BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Pulsegram - Integrated Keylogger With Telegram
- Scrapling - An Undetectable, Powerful, Flexible, High-Performance Python Library That Makes Web Scraping Simple And Easy Again!
- VulnKnox - A Go-based Wrapper For The KNOXSS API To Automate XSS Vulnerability Testing
- Camtruder - Advanced RTSP Camera Discovery and Vulnerability Assessment Tool
- Frogy2.0 - An Automated External Reconnaissance And Attack Surface Management (ASM) Toolkit
- PEGASUS-NEO - A Comprehensive Penetration Testing Framework Designed For Security Professionals And Ethical Hackers. It Combines Multiple Security Tools And Custom Modules For Reconnaissance, Exploitation, Wireless Attacks, Web Hacking, And More
- Text4Shell-Exploit - A Custom Python-based Proof-Of-Concept (PoC) Exploit Targeting Text4Shell (CVE-2022-42889), A Critical Remote Code Execution Vulnerability In Apache Commons Text Versions < 1.10
- Ghost-Route - Ghost Route Detects If A Next JS Site Is Vulnerable To The Corrupt Middleware Bypass Bug (CVE-2025-29927)
- Bytesrevealer - Online Reverse Enginerring Viewer
- CentralizedFirewall - Provides A Firewall Manager API Designed To Centralize And Streamline The Management Of Firewall Configurations
Exploit DB
- [local] Microsoft Windows 11 - Kernel Privilege Escalation
- [local] tar-fs 3.0.0 - Arbitrary File Write/Overwrite
- [remote] code-projects Online Exam Mastering System 1.0 - Reflected Cross-Site Scripting (XSS)
- [remote] OpenSSH server (sshd) 9.8p1 - Race Condition
- [local] Microsoft Windows 11 23h2 - CLFS.sys Elevation of Privilege
- [webapps] WordPress Core 6.2 - Directory Traversal
- [remote] WonderCMS 3.4.2 - Remote Code Execution (RCE)
- [remote] Firefox ESR 115.11 - PDF.js Arbitrary JavaScript execution
- [webapps] FoxCMS 1.2.5 - Remote Code Execution (RCE)
- [webapps] Drupal 11.x-dev - Full Path Disclosure
Hacker Leaks 144GB of Royal Mail Group Data, Blames Supplier Spectos
/in General NewsHacker leaks 144GB of sensitive Royal Mail Group data, including customer info and internal files, claiming access came via supplier Spectos. Investigation underway!
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
T-Mobile settlement payouts begin this month – how much you could get
/in General NewsAfter a 2021 data breach affected 76 million customers, settlement checks are finally on the way. Here’s what you can expect.
Latest stories for ZDNET in Security – Read More
Cybersecurity Professor Faced China-Funding Inquiry Before Disappearing, Sources Say
/in General NewsA lawyer for Xiaofeng Wang and his wife says they are “safe” after FBI searches of their homes and Wang’s sudden dismissal from Indiana University, where he taught for over 20 years.
Security Latest – Read More
Vulnerabilities Expose Jan AI Systems to Remote Manipulation
/in General NewsVulnerabilities in open source ChatGPT alternative Jan AI expose systems to remote, unauthenticated manipulation.
The post Vulnerabilities Expose Jan AI Systems to Remote Manipulation appeared first on SecurityWeek.
SecurityWeek – Read More
Serial Entrepreneurs Raise $43M to Counter AI Deepfakes, Social Engineering
/in General NewsAdaptive is pitching a security platform designed to replicate real-world attack scenarios through AI-generated deepfake simulations.
The post Serial Entrepreneurs Raise $43M to Counter AI Deepfakes, Social Engineering appeared first on SecurityWeek.
SecurityWeek – Read More
A new security fund opens up to help protect the fediverse
/in General NewsA new security fund aims to help apps in the fediverse — like Mastodon, Threads, and Pixelfed — to pay researchers for disclosing security bugs.
Security News | TechCrunch – Read More
CSAM platform Kidflix shut down by international operation
/in General NewsA multi-year operation against the child sexual abuse material (CSAM) platform Kidflix has led to dozens of arrests and the seizure of tens of thousands of illegal videos, Europol said Wednesday.
The Record from Recorded Future News – Read More
Cyberhaven Banks $100 Million in Series D, Valuation Hits $1 Billion
/in General NewsCyberhaven bags $100 million in funding at a billion-dollar valuation, a sign that investors remain bullish on data security startups.
The post Cyberhaven Banks $100 Million in Series D, Valuation Hits $1 Billion appeared first on SecurityWeek.
SecurityWeek – Read More
Anthropic flips the script on AI in education: Claude’s Learning Mode makes students do the thinking
/in General NewsAnthropic launches Claude for Education with Learning Mode that teaches critical thinking rather than providing answers, partnering with top universities to transform AI’s role in education.Read More
Security News | VentureBeat – Read More
Apple Rolls Out iOS 18.4 With New Languages, Emojis & Apple Intelligence in the EU
/in General NewsApple’s iOS 18.4 lets EU users choose default navigation apps like Google Maps or Waze, complying with the Digital Markets Act for more competition and user control.
Security | TechRepublic – Read More