BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Skyvern 0.1.85 - Remote Code Execution (RCE) via SSTI
- [remote] PCMan FTP Server 2.0.7 - Buffer Overflow
- [webapps] Litespeed Cache WordPress Plugin 6.3.0.1 - Privilege Escalation
- [local] Parrot and DJI variants Drone OSes - Kernel Panic Exploit
- [remote] Windows 11 SMB Client - Privilege Escalation & Remote Code Execution (RCE)
- [remote] AirKeyboard iOS App 1.0.5 - Remote Input Injection
- [webapps] PHP CGI Module 8.3.4 - Remote Code Execution (RCE)
- [remote] WebDAV Windows 10 - Remote Code Execution (RCE)
- [local] Microsoft Excel Use After Free - Local Code Execution
- [remote] Windows File Explorer Windows 10 Pro x64 - TAR Extraction
HardBit Ransomware Version 4.0 Supports New Obfuscation Techniques
/in General NewsTo ensure victims cannot recover encrypted files easily, the ransomware deletes the Volume Shadow Copy Service (VSS) and makes adjustments to the boot configuration to prevent errors upon restart.
Cyware News – Latest Cyber News – Read More
This rugged Blackview phone truly has it all – this Amazon Prime Day it’s cheaper than it’s ever been
/in General NewsAre you looking for an Android 13 phone that offers thermal imaging, night vision, and won’t break the bank? Get this on Amazon Prime Day for $350.
Latest news – Read More
I returned my Apple Vision Pro and Meta Quest 3 for these XR glasses – and they’re 30% off for Prime Day
/in General NewsThe Viture One XR glasses expand your viewing experience and are now just $299 for Amazon Prime Day.
Latest news – Read More
CISO Conversations: Frank Kim (YL Ventures) and Charles Blauner (Team8)
/in General NewsFrank Kim and Charles Blauner are responsible for security at both their own company and for the companies in which their firms invest.
The post CISO Conversations: Frank Kim (YL Ventures) and Charles Blauner (Team8) appeared first on SecurityWeek.
SecurityWeek – Read More
This portable power station has a standout feature that makes camping safer than ever, and it’s $200 off on Amazon Prime Day
/in General NewsThe Anker Solix C800 Plus has a trick up its sleeve that I wish more portable power stations had, and it’s now only $399 in the Amazon Prime Day sales.
Latest news – Read More
Malicious npm Packages Found Using Image Files to Hide Backdoor Code
/in General NewsCybersecurity researchers have identified two malicious packages on the npm package registry that concealed backdoor code to execute malicious commands sent from a remote server.
The packages in question – img-aws-s3-object-multipart-copy and legacyaws-s3-object-multipart-copy – have been downloaded 190 and 48 times each. As of writing, they have been taken down by the npm security team.
“They
The Hacker News – Read More
Hackers Exploit Flaw in Squarespace Migration to Hijack Domains
/in General NewsHackers exploited a flaw to hijack cryptocurrency domains that were migrated from Google Domains to Squarespace.
The post Hackers Exploit Flaw in Squarespace Migration to Hijack Domains appeared first on SecurityWeek.
SecurityWeek – Read More
One of the best-looking hybrid smartwatches is 20% off for Prime Day
/in General NewsPininfarina’s hybrid entry boasts excellent hardware and watch software, with a design that will make you look twice. The Amazon Prime Day deal won’t last as long as the battery.
Latest news – Read More
DNS Hijacks Target Cryptocurrency Platforms Registered With Squarespace
/in General NewsA coordinated wave of DNS hijacking attacks recently targeted decentralized finance (DeFi) cryptocurrency domains. Attackers used the Squarespace registrar to redirect visitors to phishing sites that aimed to steal cryptocurrency and NFTs.
Cyware News – Latest Cyber News – Read More
Disney Investigating Hacker Group’s Data Theft Claims
/in General NewsDisney has launched an investigation after a hacker group named NullBulge leaked data allegedly stolen from the company.
The post Disney Investigating Hacker Group’s Data Theft Claims appeared first on SecurityWeek.
SecurityWeek – Read More