BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
Following Data Breach, Multiple Stalkerware Apps Go Offline
/in General NewsThe same easily exploitable vulnerability was found in three of the apps that led to the compromise of victims’ data.
darkreading – Read More
Decentralized crypto platform Cetus hit with $223 million hack
/in General NewsThe company paused the platform for safety reasons before confirming that an attacker had stolen the funds.
The Record from Recorded Future News – Read More
3am Ransomware Adopts Email Bombing, Vishing Combo Attack
/in General NewsThe emerging threat group is the latest to adopt the combo attack tactic, which Black Basta and other groups already are using to gain initial access for ransomware deployment.
darkreading – Read More
Feds Charge 16 Russians Allegedly Tied to Botnets Used in Ransomware, Cyberattacks, and Spying
/in General NewsA new US indictment against a group of Russian nationals offers a clear example of how, authorities say, a single malware operation can enable both criminal and state-sponsored hacking.
Security Latest – Read More
Microsoft says Lumma password stealer malware found on 394,000 Windows PCs
/in General NewsMicrosoft and law enforcement announced a coordinated takedown of the Lumma pasword-stealing malware.
Security News | TechCrunch – Read More
Operation RapTor: 270 Arrested in Global Crackdown on Dark Web Vendors
/in General NewsGlobal crackdown: Operation RapTor leads to 270 arrests, millions seized as law enforcement targets dark web drug, weapon, and crypto vendors.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
7 ways to thwart phone thieves – and avoid China’s infamous ‘stolen iPhone building’
/in General NewsPhone theft is on the rise, especially in major cities. Even locked phones are tempting targets for thieves, as they can be sold for parts. Here’s how to protect your device before it’s too late.
Latest stories for ZDNET in Security – Read More
CISA: Russia’s Fancy Bear Targeting Logistics, IT Firms
/in General NewsThe mission is to gather information that could help Russia in its war against Ukraine.
darkreading – Read More
Chinese-speaking hackers targeting US municipalities with Cityworks bug
/in General NewsSince January, cybersecurity experts have seen Chinese-speaking hackers exploiting a bug impacting a tool used by local governments to manage critical infrastructure assets and other services.
The Record from Recorded Future News – Read More
Anthropic overtakes OpenAI: Claude Opus 4 codes seven hours nonstop, sets record SWE-Bench score and reshapes enterprise AI
/in General NewsAnthropic’s Claude Opus 4 outperforms OpenAI’s GPT-4.1 with unprecedented seven-hour autonomous coding sessions and record-breaking 72.5% SWE-bench score, transforming AI from quick-response tool to day-long collaborator.Read More
Security News | VentureBeat – Read More