BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [local] TightVNC 2.8.83 - Control Pipe Manipulation
- [remote] ProSSHD 1.2 20090726 - Denial of Service (DoS)
- [webapps] Laravel Pulse 1.3.1 - Arbitrary Code Injection
- [local] Microsoft Windows 11 Version 24H2 Cross Device Service - Elevation of Privilege
- [remote] ABB Cylon Aspect 3.08.04 DeploySource - Remote Code Execution (RCE)
- [remote] Grandstream GSD3710 1.0.11.13 - Stack Overflow
- [webapps] CloudClassroom PHP Project 1.0 - SQL Injection
- [remote] Microsoft Windows Server 2025 JScript Engine - Remote Code Execution (RCE)
- [local] macOS LaunchDaemon iOS 17.2 - Privilege Escalation
- [remote] Apache Tomcat 10.1.39 - Denial of Service (DoS)
Protect Data Differently for a Different World
/in General NewsAdopting a military mindset toward cybersecurity means the industry moves beyond the current network protection strategies and toward a data-centric security approach.
darkreading – Read More
AI in the Enterprise: Cutting Through the Hype and Assessing Real Risks
/in General NewsThe introduction of AI can bring benefits to the enterprise while not introducing additional risk that is beyond acceptable levels.
The post AI in the Enterprise: Cutting Through the Hype and Assessing Real Risks appeared first on SecurityWeek.
SecurityWeek – Read More
Cryptonator Seized for Laundering Ransom Payments, Stolen Crypto
/in General NewsThe U.S. and German law enforcement have seized the domain of the Cryptonator crypto wallet platform, indicting its operator, Roman Boss, for money laundering and running an unlicensed money service business.
Cyware News – Latest Cyber News – Read More
Protect AI Raises $60M in Series B Financing
/in General NewsProtect AI, a Seattle-based AI and ML security company, raised $60M in Series B funding led by Evolution Equity Partners, with participation from 01 Advisors, StepStone Group, Samsung, and existing investors.
Cyware News – Latest Cyber News – Read More
The Pros and Cons of Bitcoin
/in General NewsBitcoin, the first and most popular cryptocurrency, offers high potential returns but comes with high volatility and a…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Chinese Hackers Deliver Malware via ISP-Level DNS Poisoning
/in General NewsChinese group StormBamboo spotted delivering Windows and macOS malware by compromising an ISP and using DNS poisoning.
The post Chinese Hackers Deliver Malware via ISP-Level DNS Poisoning appeared first on SecurityWeek.
SecurityWeek – Read More
How Regional Regulations Shape Global Cybersecurity Culture
/in General NewsUltimately, a more cyber-secure world requires a global governing body to regulate and campaign for cybersecurity, with consistent regulatory requirements in the various regions around the world.
darkreading – Read More
Former NSA Director Paul Nakasone Joins Ballistic Ventures as Strategic Advisor
/in General NewsNakasone will assess the firm’s investments and offer strategic support to portfolio companies in the fight against adversarial advances in the cyber domain.
The post Former NSA Director Paul Nakasone Joins Ballistic Ventures as Strategic Advisor appeared first on SecurityWeek.
SecurityWeek – Read More
Apache OFBiz Users Warned of New and Exploited Vulnerabilities
/in General NewsOrganizations are being warned of a newly discovered Apache OFBiz vulnerability as exploitation of another recent flaw is observed.
The post Apache OFBiz Users Warned of New and Exploited Vulnerabilities appeared first on SecurityWeek.
SecurityWeek – Read More
New BlankBot Android Malware Targets Users’ Banking Data
/in General NewsBlankBot, which is still in development, has advanced features like screen recording, keylogging, and remote control, posing a significant threat due to its evasion techniques.
Cyware News – Latest Cyber News – Read More