BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Stacks Mobile App Builder 5.2.3 - Authentication Bypass via Account Takeover
- [remote] Microsoft PowerPoint 2019 - Remote Code Execution (RCE)
- [remote] ScriptCase 9.12.006 (23) - Remote Command Execution (RCE)
- [local] Sudo chroot 1.9.17 - Local Privilege Escalation
- [local] Sudo 1.9.17 Host Option - Elevation of Privilege
- [local] Microsoft Defender for Endpoint (MDE) - Elevation of Privilege
- [webapps] Discourse 3.2.x - Anonymous Cache Poisoning
- [remote] Microsoft Outlook - Remote Code Execution (RCE)
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
Operation Morpheus Disrupts 593 Cobalt Strike Servers Used for Ransomware
/in General NewsGlobal Operation Morpheus dismantles Cobalt Strike network: Law enforcement takes down criminal infrastructure used for ransomware and data…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
California Advances Unique Safety Regulations for AI Companies Despite Tech Firm opposition
/in General NewsLawmakers voted to advance legislation that would require AI companies to test their systems and add safety measures to prevent them from being potentially manipulated for malicious purposes.
The post California Advances Unique Safety Regulations for AI Companies Despite Tech Firm opposition appeared first on SecurityWeek.
SecurityWeek – Read More
ShinyHunters Leak 33M Twilio Authy Phone Numbers, Neiman Marcus and Truist Bank Data
/in General NewsShinyHunters hackers have taken responsibility for three high-profile data breaches involving Neiman Marcus, Truist Bank, and Twilio Authy,…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Alert: French Diplomats Targeted By Russian Cyber Attacks
/in General NewsANSSI warned about a hacking group linked to Russia’s SVR targeting French diplomatic interests. The group has compromised email accounts at the French Ministry of Culture and the National Agency for Territorial Cohesion
Cyware News – Latest Cyber News – Read More
Hackers attack HFS servers to drop malware and Monero miners
/in General NewsHackers are targeting older versions of the HTTP File Server from Rejetto to drop malware and cryptocurrency mining software by exploiting a critical vulnerability (CVE-2024-23692) that allows executing arbitrary commands without authentication.
Cyware News – Latest Cyber News – Read More
Mekotio Banking Trojan Threatens Financial Systems in Latin America
/in General NewsThe Mekotio banking trojan is a highly sophisticated malware that targets Latin American countries, with a focus on stealing banking credentials. It spreads through phishing emails, tricking users into interacting with malicious links or attachments.
Cyware News – Latest Cyber News – Read More
Software Productivity Tools Hijacked to Deliver Infostealers
/in General NewsInnocuous little Windows programs were carrying cheap malware for weeks, exposing customers of the India-based software vendor to data theft.
darkreading – Read More
Ghostscript Vulnerabilities Patched in Recent Ubuntu Updates
/in General NewsCanonical has released Ubuntu security updates to address bugs in Ghostscript, a tool used for interpreting PostScript and PDF files. These vulnerabilities could potentially allow attackers to bypass security restrictions or execute malicious code.
Cyware News – Latest Cyber News – Read More
Splunk fixed tens of flaws in Splunk Enterprise and Cloud Platform
/in General NewsSplunk has released security updates to address 16 vulnerabilities in Splunk Enterprise and Cloud Platform. These vulnerabilities include high-severity flaws such as Remote Code Execution (RCE) and Serialized Session Payload exploits.
Cyware News – Latest Cyber News – Read More
New Android Spyware Steals Data from Gamers and TikTok Users
/in General NewsTransparent Tribe Expands Android Spyware Arsenal: Gamers, Weapons Fans, and TikTok Users Targeted!
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More