BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [remote] Apache Tomcat 10.1.39 - Denial of Service (DoS)
- [remote] Grandstream GSD3710 1.0.11.13 - Stack Overflow
- [webapps] CloudClassroom PHP Project 1.0 - SQL Injection
- [remote] Microsoft Windows Server 2025 JScript Engine - Remote Code Execution (RCE)
- [remote] ABB Cylon Aspect 3.08.04 DeploySource - Remote Code Execution (RCE)
- [local] macOS LaunchDaemon iOS 17.2 - Privilege Escalation
- [remote] Automic Agent 24.3.0 HF4 - Privilege Escalation
- [remote] Fortra GoAnywhere MFT 7.4.1 - Authentication Bypass
- [webapps] WordPress Digits Plugin 8.4.6.1 - Authentication Bypass via OTP Bruteforcing
- [remote] SolarWinds Serv-U 15.4.2 HF1 - Directory Traversal
Victoria’s Secret Delays Earnings Call Due to Cyber Incident
/in General NewsBut that didn’t stop the clothing retailer from issuing preliminary results for the first quarter of 2025.
darkreading – Read More
Smart Cars, Dumb Passwords: Auto Industry Still Runs on Weak Passwords
/in General NewsA new study by NordPass and NordStellar reveals the automotive industry is plagued by weak, reused, and common…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Phonely’s new AI agents hit 99% accuracy—and customers can’t tell they’re not human
/in General NewsPhonely, Maitai and Groq achieve breakthrough in AI phone support with sub-second response times and 99.2% accuracy, enabling human-level conversational AI for call centers.Read More
Security News | VentureBeat – Read More
Chrome Drops Trust for Chunghwa, Netlock Certificates
/in General NewsDigital certificates authorized by the authorities will no longer have trust by default in the browser starting in August, over what Google said is a loss of integrity in actions by the respective companies.
darkreading – Read More
LummaC2 Fractures as Acreed Malware Becomes Top Dog
/in General NewsLummaC2 formerly accounted for almost 92% of Russian Market’s credential theft log alerts. Now, the Acreed infostealer has replaced its market share.
darkreading – Read More
Chrome Drops Trust for Chunghwa, Netlock Certificates
/in General NewsDigital certificates authorized by the authorities will no longer have trust by default in the browser starting in August, over what Google said is a loss of integrity in actions by the respective companies.
darkreading – Read More
Phone chipmaker Qualcomm fixes three zero-days exploited by hackers
/in General NewsGoogle’s Threat Analysis Group, which investigates government-backed hacks, was credited with the discovery of the zero-days.
Security News | TechCrunch – Read More
Code Bug at Compliance Firm Vanta Leaks Customer Data to Other Clients
/in General NewsCompliance automation provider Vanta confirms a software bug exposed private customer data to other users, impacting hundreds of…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
The UK Brings Cyberwarfare Out of the Closet
/in General NewsThe UK’s 2025 Strategic Defence Review outlines a unified approach to modern warfare, integrating cyber, AI, and electromagnetic capabilities across military domains.
The post The UK Brings Cyberwarfare Out of the Closet appeared first on SecurityWeek.
SecurityWeek – Read More
How the Farm Industry Spied on Animal Rights Activists and Pushed the FBI to Treat Them as Bioterrorists
/in General NewsFor years, a powerful farm industry group served up information on activists to the FBI. Records reveal a decade-long effort to see the animal rights movement labeled a “bioterrorism” threat.
Security Latest – Read More