BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] WP Publications WordPress Plugin 1.2 - Stored XSS
- [local] Microsoft Graphics Component Windows 11 Pro (Build 26100+) - Local Elevation of Privileges
- [remote] Keras 2.15 - Remote Code Execution (RCE)
- [local] Microsoft Brokering File System Windows 11 Version 22H2 - Elevation of Privilege
- [webapps] PivotX 3.0.0 RC3 - Remote Code Execution (RCE)
- [hardware] TOTOLINK N300RB 8.54 - Command Execution
- [webapps] SugarCRM 14.0.0 - SSRF/Code Injection
- [webapps] Langflow 1.2.x - Remote Code Execution (RCE)
- [remote] NodeJS 24.x - Path Traversal
- [remote] MikroTik RouterOS 7.19.1 - Reflected XSS
Electric Motor Giant Nidec Confirms Data Stolen in Ransomware Attack
/in General NewsElectric motor manufacturer Nidec confirms business and internal documents were stolen in a ransomware attack.
The post Electric Motor Giant Nidec Confirms Data Stolen in Ransomware Attack appeared first on SecurityWeek.
SecurityWeek – Read More
US Government Says Relying on Chinese Lithium Batteries Is Too Risky
/in General NewsA new document shows the Department of Homeland Security is concerned that Chinese investment in lithium batteries to power energy grids will make them a threat to US supply chain security.
Security Latest – Read More
AI and Hardware Hacking on the Rise
/in General NewsBugcrowd’s Inside the Mind of a Hacker report surveys the thoughts of one of the world’s largest hacker communities.
The post AI and Hardware Hacking on the Rise appeared first on SecurityWeek.
SecurityWeek – Read More
Internet Archive Hacked Again During Service Restoration Efforts
/in General NewsThe Internet Archive has suffered an email hack while working to restore services impacted by the recent cyberattacks.
The post Internet Archive Hacked Again During Service Restoration Efforts appeared first on SecurityWeek.
SecurityWeek – Read More
Researchers Discover Severe Security Flaws in Major E2EE Cloud Storage Providers
/in General NewsCybersecurity researchers have discovered severe cryptographic issues in various end-to-end encrypted (E2EE) cloud storage platforms that could be exploited to leak sensitive data.
“The vulnerabilities range in severity: in many cases a malicious server can inject files, tamper with file data, and even gain direct access to plaintext,” ETH Zurich researchers Jonas Hofmann and Kien Tuong Truong
The Hacker News – Read More
DPRK Uses Microsoft Zero-Day in No-Click Toast Attacks
/in General NewsThe “Code-on-Toast” supply chain cyberattacks by APT37 delivered data-stealing malware to users in South Korea who had enabled Toast pop-up ads.
darkreading – Read More
Cyprus Thwarted a Digital Attack Against the Government’s Main Online Portal
/in General NewsCyprus said that it has successfully thwarted a DDoS attack aimed at blocking access to the government’s central online portal.
The post Cyprus Thwarted a Digital Attack Against the Government’s Main Online Portal appeared first on SecurityWeek.
SecurityWeek – Read More
“HM Surf” macOS Flaw Lets Attackers Access Camera and Mic – Patch Now!
/in General NewsResearchers at Microsoft discovered a new macOS vulnerability, “HM Surf” (CVE-2024-44133), which bypasses TCC protections, allowing unauthorized access…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
The AI edge in cybersecurity: Predictive tools aim to slash response times
/in General NewsAI’s ability to sift through massive amounts of data, identify patterns and constantly learn makes it invaluable in cybersecurity.Read More
Security News | VentureBeat – Read More
Mirai-Inspired Gorilla Botnet Hits 0.3 Million Targets Across 100 Countries
/in General NewsA new Gorilla Botnet has launched massive DDoS attacks, targeting over 100 countries, according to cybersecurity firm NSFOCUS.…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More