BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
Nearly 94 Billion Stolen Cookies Found on Dark Web
/in General NewsCybersecurity experts warn of widespread data exposure as a recent investigation reveals a staggering number of internet cookies…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Ukrainian police arrest hacker who used hosting firm’s servers to mine cryptocurrency
/in General NewsThe suspect, a native of the central Ukrainian city of Poltava, had been conducting cyberattacks since at least 2018, police said.
The Record from Recorded Future News – Read More
Anthropic unveils custom AI models for U.S. national security customers
/in General NewsAnthropic says that it has released a new set of AI models tailored for U.S. national security customers. The new models, a custom set of “Claude Gov” models, were “built based on direct feedback from our government customers to address real-world operational needs,” writes Anthropic in a blog post. Compared to Anthropic’s consumer- and enterprise-focused […]
Security News | TechCrunch – Read More
Backdoored Open Source Malware Repositories Target Novice Cybercriminals
/in General NewsA threat actor has been creating backdoored open source malware repositories to target novice cybercriminals and game cheaters.
The post Backdoored Open Source Malware Repositories Target Novice Cybercriminals appeared first on SecurityWeek.
SecurityWeek – Read More
Finding Balance in US AI Regulation
/in General NewsThe US can’t afford to wait for political consensus to catch up to technological change.
darkreading – Read More
UK tax authority reveals scammers stole £47 million
/in General NewsOfficials from His Majesty’s Revenue & Customs, the U.K.’s tax authority, said criminals took over accounts to pilfer £47 million ($63 million) last year.
The Record from Recorded Future News – Read More
FBI: Play ransomware gang has attacked 600 organizations since 2023
/in General NewsLaw enforcement officials said initial access brokers with ties to Play ransomware operators continue to exploit multiple vulnerabilities in remote monitoring and management tool SimpleHelp.
The Record from Recorded Future News – Read More
Controversial Firms Cellebrite and Corellium Announce $200 Million Acquisition Deal
/in General NewsCellebrite and Corellium, whose names have been mentioned in spyware stories, are joining forces to provide advanced investigative solutions.
The post Controversial Firms Cellebrite and Corellium Announce $200 Million Acquisition Deal appeared first on SecurityWeek.
SecurityWeek – Read More
ClickFix Attack Exploits Fake Cloudflare Turnstile to Deliver Malware
/in General NewsResearchers have discovered and analyzed a ClickFix attack that uses a fake Cloudflare ‘humanness’ check.
The post ClickFix Attack Exploits Fake Cloudflare Turnstile to Deliver Malware appeared first on SecurityWeek.
SecurityWeek – Read More
ClickFix Email Scam Alert: Fake Booking.com Emails Deliver Malware
/in General NewsCofense Intelligence uncovers a surge in ClickFix email scams impersonating Booking.com, delivering RATs and info-stealers. Learn how these…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More