BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via the Chat Transfer Function
- [webapps] Simple File List WordPress Plugin 4.2.2 - File Upload to RCE
- [webapps] Pie Register WordPress Plugin 3.7.1.4 - Authentication Bypass to RCE
- [webapps] Joomla JS Jobs plugin 1.4.2 - SQL injection
- [remote] Microsoft Edge Windows 10 Version 1511 - Cross Site Scripting (XSS)
- [remote] Tenda FH451 1.0.0.9 Router - Stack-based Buffer Overflow
- [webapps] LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via Telegram Bot Username
- [webapps] LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via Operator Surname
- [webapps] Discourse 3.1.1 - Unauthenticated Chat Message Access
- [webapps] LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via Department Assignment Alias Nick Field
500k Impacted by Texas Dow Employees Credit Union Data Breach
/in General NewsThe personal information of 500,000 Texas Dow Employees Credit Union members was compromised in the MOVEit hack last year.
The post 500k Impacted by Texas Dow Employees Credit Union Data Breach appeared first on SecurityWeek.
SecurityWeek – Read More
GenAI Models are Easily Compromised
/in General NewsGenAI security measures are easily compromised, with 95% of experts expressing low confidence in their security. Attack methods specific to GenAI make it easy for anyone to manipulate applications, gain unauthorized access, and steal data.
Cyware News – Latest Cyber News – Read More
American Radio Relay League Paid $1 Million to Ransomware Gang
/in General NewsThe American Radio Relay League (ARRL) says it paid out a $1 million ransom after falling victim to ransomware in May 2024.
The post American Radio Relay League Paid $1 Million to Ransomware Gang appeared first on SecurityWeek.
SecurityWeek – Read More
French Authorities Arrest Telegram CEO Pavel Durov at a Paris Airport, French Media Report
/in General NewsFrench media reported that the warrant for Durov was issued by France at the request of the special unit at the country’s interior ministry in charge of investigating crimes against minors.
The post French Authorities Arrest Telegram CEO Pavel Durov at a Paris Airport, French Media Report appeared first on SecurityWeek.
SecurityWeek – Read More
SonicWall Patches Critical SonicOS Vulnerability
/in General NewsSonicWall has patched CVE-2024-40766, a critical SonicOS vulnerability that can lead to unauthorized access or a firewall crash.
The post SonicWall Patches Critical SonicOS Vulnerability appeared first on SecurityWeek.
SecurityWeek – Read More
NTLM Credential Theft Risk in Python Apps Threaten Windows Security
/in General NewsNew research reveals critical vulnerabilities in Python applications for Windows including Snowflake, Gradio, Jupyter, and Streamlit that could…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Stealthy ‘sedexp’ Linux Malware Evaded Detection for Two Years
/in General NewsA sophisticated Linux malware called ‘sedexp’ has been flying under the radar since 2022, utilizing a unique persistence technique not yet recognized by the MITRE ATT&CK framework.
Cyware News – Latest Cyber News – Read More
Uber to Appeal Dutch €290 Million GDPR Fine
/in General NewsThe Dutch Data Protection Authority has fined Uber €290 million ($320 million) for driver data transfer practices that allegedly violate GDPR.
The post Uber to Appeal Dutch €290 Million GDPR Fine appeared first on SecurityWeek.
SecurityWeek – Read More
Kremlin Blames Widespread Website Disruptions on DDoS Attack; Digital Experts Disagree
/in General NewsThe Kremlin attributed the widespread website disruptions in Russia to a DDoS attack, but digital experts disagree, stating that it is unlikely to target all 2,000 Russian telecom operators simultaneously.
Cyware News – Latest Cyber News – Read More
Hackers can Take Over Ecovacs Home Robots to Spy on Device Owners
/in General NewsResearchers recently warned that Ecovacs vacuum and lawn mower robots could be hacked to spy on their owners, with one flaw that allows attackers to take over devices’ cameras and microphones via Bluetooth.
Cyware News – Latest Cyber News – Read More