BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [remote] Ingress-NGINX 4.11.0 - Remote Code Execution (RCE)
- [local] Microsoft Excel LTSC 2024 - Remote Code Execution (RCE)
- [remote] FortiOS SSL-VPN 7.4.4 - Insufficient Session Expiration & Cookie Reuse
- [remote] Windows 11 SMB Client - Privilege Escalation & Remote Code Execution (RCE)
- [remote] PCMan FTP Server 2.0.7 - Buffer Overflow
- [webapps] Litespeed Cache WordPress Plugin 6.3.0.1 - Privilege Escalation
- [local] Parrot and DJI variants Drone OSes - Kernel Panic Exploit
- [webapps] PHP CGI Module 8.3.4 - Remote Code Execution (RCE)
- [remote] AirKeyboard iOS App 1.0.5 - Remote Input Injection
- [webapps] Skyvern 0.1.85 - Remote Code Execution (RCE) via SSTI
China-linked LapDogs Campaign Drops ShortLeash Backdoor with Fake Certs
/in General NewsShortLeash backdoor, used in the China-linked LapDogs campaign since 2023, enables stealth access, persistence, and data theft via compromised SOHO routers and fake certs.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
‘Echo Chamber’ Attack Blows Past AI Guardrails
/in General NewsAn AI security researcher has developed a proof of concept that uses subtle, seemingly benign prompts to get GPT and Gemini to generate inappropriate content.
darkreading – Read More
Researchers say cybercriminals are using jailbroken AI tools from Mistral and xAI
/in General News“Uncensored” versions of two mainstream AI tools are the latest examples of how cybercriminals are repurposing the technology for illicit means.
The Record from Recorded Future News – Read More
Salesforce launches Agentforce 3 with AI agent observability and MCP support
/in General NewsSalesforce launches Agentforce 3 with AI agent observability and native MCP support, giving enterprises real-time visibility and secure interoperability at scale.Read More
Security News | VentureBeat – Read More
Canada says telcos were breached in China-linked espionage hacks
/in General NewsSalt Typhoon previously hacked phone and telco giants across the United States.
Security News | TechCrunch – Read More
1inch rolls out expanded bug bounties with rewards up to $500K
/in General NewsDUBAI, United Arab Emirates, 23rd June 2025, CyberNewsWire
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
DHS Warns of Rise in Cyberattacks in Light of US-Iran Conflict
/in General NewsAfter President’s Trump decision to enter the US into the conflict in the Middle East, the Department of Homeland Security expects there to be an uptick in Iranian hacktivists and state-sponsored actors targeting US systems.
darkreading – Read More
North Korean Hackers Take Over Victims’ Systems Using Zoom Meeting
/in General NewsNorth Korean hackers employ social engineering to trick Zoom Meeting participants into executing system-takeover commands.
The post North Korean Hackers Take Over Victims’ Systems Using Zoom Meeting appeared first on SecurityWeek.
SecurityWeek – Read More
Telegram Purged Chinese Crypto Scam Markets—Then Watched as They Rebuilt
/in General NewsLast month, Telegram banned black markets that sold tens of billions of dollars in crypto scam-related services. Now, as those markets rebrand and bounce back, it’s done nothing to stop them.
Security Latest – Read More
Why we’re focusing VB Transform on the agentic revolution – and what’s at stake for enterprise AI leaders
/in General NewsVB Transform 2025 tackles the agentic AI revolution—how enterprises can close the infrastructure gap and turn dazzling demos into deployed, trusted agents.Read More
Security News | VentureBeat – Read More