BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
Coinbase Says Rogue Contractor Data Breach Affects 69,461 Users
/in General NewsA mandatory filing to the Maine Attorney General says 69,461 customers nationwide were affected and dates the breach back to last December.
The post Coinbase Says Rogue Contractor Data Breach Affects 69,461 Users appeared first on SecurityWeek.
SecurityWeek – Read More
KrebsOnSecurity Hit with 6.3 Tbps DDoS Attack via Aisuru Botnet
/in General NewsKrebsOnSecurity hit and survided a record-breaking 6.3 Tbps DDoS attack linked to the Aisuru IoT botnet, but it shows the vulnerable state of IoT devices.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Coinbase says its data breach affects at least 69,000 customers
/in General NewsThe crypto giant said the unauthorized access to customer data dates back to late December 2024.
Security News | TechCrunch – Read More
M&S says cyberattack will hit profits by £300 million, disruption to last until July
/in General NewsBritish retailer M&S reported that a recent cyberattack will have a £300 million impact on its operating profit “before cost mitigation, insurance and trading actions.”
The Record from Recorded Future News – Read More
US Student to Plead Guilty Over PowerSchool Hack
/in General NewsMatthew Lane allegedly hacked PowerSchool using stolen credentials and admitted to extorting a telecoms provider.
The post US Student to Plead Guilty Over PowerSchool Hack appeared first on SecurityWeek.
SecurityWeek – Read More
Cellcom Service Disruption Caused by Cyberattack
/in General NewsWireless carrier Cellcom has confirmed that a week-long widespread service outage is the result of a cyberattack.
The post Cellcom Service Disruption Caused by Cyberattack appeared first on SecurityWeek.
SecurityWeek – Read More
3 Teens Almost Got Away With Murder. Then Police Found Their Google Searches
/in General NewsAn arson attack in Colorado had detectives stumped. The way they solved the case could put everyone at risk.
Security Latest – Read More
Scammers Use Fake Kling AI Ads to Spread Malware
/in General NewsScammers impersonate Kling AI (AI-powered video generation tool) using fake ads and websites to spread malware. Check Point Research details how the attack tricks users into downloading RATs.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Ransomware Attack Forces Kettering Health to Cancel Procedures
/in General NewsKettering Health has canceled inpatient and outpatient procedures as it deals with a system-wide outage caused by a ransomware attack.
The post Ransomware Attack Forces Kettering Health to Cancel Procedures appeared first on SecurityWeek.
SecurityWeek – Read More
Critical OpenPGP.js Vulnerability Allows Spoofing
/in General NewsAn OpenPGP.js vulnerability tracked as CVE-2025-47934 allows message signature verification to be spoofed.
The post Critical OpenPGP.js Vulnerability Allows Spoofing appeared first on SecurityWeek.
SecurityWeek – Read More