BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
iMessage Zero-Click Attacks Suspected in Targeting of High-Value EU, US Individuals
/in General NewsiVerify links iPhone crashes to sophisticated zero-click attacks via iMessage targeting individuals involved in politics in the EU and US.
The post iMessage Zero-Click Attacks Suspected in Targeting of High-Value EU, US Individuals appeared first on SecurityWeek.
SecurityWeek – Read More
NHS calls for 1 million blood donors as UK stocks remain low following cyberattack
/in General NewsA cyberattack on London hospitals last year led to the depletion of stocks of crucial O-type blood, and the U.K.’s National Health Service is calling for a nationwide effort to shore up supplies.
The Record from Recorded Future News – Read More
Seraphic Security Unveils BrowserTotal™ – Free AI-Powered Browser Security Assessment for Enterprises
/in General NewsTel Aviv, Israel, 9th June 2025, CyberNewsWire
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
US Seeks Forfeiture of $7.74M in Cryptocurrency Tied to North Korean IT Workers
/in General NewsThe US is seeking the forfeiture of $7.74 million in cryptocurrency in frozen wallets tied to North Korean fake IT workers schemes.
The post US Seeks Forfeiture of $7.74M in Cryptocurrency Tied to North Korean IT Workers appeared first on SecurityWeek.
SecurityWeek – Read More
New PathWiper Malware Strikes Ukraine’s Critical Infrastructure
/in General NewsCisco Talos discovers PathWiper, a destructive new malware targeting critical infrastructure in Ukraine, highlighting ongoing cyber threats amidst the Russia-Ukraine conflict.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Nigerian Involved in Hacking US Tax Preparation Firms Sentenced to Prison
/in General NewsKingsley Uchelue Utulu has been sentenced to more than 5 years in prison for his role in a scheme that involved hacking, fraud and identity theft.
The post Nigerian Involved in Hacking US Tax Preparation Firms Sentenced to Prison appeared first on SecurityWeek.
SecurityWeek – Read More
Trump Cybersecurity Executive Order Targets Digital Identity, Sanctions Policies
/in General NewsPresident Trump says his new cybersecurity executive order amends problematic elements of Biden- and Obama-era executive orders.
The post Trump Cybersecurity Executive Order Targets Digital Identity, Sanctions Policies appeared first on SecurityWeek.
SecurityWeek – Read More
OpenAI Bans ChatGPT Accounts Used by Russian, Iranian and Chinese Hacker Groups
/in General NewsOpenAI has revealed that it banned a set of ChatGPT accounts that were likely operated by Russian-speaking threat actors and two Chinese nation-state hacking groups to assist with malware development, social media automation, and research about U.S. satellite communications technologies, among other things.
“The [Russian-speaking] actor used our models to assist with developing and refining
The Hacker News – Read More
Hackers Using Fake IT Support Calls to Breach Corporate Systems, Google
/in General NewsA financially motivated group of hackers known as UNC6040 is using a simple but effective tactic to breach…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
New Supply Chain Malware Operation Hits npm and PyPI Ecosystems, Targeting Millions Globally
/in General NewsCybersecurity researchers have flagged a supply chain attack targeting over a dozen packages associated with GlueStack to deliver malware.
The malware, introduced via a change to “lib/commonjs/index.js,” allows an attacker to run shell commands, take screenshots, and upload files to infected machines, Aikido Security told The Hacker News, stating these packages collectively account for nearly 1
The Hacker News – Read More