BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [remote] Remote Keyboard Desktop 1.0.1 - Remote Code Execution (RCE)
- [remote] CrushFTP 11.3.1 - Authentication Bypass
- [remote] Invision Community 5.0.6 - Remote Code Execution (RCE)
- [local] Zyxel USG FLEX H series uOS 1.31 - Privilege Escalation
- [webapps] Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)
- [local] RDPGuard 9.9.9 - Privilege Escalation
- [webapps] WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
- [local] TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
This XR media and gaming hub is surprisingly useful and affordable
/in General NewsThe Xreal Beam Pro serves as a central repository to alleviate content fragmentation and save your phone battery.
Latest news – Read More
These XR glasses gave me three virtual MacBook screens to work with – and they’re 20% off for Prime Day
/in General NewsThe Viture One Lite XR glasses offer a more accessible price point than the Viture Pro, but don’t sacrifice many features to get there.
Latest news – Read More
AutoNation Says CDK Global Ransomware Attack Impacted Earnings
/in General NewsCar dealership AutoNation has informed the SEC that the CDK Global ransomware attack impacted its quarterly earnings.
The post AutoNation Says CDK Global Ransomware Attack Impacted Earnings appeared first on SecurityWeek.
SecurityWeek – Read More
HardBit Ransomware Version 4.0 Supports New Obfuscation Techniques
/in General NewsTo ensure victims cannot recover encrypted files easily, the ransomware deletes the Volume Shadow Copy Service (VSS) and makes adjustments to the boot configuration to prevent errors upon restart.
Cyware News – Latest Cyber News – Read More
This rugged Blackview phone truly has it all – this Amazon Prime Day it’s cheaper than it’s ever been
/in General NewsAre you looking for an Android 13 phone that offers thermal imaging, night vision, and won’t break the bank? Get this on Amazon Prime Day for $350.
Latest news – Read More
I returned my Apple Vision Pro and Meta Quest 3 for these XR glasses – and they’re 30% off for Prime Day
/in General NewsThe Viture One XR glasses expand your viewing experience and are now just $299 for Amazon Prime Day.
Latest news – Read More
CISO Conversations: Frank Kim (YL Ventures) and Charles Blauner (Team8)
/in General NewsFrank Kim and Charles Blauner are responsible for security at both their own company and for the companies in which their firms invest.
The post CISO Conversations: Frank Kim (YL Ventures) and Charles Blauner (Team8) appeared first on SecurityWeek.
SecurityWeek – Read More
This portable power station has a standout feature that makes camping safer than ever, and it’s $200 off on Amazon Prime Day
/in General NewsThe Anker Solix C800 Plus has a trick up its sleeve that I wish more portable power stations had, and it’s now only $399 in the Amazon Prime Day sales.
Latest news – Read More
Malicious npm Packages Found Using Image Files to Hide Backdoor Code
/in General NewsCybersecurity researchers have identified two malicious packages on the npm package registry that concealed backdoor code to execute malicious commands sent from a remote server.
The packages in question – img-aws-s3-object-multipart-copy and legacyaws-s3-object-multipart-copy – have been downloaded 190 and 48 times each. As of writing, they have been taken down by the npm security team.
“They
The Hacker News – Read More
Hackers Exploit Flaw in Squarespace Migration to Hijack Domains
/in General NewsHackers exploited a flaw to hijack cryptocurrency domains that were migrated from Google Domains to Squarespace.
The post Hackers Exploit Flaw in Squarespace Migration to Hijack Domains appeared first on SecurityWeek.
SecurityWeek – Read More