BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
Popular Chrome Extensions Found Leaking Data via Unencrypted Connections
/in General NewsPopular Chrome extensions exposed user data by sending it over unencrypted HTTP, raising privacy concerns. Symantec urges caution for users.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
OpenAI takes down ChatGPT accounts linked to state-backed hacking, disinformation
/in General NewsState-backed threat actors from a handful of countries are using ChatGPT for a range of malicious purposes, including malware refinement, employment scams and social media disinformation campaigns.
The Record from Recorded Future News – Read More
Nigeria jails 9 Chinese nationals for being part of international cyberfraud syndicate
/in General NewsThe group was arrested in December as part of a raid that included 599 Nigerians and 193 other foreign nationals, many of them Chinese, on suspicion of being involved in a range of online crimes.
The Record from Recorded Future News – Read More
Apple Mail freezing after updating to iOS 18.5? Here’s a fix you can try
/in General NewsIf the Apple Mail app is glitching or causing your iPhone screen to go blank, there are a couple of things you can do to resolve the issue.
Latest stories for ZDNET in Security – Read More
Synthetic Data Is Here to Stay, but How Secure Is It?
/in General NewsSynthetic data offers organizations a way to develop AI while maintaining privacy compliance but requires careful management to prevent re-identification risks and ensure model accuracy.
darkreading – Read More
NICKNAME: Zero-Click iMessage Exploit Targeted Key Figures in US, EU
/in General NewsiVerify’s NICKNAME discovery reveals a zero-click iMessage flaw exploited in targeted attacks on US & EU high-value individuals…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Off-brand IoT devices are still vulnerable to BadBox botnet, FBI says
/in General NewsTV streaming devices, digital projectors and other IoT devices are being infected with BadBox 2.0 malware after the original campaign was stifled by German law enforcement.
The Record from Recorded Future News – Read More
MSFT-CrowdStrike ‘Rosetta Stone’ for Naming APTs: Meh?
/in General NewsMicrosoft and CrowdStrike announced an effort to deconflict the overlapping names of threat groups and reduce confusion for companies, but we’ve been here before.
darkreading – Read More
86 million A&T customer records reportedly up for sale on the dark web
/in General NewsThe leaked data contains names, dates of birth, phone numbers, email addresses, street addresses, and social security numbers.
Latest stories for ZDNET in Security – Read More
Kettering Health confirms attack by Interlock ransomware group as health record system is restored
/in General NewsThe Ohio-based Kettering Health system said a recent cyberattack was by the Interlock ransomware gang, which had claimed to steal troves of data from the organization.
The Record from Recorded Future News – Read More