BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
- Uro - Declutters Url Lists For Crawling/Pentesting
- Wshlient - A Simple Tool To Interact With Web Shells And Command Injection Vulnerabilities
- Pulsegram - Integrated Keylogger With Telegram
Exploit DB
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
- [webapps] Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference (IDOR)
- [webapps] Casdoor 1.901.0 - Cross-Site Request Forgery (CSRF)
- [local] Daikin Security Gateway 14 - Remote Password Reset
- [local] Microsoft Windows - XRM-MS File NTLM Information Disclosure Spoofing
- [local] Microsoft - NTLM Hash Disclosure Spoofing (library-ms)
- [local] ZTE ZXV10 H201L - RCE via authentication bypass
- [local] unzip-stream 0.3.1 - Arbitrary File Write
- [remote] OpenSSH server (sshd) 9.8p1 - Race Condition
- [local] tar-fs 3.0.0 - Arbitrary File Write/Overwrite
Beyond encryption: Why quantum computing might be more of a science boom than a cybersecurity bust
/in General NewsWhile quantum computers will be able to break traditional encryption, we’re still a long way from “No More Secrets” decryption.Read More
Security News | VentureBeat – Read More
RESURGE Malware Exploits Ivanti Flaw with Rootkit and Web Shell Features
/in General NewsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has shed light on a new malware called RESURGE that has been deployed as part of exploitation activity targeting a now-patched security flaw in Ivanti Connect Secure (ICS) appliances.
“RESURGE contains capabilities of the SPAWNCHIMERA malware variant, including surviving reboots; however, RESURGE contains distinctive commands that
The Hacker News – Read More
Don’t make this USB mistake! Protect your data with this discounted encrypted gadget
/in General NewsKingston’s IronKey is one of the most secure USBs you can buy, from a military-standardized build to a complex passphrase mode.
Latest stories for ZDNET in Security – Read More
X (Twitter) Largest Data Breach Ever? 2.8 Billion User Info Leaked
/in General NewsMassive Twitter (X) data breach exposes details of 2.8 billion users; alleged insider leak surfaces with no official response from the company.
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Top Trump Officials’ Passwords and Personal Phone Numbers Discovered Online
/in General NewsPlus: Alleged Snowflake hacker will be extradited to US, internet restrictions create an information vacuum in Myanmar, and London gets its first permanent face recognition cameras.
Security Latest – Read More
New Android Trojan Crocodilus Abuses Accessibility to Steal Banking and Crypto Credentials
/in General NewsCybersecurity researchers have discovered a new Android banking malware called Crocodilus that’s primarily designed to target users in Spain and Turkey.
“Crocodilus enters the scene not as a simple clone, but as a fully-fledged threat from the outset, equipped with modern techniques such as remote control, black screen overlays, and advanced data harvesting via accessibility logging,”
The Hacker News – Read More
SquareX Discloses Browser-Native Ransomware that Puts Millions at Risk
/in General NewsPalo Alto, USA, 29th March 2025, CyberNewsWire
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
BlackLock Ransomware Exposed After Researchers Exploit Leak Site Vulnerability
/in General NewsIn what’s an instance of hacking the hackers, threat hunters have managed to infiltrate the online infrastructure associated with a ransomware group called BlackLock, uncovering crucial information about their modus operandi in the process.
Resecurity said it identified a security vulnerability in the data leak site (DLS) operated by the e-crime group that made it possible to extract
The Hacker News – Read More
Evilginx Tool (Still) Bypasses MFA
/in General NewsBased on the open source NGINX Web server, the malicious tool allows threat actors to steal user credentials and session tokens.
darkreading – Read More
New Morphing Meerkat Phishing Kit Exploits DNS to Spoof 100+ Brands
/in General NewsA recent analysis published by Infoblox reveals a sophisticated phishing operation, dubbed Morphing Meerkat, actively exploiting DNS vulnerabilities…
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More