BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [remote] Apache Tomcat 10.1.39 - Denial of Service (DoS)
- [remote] Grandstream GSD3710 1.0.11.13 - Stack Overflow
- [webapps] CloudClassroom PHP Project 1.0 - SQL Injection
- [remote] Microsoft Windows Server 2025 JScript Engine - Remote Code Execution (RCE)
- [remote] ABB Cylon Aspect 3.08.04 DeploySource - Remote Code Execution (RCE)
- [local] macOS LaunchDaemon iOS 17.2 - Privilege Escalation
- [remote] Automic Agent 24.3.0 HF4 - Privilege Escalation
- [remote] Fortra GoAnywhere MFT 7.4.1 - Authentication Bypass
- [webapps] WordPress Digits Plugin 8.4.6.1 - Authentication Bypass via OTP Bruteforcing
- [remote] SolarWinds Serv-U 15.4.2 HF1 - Directory Traversal
Fidelity Notifies 77K Customers of Data Breach
/in General NewsThe third-party actor had access for two days, in the financial services company’s second major breach of the year.
darkreading – Read More
Fidelity Data Breach Exposes Data of Over 77,000 Customers
/in General NewsAn attacker snuck in by creating two new user accounts. Fidelity assures customers their investments aren’t affected.
Security | TechRepublic – Read More
Microsoft Previews New Windows Feature to Limit Admin Privileges
/in General NewsIn the latest Windows preview, Microsoft adds a feature — Administrator Protection — designed to prevent threat actors from easily escalating privileges and restrict lateral movement.
darkreading – Read More
OpenAI disrupts 20 campaigns to misuse its tech as federal officials mull international use of AI
/in General NewsThe AI giant published a 54-page report Wednesday detailing efforts by actors from China, Iran, Russia, Israel and other countries to misuse its technology for malicious purposes.
The Record from Recorded Future News – Read More
Mozilla fixes critical Firefox bug exploited in the wild
/in General NewsMozilla has patched a serious security flaw in its Firefox web browser that the company said is being exploited by hackers.
The Record from Recorded Future News – Read More
DDoS attacks on Internet Archive continue after data breach impacting 31 million
/in General NewsThe nonprofit Internet Archive, which also runs the Wayback Machine for web pages, said it was still facing trouble after a disruptive DDoS incident and data breach.
The Record from Recorded Future News – Read More
Deloitte: Why Only a Quarter of Cybersecurity Professionals are Women
/in General NewsDespite a huge talent shortage in the cybersecurity industry, women still feel discouraged from joining it due to concerns over their knowledge, its inclusivity, and the pay.
Security | TechRepublic – Read More
Simbian Introduces LLM AI Agents to Supercharge Threat Hunting and Incident Response
/in General NewsCybersecurity startup Simbian has launched three LLM AI Agents that work as virtual employees but with the speed, stamina, and accuracy of robots.
The post Simbian Introduces LLM AI Agents to Supercharge Threat Hunting and Incident Response appeared first on SecurityWeek.
SecurityWeek – Read More
Internet Archive (Archive.Org) Hacked: 31 Million Accounts Compromised
/in General NewsInternet Archive suffered a massive cyberattack, leading to a data breach where 31 million user records were stolen…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Walking the Tightrope Between Innovation & Risk
/in General NewsWhen employees and leaders engage with CISOs early in innovation projects, security concerns are addressed proactively, building trust and ensuring innovation and security coexist.
darkreading – Read More