BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [remote] Apache Tomcat 10.1.39 - Denial of Service (DoS)
- [remote] Grandstream GSD3710 1.0.11.13 - Stack Overflow
- [webapps] CloudClassroom PHP Project 1.0 - SQL Injection
- [remote] Microsoft Windows Server 2025 JScript Engine - Remote Code Execution (RCE)
- [remote] ABB Cylon Aspect 3.08.04 DeploySource - Remote Code Execution (RCE)
- [local] macOS LaunchDaemon iOS 17.2 - Privilege Escalation
- [remote] Automic Agent 24.3.0 HF4 - Privilege Escalation
- [remote] Fortra GoAnywhere MFT 7.4.1 - Authentication Bypass
- [webapps] WordPress Digits Plugin 8.4.6.1 - Authentication Bypass via OTP Bruteforcing
- [remote] SolarWinds Serv-U 15.4.2 HF1 - Directory Traversal
Warning: New Adware Campaign Targets Meta Quest App Seekers
/in General NewsA new campaign is tricking users searching for the Meta Quest (formerly Oculus) application for Windows into downloading a new adware family called AdsExhaust.
“The adware is capable of exfiltrating screenshots from infected devices and interacting with browsers using simulated keystrokes,” cybersecurity firm eSentire said in an analysis, adding it identified the activity earlier this month.
”
The Hacker News – Read More
A Catastrophic Hospital Hack Ends in a Leak of 300M Patient Records
/in General NewsPlus: Alleged Apple source code leaks online, cybercrime group Scattered Spider’s alleged kingpin gets arrested, and more.
Security Latest – Read More
U.S. Treasury Sanctions 12 Kaspersky Executives Amid Software Ban
/in General NewsThe U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) imposed sanctions against a dozen individuals serving executive and senior leadership roles at Kaspersky Lab, a day after the Russian company was banned by the Commerce Department.
The move “underscores our commitment to ensure the integrity of our cyber domain and to protect our citizens against malicious cyber
The Hacker News – Read More
LAUSD Data Breach: Hackers Leak 25M Records, Including Student Locations
/in General NewsThe Los Angeles Unified School District (LAUSD) suffered a massive data breach due to a Snowflake vulnerability, exposing personal details of millions of students and thousands of teachers and staff.
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Australian Organizations are Fascinated With Copilot for Microsoft 365, But Will They Avoid The “Gotchas”?
/in General NewsAccording to Gartner, there are gotchas that can impede an organization’s ability to embrace Copilot. Here’s what enterprises interested in implementing Copilot should keep in mind.
Security | TechRepublic – Read More
Kaspersky’s US Customers Face Tight Deadline Following Govt. Ban
/in General NewsAfter Sept. 29, 2024, organizations and individuals that continue using the vendor’s products will no longer receive any updates or support.
darkreading – Read More
Why Anthropic’s Artifacts may be this year’s most important AI feature: Unveiling the interface battle
/in General NewsAnthropic’s Artifacts, a new AI workspace feature, may revolutionize human-AI interaction and reshape enterprise software, signaling a shift in focus from raw capabilities to user experience in the competitive AI landscape.Read More
Security News | VentureBeat – Read More
CISO Corner: Critical Infrastructure Misinformation; France’s Atos Bid
/in General NewsOur collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: Inside China’s civilian hacker army; outer space threats; and NIST 2.0 Framework secrets for success.
darkreading – Read More
Gartner: 3 Actions to Achieve Cybersecurity Consolidation
/in General NewsIn this TechRepublic exclusive, Gartner VP Analyst Dionisio Zumerle shares three leadership strategies for achieving cybersecurity platform consolidation.
Security | TechRepublic – Read More
VicOne Solutions for Detection of Zero-Day Vulnerabilities and Contextualized Attack Paths
/in General NewsPost Content
darkreading – Read More