BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] WP Publications WordPress Plugin 1.2 - Stored XSS
- [local] Microsoft Graphics Component Windows 11 Pro (Build 26100+) - Local Elevation of Privileges
- [remote] Keras 2.15 - Remote Code Execution (RCE)
- [local] Microsoft Brokering File System Windows 11 Version 22H2 - Elevation of Privilege
- [webapps] PivotX 3.0.0 RC3 - Remote Code Execution (RCE)
- [hardware] TOTOLINK N300RB 8.54 - Command Execution
- [webapps] SugarCRM 14.0.0 - SSRF/Code Injection
- [webapps] Langflow 1.2.x - Remote Code Execution (RCE)
- [remote] NodeJS 24.x - Path Traversal
- [remote] MikroTik RouterOS 7.19.1 - Reflected XSS
Controversial Firms Cellebrite and Corellium Announce $200 Million Acquisition Deal
/in General NewsCellebrite and Corellium, whose names have been mentioned in spyware stories, are joining forces to provide advanced investigative solutions.
The post Controversial Firms Cellebrite and Corellium Announce $200 Million Acquisition Deal appeared first on SecurityWeek.
SecurityWeek – Read More
ClickFix Attack Exploits Fake Cloudflare Turnstile to Deliver Malware
/in General NewsResearchers have discovered and analyzed a ClickFix attack that uses a fake Cloudflare ‘humanness’ check.
The post ClickFix Attack Exploits Fake Cloudflare Turnstile to Deliver Malware appeared first on SecurityWeek.
SecurityWeek – Read More
ClickFix Email Scam Alert: Fake Booking.com Emails Deliver Malware
/in General NewsCofense Intelligence uncovers a surge in ClickFix email scams impersonating Booking.com, delivering RATs and info-stealers. Learn how these…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Men Who Hacked Law Enforcement Database for Doxing Sentenced to Prison
/in General NewsSagar Steven Singh and Nicholas Ceraolo, members of the Vile group, get prison sentences for identity theft and hacking.
The post Men Who Hacked Law Enforcement Database for Doxing Sentenced to Prison appeared first on SecurityWeek.
SecurityWeek – Read More
Carding Marketplace BidenCash Shut Down by Authorities
/in General NewsAuthorities seized 145 domains associated with BidenCash, a marketplace for stolen credit cards and personal information.
The post Carding Marketplace BidenCash Shut Down by Authorities appeared first on SecurityWeek.
SecurityWeek – Read More
DoJ Seizes 145 Domains Tied to BidenCash Carding Marketplace in Global Takedown
/in General NewsThe U.S. Department of Justice (DoJ) on Wednesday announced the seizure of cryptocurrency funds and about 145 clearnet and dark web domains associated with an illicit carding marketplace called BidenCash.
“The operators of the BidenCash marketplace use the platform to simplify the process of buying and selling stolen credit cards and associated personal information,” the DoJ said. “BidenCash
The Hacker News – Read More
Lee Enterprises Says 40,000 Hit by Ransomware-Caused Data Breach
/in General NewsLee Enterprises has completed its investigation into the recent ransomware attack and confirmed that a data breach occurred.
The post Lee Enterprises Says 40,000 Hit by Ransomware-Caused Data Breach appeared first on SecurityWeek.
SecurityWeek – Read More
Ransomware Gang Leaks Alleged Kettering Health Data
/in General NewsThe Interlock ransomware group has leaked data allegedly stolen from Kettering Health in a recent cyberattack.
The post Ransomware Gang Leaks Alleged Kettering Health Data appeared first on SecurityWeek.
SecurityWeek – Read More
What Really Happened in the Aftermath of the Lizard Squad Hacks
/in General NewsOn Christmas Day in 2014 hackers knocked out the Xbox and PlayStation gaming networks, impacting how video game companies handled cybersecurity for years.
Security Latest – Read More
Iranian APT ‘BladedFeline’ Hides in Network for 8 Years
/in General NewsESET published research on the Iranian APT “BladedFeline,” which researchers believe is a subgroup of the cyber-espionage entity APT34.
darkreading – Read More