BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
- Uro - Declutters Url Lists For Crawling/Pentesting
Exploit DB
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
- [webapps] Casdoor 1.901.0 - Cross-Site Request Forgery (CSRF)
- [webapps] Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference (IDOR)
- [local] Daikin Security Gateway 14 - Remote Password Reset
- [local] ZTE ZXV10 H201L - RCE via authentication bypass
This sneaky Android spyware needs a password to uninstall. Here’s how to remove it without one.
/in General NewsA simple trick can remove malicious Android spyware apps that require a password to uninstall.
Security News | TechCrunch – Read More
Halo ITSM Vulnerability Exposed Organizations to Remote Hacking
/in General NewsAn unauthenticated SQL injection vulnerability in Halo ITSM could have been exploited to read, modify, or insert data.
The post Halo ITSM Vulnerability Exposed Organizations to Remote Hacking appeared first on SecurityWeek.
SecurityWeek – Read More
Hackers Exploit Stripe API for Web Skimming Card Theft on Online Stores
/in General NewsCybersecurity researchers at Jscamblers have uncovered a sophisticated web-skimming campaign targeting online retailers. The campaign utilizes a legacy…
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Secure Ideas Achieves CREST Accreditation and CMMC Level 1 Compliance
/in General NewsJacksonville, United States, 3rd April 2025, CyberNewsWire
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Payment Fraud Detection and Prevention: Here’s All To Know
/in General NewsHere are the most common and latest advancements in payment fraud strategies and payment fraud prevention tools for protecting your business.
Security | TechRepublic – Read More
AutonomyAI Emerges from Stealth with $4M Pre-Seed Funding to Transform Front-End Development with Autonomous AI Agents
/in General NewsThe first-of-its-kind solution integrates with company codebases, enabling AI agents to work in-context and generate production-grade, front-end code in minutes.
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Social Engineering Just Got Smarter
/in General NewsPolices that forbid employees from divulging company details are worthless if the same information can be obtained from sources employees have no control over.
darkreading – Read More
A bizarre iOS 18.4 bug is surprising iPhone users with random app installs
/in General NewsWake up to a new app on your iPhone after the iOS 18.4 update? You’re not the only one.
Latest stories for ZDNET in Security – Read More
Hunters International Ransomware Gang Rebranding, Shifting Focus
/in General NewsThe notorious cybercrime group Hunters International is dropping ransomware to focus on data theft and extortion.
The post Hunters International Ransomware Gang Rebranding, Shifting Focus appeared first on SecurityWeek.
SecurityWeek – Read More
AI Image Site GenNomis Exposed 47GB of Underage Deepfakes
/in General NewsCybersecurity researcher Jeremiah Fowler uncovers a massive 47.8GB database with disturbing AI-generated content belonging to GenNomis.
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More