BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
Hundreds of Russian devices hit by Rare Werewolf crypto-mining attacks
/in General NewsThe campaign has affected hundreds of Russian users, particularly targeting industrial enterprises and engineering schools, with additional victims reported in Belarus and Kazakhstan.
The Record from Recorded Future News – Read More
Hackers Stole 300,000 Crash Reports From Texas Department of Transportation
/in General NewsThe Texas Department of Transportation has disclosed a data breach impacting the personal information included in 300,000 crash reports.
The post Hackers Stole 300,000 Crash Reports From Texas Department of Transportation appeared first on SecurityWeek.
SecurityWeek – Read More
Ongoing cyberattack at US grocery distributor giant UNFI affecting customer orders
/in General NewsUnited Natural Foods said it is “diligently managing through the cyber incident” that sparked disruption outages.
Security News | TechCrunch – Read More
Airlines Don’t Want You to Know They Sold Your Flight Data to DHS
/in General NewsA contract obtained by 404 Media shows that an airline-owned data broker forbids the feds from revealing it sold them detailed passenger data.
Security Latest – Read More
Vanta’s AI agent wants to run your compliance program — and it just might
/in General NewsVanta launches autonomous AI agent that automates security compliance workflows, helping enterprises save 12+ hours weekly on policy management and audit preparation.Read More
Security News | VentureBeat – Read More
How Cisco plans to stop rogue AI agent attacks inside your network
/in General NewsAs AI agents grow more powerful and unpredictable, Cisco unveils tools to lock down networks, track agent behavior, and prevent chaos before it spreads through your infrastructure.
Latest stories for ZDNET in Security – Read More
The Hidden Threat in Your Stack: Why Non-Human Identity Management is the Next Cybersecurity Frontier
/in General NewsModern enterprise networks are highly complex environments that rely on hundreds of apps and infrastructure services. These systems need to interact securely and efficiently without constant human oversight, which is where non-human identities (NHIs) come in. NHIs — including application secrets, API keys, service accounts, and OAuth tokens — have exploded in recent years, thanks to an
The Hacker News – Read More
Five Zero-Days, 15 Misconfigurations Found in Salesforce Industry Cloud
/in General NewsSecurity researchers uncover critical flaws and widespread misconfigurations in Salesforce’s industry-specific CRM solutions.
The post Five Zero-Days, 15 Misconfigurations Found in Salesforce Industry Cloud appeared first on SecurityWeek.
SecurityWeek – Read More
Sensitive Information Stolen in Sensata Ransomware Attack
/in General NewsSensor manufacturer Sensata said a ransomware group had access to its network for more than a week and stole personal information.
The post Sensitive Information Stolen in Sensata Ransomware Attack appeared first on SecurityWeek.
SecurityWeek – Read More
Getty Images Sues Stability AI for Using Its Photos to Train AI Models
/in General NewsGetty Images accuses Stability AI of illegally using its content to train AI models in a high-stakes London…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More