BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
Southeast Asian provider of ‘infrastructure laundering’ for scams is sanctioned by US
/in General NewsFunnull Technology supports “hundreds of thousands of websites” dedicated to the scams, otherwise known as pig butchering, according to the sanctions announcement by the Treasury Department’s Office of Foreign Assets Control.
The Record from Recorded Future News – Read More
Unbound Raises $4 Million to Secure Gen-AI Adoption
/in General NewsSecurity startup Unbound has raised $4 million in funding to help organizations adopt generative-AI tools securely and responsibly.
The post Unbound Raises $4 Million to Secure Gen-AI Adoption appeared first on SecurityWeek.
SecurityWeek – Read More
Your Asus router may be compromised – here’s how to tell and what to do
/in General NewsCybercriminals have hacked into thousands of Asus routers, possibly as a prelude to a widescale botnet attack, says a security firm.
Latest stories for ZDNET in Security – Read More
A decade in, bootstrapped Thinkst Canary reaches $20M in ARR without VC funding
/in General NewsReflecting on 10 years since its launch, the honeypot maker explains why the company did not take on any VC funding.
Security News | TechCrunch – Read More
GreyNoise Flags 9,000 ASUS Routers Backdoored Via Patched Vulnerability
/in General NewsProfessional hackers have built a network of ASUS routers that can survive firmware upgrades, factory reboots and most anti-malware scans.
The post GreyNoise Flags 9,000 ASUS Routers Backdoored Via Patched Vulnerability appeared first on SecurityWeek.
SecurityWeek – Read More
Our favorite budget video doorbell gets an upgrade – see what’s new with Amazon’s Blink
/in General NewsThe second-generation Blink Video Doorbell delivers a wider field of view, enhanced night vision, upgraded person detection, and more.
Latest stories for ZDNET in Security – Read More
Fullscreen BitM Attack Discovered by SquareX Exploits Browser Fullscreen APIs to Steal Credentials in Safari
/in General NewsPALO ALTO, California, 29th May 2025, CyberNewsWire
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
New Malware Spotted Corrupts Its Own Headers to Block Analysis
/in General NewsFortinet spots new malware that corrupts its own headers to block forensic analysis, hide behavior, and communicate with its C2 server.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Victoria’s Secret Website Taken Offline After Cyberattack
/in General NewsWebsite remains offline following suspected cyber incident, as experts warn of escalating threats targeting major retailers
The post Victoria’s Secret Website Taken Offline After Cyberattack appeared first on SecurityWeek.
SecurityWeek – Read More
Adidas Data Breach Linked to Third-Party Vendor
/in General NewsAdidas said hackers accessed a “third-party customer service provider” and stole customer information.
The post Adidas Data Breach Linked to Third-Party Vendor appeared first on SecurityWeek.
SecurityWeek – Read More