BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [local] ABB Cylon Aspect Studio 3.08.03 - Binary Planting
- [remote] Windows 2024.15 - Unauthenticated Desktop Screenshot Capture
- [local] Microsoft Windows Server 2016 - Win32k Elevation of Privilege
- [webapps] WordPress User Registration & Membership Plugin 4.1.2 - Authentication Bypass
- [webapps] Java-springboot-codebase 1.1 - Arbitrary File Read
- [remote] Grandstream GSD3710 1.0.11.13 - Stack Buffer Overflow
- [remote] ABB Cylon Aspect 3.08.03 - Guest2Root Privilege Escalation
- [remote] Remote Keyboard Desktop 1.0.1 - Remote Code Execution (RCE)
- [remote] CrushFTP 11.3.1 - Authentication Bypass
- [local] Zyxel USG FLEX H series uOS 1.31 - Privilege Escalation
OpenAI Rolls Out Compliance API and Integrations for ChatGPT Enterprise
/in General NewsThe tools are being positioned as crucial to help business customers meet requirements for regulations like FINRA, HIPAA, and GDPR.
The post OpenAI Rolls Out Compliance API and Integrations for ChatGPT Enterprise appeared first on SecurityWeek.
SecurityWeek – Read More
High-Severity Cisco Bug Grants Attackers Password Access
/in General NewsThe vulnerability was given the highest CVSS score possible, though few details have been released due to its severity.
darkreading – Read More
This rugged Android breaks the curse of ugly-yet-durable smartphones (and it’s on sale)
/in General NewsIf you’re looking for a rugged Android that performs better than most low-to-mid-range phones, the Oukitel WP35 offers extreme durability in a stylish package.
Latest news – Read More
Dyson’s new wireless headphones ‘OnTrac’ to challenge AirPods Max
/in General NewsCheaper than Dyson’s previous headphones, the new OnTrac model offers greater battery life, active noise cancellation, and replaceable ear cushions.
Latest news – Read More
I replaced my TV with this long-throw projector and it’s absolutely worth it – especially for $200 off
/in General NewsXgimi’s Horizon Ultra projector is the best home theatre system I’ve tested in a while, and it’s more accessible than ever.
Latest news – Read More
Will the Galaxy S25 get satellite texting? Samsung is working on the feature again
/in General NewsSamsung has been working on satellite connectivity for at least a year. Will it finally catch up to Apple in the space race?
Latest news – Read More
Unidentified Attacker “Revolver Rabbit” Uses RDGA to Register 500,000 Domains
/in General NewsAlthough not new, Registered Domain Generation Algorithms (RDGAs) have become a major cybersecurity threat, exploited by threat actors…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Chinese Hacking Group APT41 Infiltrates Global Shipping and Tech Sectors, Mandiant Warns
/in General NewsChinese government-backed hacking team caught breaking into organizations in shipping, logistics and automotive sectors in Europe and Asia.
The post Chinese Hacking Group APT41 Infiltrates Global Shipping and Tech Sectors, Mandiant Warns appeared first on SecurityWeek.
SecurityWeek – Read More
Microsoft-Signed Chinese Adware Opens the Door to Kernel Privileges
/in General NewsAn official stamp of approval might give the impression that a purported “HotPage” adtech tool is not, in fact, a dangerous kernel-level malware — but that’s just subterfuge.
darkreading – Read More
This sports watch has a ChatGPT-like running coach. Here’s how it works
/in General NewsThe Amazfit Cheetah smartwatch is built with runners in mind, so much so that it comes with its own AI training bot.
Latest news – Read More