reconnaissance of compromised endpoints and execute malicious commands.
Cybersecurity company Check Point has codenamed the malware WezRat, stating it has been detected in the wild since at least September 1, 2023, based on artifacts uploaded to the
The Hacker News – Read More
8.8 Rated PostgreSQL Vulnerability Puts Databases at Risk
/in General NewsCybersecurity researchers at Varonis have identified a serious security vulnerability in PostgreSQL that could lead to data breaches…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Microsoft Power Pages Misconfigurations Expose Millions of Records Globally
/in General NewsSaaS Security firm AppOmni has identified misconfigurations in Microsoft Power Pages that can lead to severe data breaches.…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Surfshark VPN review: One of our favorite budget VPNs with unlimited connections
/in General NewsAs VPNs go, Surfshark is well-rounded option with competitive pricing, but there are a few caveats.
Latest stories for ZDNET in Security – Read More
Lessons From OSC&R on Protecting the Software Supply Chain
/in General NewsA new report from the Open Software Supply Chain Attack Reference (OSC&R) team provides a framework to reduce how much vulnerable software reaches production.
darkreading – Read More
Combating the Rise of Federally Aimed Malicious Intent
/in General NewsIn the future, the cybersecurity landscape likely will depend not only on the ability of federal workforces to protect their agencies but also on their capacity to continuously develop and sharpen those skills.
darkreading – Read More
Indian police arrest suspect in $230 million WazirX crypto exchange hack
/in General NewsDelhi police arrested a man suspected of helping to initiate an intrusion into WazirX, one of the country’s largest cryptocurrency exchanges.
The Record from Recorded Future News – Read More
SurePath AI Raises $5.2 Million for Gen-AI Governance Solution
/in General NewsSurePath AI has raised $5.2 million in seed funding for a solution that helps enterprises securely use generative AI.
The post SurePath AI Raises $5.2 Million for Gen-AI Governance Solution appeared first on SecurityWeek.
SecurityWeek – Read More
Glove Stealer Malware Bypasses Chrome’s App-Bound Encryption
/in General NewsThe Glove Stealer malware leverages a recently disclosed App-Bound encryption bypass method in attacks.
The post Glove Stealer Malware Bypasses Chrome’s App-Bound Encryption appeared first on SecurityWeek.
SecurityWeek – Read More