BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
Paragon says it canceled contracts with Italy over government’s refusal to investigate spyware attack on journalist
/in General NewsThe Italian government claims that accepting Paragon’s help would have compromised national security and classified information.
Security News | TechCrunch – Read More
Chinese Hackers and User Lapses Turn Smartphones Into a ‘Mobile Security Crisis’
/in General NewsForeign hackers have increasingly identified smartphones, other mobile devices and the apps they use as a weak link in U.S. cyberdefenses.
The post Chinese Hackers and User Lapses Turn Smartphones Into a ‘Mobile Security Crisis’ appeared first on SecurityWeek.
SecurityWeek – Read More
Chinese Espionage Crews Circle SentinelOne in Year-Long Reconnaissance Campaign
/in General NewsAnti-malware vendor said it spent the past twelve months deflecting a stream of network reconnaissance probes from China-nexus threat actors
The post Chinese Espionage Crews Circle SentinelOne in Year-Long Reconnaissance Campaign appeared first on SecurityWeek.
SecurityWeek – Read More
Limited Canva Creator Data Exposed Via AI Chatbot Database
/in General NewsA Chroma database operated by Russian AI chatbot startup My Jedai was found exposed online, leaking survey responses…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Chinese-Linked Hackers Targeted 70+ Global Organizations, SentinelLABS
/in General NewsSentinelLABS uncovers widespread China-linked cyber espionage targeting over 70 global organizations and cybersecurity firms between July 2024 and…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Two Distinct Botnets Exploit Wazuh Server Vulnerability to Launch Mirai-Based Attacks
/in General NewsA now-patched critical security flaw in the Wazur Server is being exploited by threat actors to drop two different Mirai botnet variants and use them to conduct distributed denial-of-service (DDoS) attacks.
Akamai, which first discovered the exploitation efforts in late March 2025, said the malicious campaign targets CVE-2025-24016 (CVSS score: 9.9), an unsafe deserialization vulnerability that
The Hacker News – Read More
Major US grocery distributor warns of disruption after cyberattack
/in General NewsUNFI, a grocery distributor for Whole Foods and others, warned of disruptions to customer orders after a cyberattack.
Security News | TechCrunch – Read More
Major food wholesaler says cyberattack impacting distribution systems
/in General NewsThe statement said the Rhode Island-based company identified unauthorized activity on its systems on Thursday, prompting officials to take systems offline. The action “has temporarily impacted the Company’s ability to fulfill and distribute customer orders.”
The Record from Recorded Future News – Read More
New hacker group uses LockBit ransomware variant to target Russian companies
/in General NewsIn its latest campaign this spring, DarkGaboon was observed deploying LockBit 3.0 ransomware against victims in Russia, Positive Technologies said in a report last week.
The Record from Recorded Future News – Read More
Mirai Botnets Exploiting Wazuh Security Platform Vulnerability
/in General NewsCVE-2025-24016, a critical remote code execution vulnerability affecting Wazuh servers, has been exploited by Mirai botnets.
The post Mirai Botnets Exploiting Wazuh Security Platform Vulnerability appeared first on SecurityWeek.
SecurityWeek – Read More