BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] WP Publications WordPress Plugin 1.2 - Stored XSS
- [local] Microsoft Graphics Component Windows 11 Pro (Build 26100+) - Local Elevation of Privileges
- [remote] Keras 2.15 - Remote Code Execution (RCE)
- [local] Microsoft Brokering File System Windows 11 Version 22H2 - Elevation of Privilege
- [webapps] PivotX 3.0.0 RC3 - Remote Code Execution (RCE)
- [hardware] TOTOLINK N300RB 8.54 - Command Execution
- [webapps] SugarCRM 14.0.0 - SSRF/Code Injection
- [webapps] Langflow 1.2.x - Remote Code Execution (RCE)
- [remote] NodeJS 24.x - Path Traversal
- [remote] MikroTik RouterOS 7.19.1 - Reflected XSS
Cybercriminals Are Hiding Malicious Web Traffic in Plain Sight
/in General NewsIn an effort to evade detection, cybercriminals are increasingly turning to “residential proxy” services that cover their tracks by making it look like everyday online activity.
Security Latest – Read More
F5 Acquires Agentic AI Security Startup Fletch
/in General NewsAgentic AI technology will be integrated into the recently launched F5 Application Delivery and Security Platform.
darkreading – Read More
BADBOX 2.0 Targets Home Networks in Botnet Campaign, FBI Warns
/in General NewsThough the operation was partially disrupted earlier this year, the botnet remains active and continues to target connected Android devices.
darkreading – Read More
Popular Chrome Extensions Found Leaking Data via Unencrypted Connections
/in General NewsPopular Chrome extensions exposed user data by sending it over unencrypted HTTP, raising privacy concerns. Symantec urges caution for users.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
OpenAI takes down ChatGPT accounts linked to state-backed hacking, disinformation
/in General NewsState-backed threat actors from a handful of countries are using ChatGPT for a range of malicious purposes, including malware refinement, employment scams and social media disinformation campaigns.
The Record from Recorded Future News – Read More
Nigeria jails 9 Chinese nationals for being part of international cyberfraud syndicate
/in General NewsThe group was arrested in December as part of a raid that included 599 Nigerians and 193 other foreign nationals, many of them Chinese, on suspicion of being involved in a range of online crimes.
The Record from Recorded Future News – Read More
Apple Mail freezing after updating to iOS 18.5? Here’s a fix you can try
/in General NewsIf the Apple Mail app is glitching or causing your iPhone screen to go blank, there are a couple of things you can do to resolve the issue.
Latest stories for ZDNET in Security – Read More
Synthetic Data Is Here to Stay, but How Secure Is It?
/in General NewsSynthetic data offers organizations a way to develop AI while maintaining privacy compliance but requires careful management to prevent re-identification risks and ensure model accuracy.
darkreading – Read More
NICKNAME: Zero-Click iMessage Exploit Targeted Key Figures in US, EU
/in General NewsiVerify’s NICKNAME discovery reveals a zero-click iMessage flaw exploited in targeted attacks on US & EU high-value individuals…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Off-brand IoT devices are still vulnerable to BadBox botnet, FBI says
/in General NewsTV streaming devices, digital projectors and other IoT devices are being infected with BadBox 2.0 malware after the original campaign was stifled by German law enforcement.
The Record from Recorded Future News – Read More