BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
Legal Aid Agency Warns Lawyers, Defendants on Data Breach
/in General NewsThe online service has since been shut down as the agency grapples with the cyberattack, though it assures the public that those most in need of legal assistance will still be able to access help.
darkreading – Read More
UK Legal Aid Agency Hit by Cyberattack, Sensitive Data Stolen
/in General NewsThe UK Legal Aid Agency has suffered a major cyberattack, with “significant” sensitive data, including criminal records, stolen.…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
A Silicon Valley VC Says He Got the IDF Starlink Access Within Days of October 7 Attack
/in General NewsSequoia Capital partner Shaun Maguire said in a webinar hosted by Israel’s Defense Ministry that he connected the IDF with SpaceX’s Starlink satellite internet far sooner than believed.
Security Latest – Read More
Man Behind SEC Bitcoin Hoax Tweet Sentenced in SIM Swap Hack
/in General NewsEric Council Jr. sentenced for 2024 SIM swap that led to fake Bitcoin ETF tweet from SEC’s X account, briefly impacting crypto markets.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Microsoft goes all in on Anthropic’s MCP standard for safer AI agent deployments
/in General NewsMicrosoft anounced support for the AI data connection standard across its platform at Build 2025.
Latest stories for ZDNET in Security – Read More
Ransomware Gangs Use Skitnet Malware for Stealthy Data Theft and Remote Access
/in General NewsSeveral ransomware actors are using a malware called Skitnet as part of their post-exploitation efforts to steal sensitive data and establish remote control over compromised hosts.
“Skitnet has been sold on underground forums like RAMP since April 2024,” Swiss cybersecurity company PRODAFT told The Hacker News. “However, since early 2025, we have observed multiple ransomware operators using it
The Hacker News – Read More
Pharma giant Regeneron to buy 23andMe and its customers’ data for $256M
/in General News23andMe was sold by bankruptcy auction, a year after the company had a massive data breach.
Security News | TechCrunch – Read More
Reddit, Webflow, and Superhuman are already customers—now GrowthX has $12M to grow
/in General NewsGrowthX secures $12M in funding for its “service-as-software” platform that combines AI with human expertise to boost content marketing results by up to 300%.Read More
Security News | VentureBeat – Read More
SolarWinds security chief on the risks and rewards of being a CISO
/in General NewsAt the RSA Conference in San Francisco this year, Tim Brown talked about the protection CISOs need, Russia’s continued attempts to launch attacks and how companies can navigate the treacherous waters of cyber incidents.
The Record from Recorded Future News – Read More
Over 40,000 iOS Apps Found Exploiting Private Entitlements, Zimperium
/in General NewsA new report from Zimperium is alerting users about growing threats facing iOS devices, particularly those tied to…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More