BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [local] TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow
- [webapps] WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
- [webapps] Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)
- [local] RDPGuard 9.9.9 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
Fintech Frenzy: Affirm & Others Emerge as Victims in Evolve Breach
/in General NewsA ransomware attack has become a supply chain issue, thanks to the victim’s partnerships with other financial services companies.
darkreading – Read More
Passkey Redaction Attacks Subvert GitHub, Microsoft Authentication
/in General NewsAdversary-in-the-middle attacks can strip out the passkey option from login pages that users see, leaving targets with only authentication choices that force them to give up credentials.
darkreading – Read More
5 ChromeOS settings you should change for a more secure Chromebook – here’s how
/in General NewsCan you improve Google’s default security settings? You sure can! Lock down your laptop with these quick and easy tweaks.
Latest stories for ZDNET in Security – Read More
Cyber Workforce Numbers Rise for Larger Organizations
/in General NewsSome organizations are also reaching record-high levels of cyber maturity, at 80% to 90%.
darkreading – Read More
PTC License Server Bug Needs Immediate Patch Against Critical Flaw
/in General NewsCreo Elements/Direct License Servers, which enable industrial design and modeling software, are exposed to the Internet, leaving critical infrastructure vulnerable to remote code execution.
darkreading – Read More
Interlock Launches ThreatSlayer Web3 Security Extension and Incentivized Crowdsourced Internet Security Community
/in General NewsPost Content
darkreading – Read More
Rapid7 To Acquire Attack Surface Management Startup Noetic Cyber
/in General NewsCybersecurity firm Rapid7 has announced to acquired Noetic Cyber, a startup specializing in cyber asset attack surface management (CAASM). The terms of the deal were not disclosed.
Cyware News – Latest Cyber News – Read More
Odaseva Raises $54M Series C Round to Expand Product Offerings and Continue Category Leadership
/in General NewsPost Content
darkreading – Read More
Bloom Health Centers Provides Notice of Data Security Incident
/in General NewsPost Content
darkreading – Read More
Human Technology Inc. — Notification of Data Breach
/in General NewsPost Content
darkreading – Read More