BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- VulnKnox - A Go-based Wrapper For The KNOXSS API To Automate XSS Vulnerability Testing
- Camtruder - Advanced RTSP Camera Discovery and Vulnerability Assessment Tool
- Frogy2.0 - An Automated External Reconnaissance And Attack Surface Management (ASM) Toolkit
- PEGASUS-NEO - A Comprehensive Penetration Testing Framework Designed For Security Professionals And Ethical Hackers. It Combines Multiple Security Tools And Custom Modules For Reconnaissance, Exploitation, Wireless Attacks, Web Hacking, And More
- Text4Shell-Exploit - A Custom Python-based Proof-Of-Concept (PoC) Exploit Targeting Text4Shell (CVE-2022-42889), A Critical Remote Code Execution Vulnerability In Apache Commons Text Versions < 1.10
- Ghost-Route - Ghost Route Detects If A Next JS Site Is Vulnerable To The Corrupt Middleware Bypass Bug (CVE-2025-29927)
- Bytesrevealer - Online Reverse Enginerring Viewer
- CentralizedFirewall - Provides A Firewall Manager API Designed To Centralize And Streamline The Management Of Firewall Configurations
- Maryam - Open-source Intelligence(OSINT) Framework
- TruffleHog Explorer - A User-Friendly Web-Based Tool To Visualize And Analyze Data Extracted Using TruffleHog
Exploit DB
- [local] Microsoft Windows 11 - Kernel Privilege Escalation
- [local] tar-fs 3.0.0 - Arbitrary File Write/Overwrite
- [remote] code-projects Online Exam Mastering System 1.0 - Reflected Cross-Site Scripting (XSS)
- [remote] OpenSSH server (sshd) 9.8p1 - Race Condition
- [local] Microsoft Windows 11 23h2 - CLFS.sys Elevation of Privilege
- [webapps] WordPress Core 6.2 - Directory Traversal
- [remote] WonderCMS 3.4.2 - Remote Code Execution (RCE)
- [remote] Firefox ESR 115.11 - PDF.js Arbitrary JavaScript execution
- [webapps] FoxCMS 1.2.5 - Remote Code Execution (RCE)
- [webapps] Drupal 11.x-dev - Full Path Disclosure
RSAC Unveils Keynote Speaker Slate for RSAC (TM) 2025 Conference
/in General NewsPost Content
darkreading – Read More
Port of Seattle says 90,000 people impacted in 2024 ransomware attack
/in General NewsThe organization that runs Seattle-Tacoma International Airport and several container terminals said it is sending breach notification letters to those affected by a ransomware attack, including about 71,000 people in Washington state.
The Record from Recorded Future News – Read More
Minnesota Tribe Struggles After Ransomware Attack
/in General NewsHotel and casino operations for the Lower Sioux Indians have been canceled or postponed, and the local health center is redirecting those needing medical or dental care.
darkreading – Read More
Top Crypto Wallets of 2025: Balancing Security and Convenience
/in General NewsCrypto software wallets are invincible in the micro range. If you own multiple crypto assets, you need safe and reliable wallets, too.
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Call Records of Millions Exposed by Verizon App Vulnerability
/in General NewsA patch has been released for a serious information disclosure vulnerability affecting a Verizon call filtering application.
The post Call Records of Millions Exposed by Verizon App Vulnerability appeared first on SecurityWeek.
SecurityWeek – Read More
DDoS Attacks Now Key Weapons in Geopolitical Conflicts, NETSCOUT Warns
/in General NewsHackers now use AI and botnets to launch powerful DDoS attacks, bypassing security and overwhelming servers as law enforcement struggles to keep up.
Security | TechRepublic – Read More
CISA Layoffs Are a Momentary Disruption, Not a Threat
/in General NewsLayoffs may cause short-term disruptions, but they don’t represent a catastrophic loss of cybersecurity capability — because the true cyber operations never resided solely within CISA to begin with.
darkreading – Read More
Medusa Rides Momentum From Ransomware-as-a-Service Pivot
/in General NewsShifting to a RaaS business model has accelerated the group’s growth, and targeting critical industries like healthcare, legal, and manufacturing hasn’t hurt either.
darkreading – Read More
In Other News: Apple Improving Malware Detection, Cybersecurity Funding, Cyber Command Chief Fired
/in General NewsNoteworthy stories that might have slipped under the radar: Apple adding TCC events to Endpoint Security, cybersecurity funding report for Q1 2025, Trump fires the head of NSA and Cyber Command.
The post In Other News: Apple Improving Malware Detection, Cybersecurity Funding, Cyber Command Chief Fired appeared first on SecurityWeek.
SecurityWeek – Read More
Cybercriminals are trying to loot Australian pension accounts in new campaign
/in General NewsHackers over the weekend targeted Australian superannuation funds — investment accounts into which portions of employees’ wages are compulsorily placed.
The Record from Recorded Future News – Read More