BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- TruffleHog Explorer - A User-Friendly Web-Based Tool To Visualize And Analyze Data Extracted Using TruffleHog
- PANO - Advanced OSINT Investigation Platform Combining Graph Visualization, Timeline Analysis, And AI Assistance To Uncover Hidden Connections In Data
- Wappalyzer-Next - Python library that uses Wappalyzer extension (and its fingerprints) to detect technologies
- Telegram-Checker - A Python Tool For Checking Telegram Accounts Via Phone Numbers Or Usernames
- Torward - An Improved Version Based On The Torghost-Gn And Darktor Scripts, Designed To Enhance Anonymity On The Internet
- Instagram-Brute-Force-2024 - Instagram Brute Force 2024 Compatible With Python 3.13 / X64 Bit / Only Chrome Browser
- QuickResponseC2 - A Command & Control Server That Leverages QR Codes To Send Commands And Receive Results From Remote Systems
- Telegram-Scraper - A Powerful Python Script That Allows You To Scrape Messages And Media From Telegram Channels Using The Telethon Library
- Moukthar - Android Remote Administration Tool
- Lobo Guará - Cyber Threat Intelligence Platform
Exploit DB
- [webapps] KiviCare Clinic & Patient Management System (EHR) 3.6.4 - Unauthenticated SQL Injection
- [webapps] Hunk Companion Plugin 1.9.0 - Unauthenticated Plugin Installation
- [webapps] Tatsu 3.3.11 - Unauthenticated RCE
- [webapps] Apache Commons Text 1.10.0 - Remote Code Execution
- [webapps] Inventio Lite 4 - SQL Injection
- [webapps] UJCMS 9.6.3 - User Enumeration via IDOR
- [remote] Langflow 1.3.0 - Remote Code Execution (RCE)
- [webapps] Angular-Base64-Upload Library 0.1.21 - Unauthenticated Remote Code Execution (RCE)
- [hardware] ABB Cylon Aspect 3.08.02 (deployStart.php) - Unauthenticated Command Execution
- [remote] TP-Link VN020 F3v(T) TT_V6.2.1021 - Denial Of Service (DOS)
Google Chrome is killing more extensions than you think – is your old favorite on the list?
/in General NewsGoogle’s Manifest V3 platform is clobbering many popular extensions. Here’s why and what you can do about it.
Latest stories for ZDNET in Security – Read More
Cobalt Strike Abuse Dropped 80% in Two Years
/in General NewsFortra has shared an update on the effects of actions taken to reduce the abuse of Cobalt Strike by threat actors.
The post Cobalt Strike Abuse Dropped 80% in Two Years appeared first on SecurityWeek.
SecurityWeek – Read More
When Seconds Count: How to Survive Fast-and-Furious DDoS Microbursts
/in General NewsIn the battle against two-minute micro-attacks that can knock out critical communication services, the difference between success and failure can literally come down to seconds.
darkreading – Read More
Developer Convicted for Hacking Former Employer’s Systems
/in General NewsDavis Lu was convicted of sabotaging his employer’s systems through malicious code, and deleting encrypted data.
The post Developer Convicted for Hacking Former Employer’s Systems appeared first on SecurityWeek.
SecurityWeek – Read More
Desert Dexter Targets 900 Victims Using Facebook Ads and Telegram Malware Links
/in General NewsThe Middle East and North Africa have become the target of a new campaign that delivers a modified version of a known malware called AsyncRAT since September 2024.
“The campaign, which leverages social media to distribute malware, is tied to the region’s current geopolitical climate,” Positive Technologies researchers Klimentiy Galkin and Stanislav Pyzhov said in an analysis published last week.
The Hacker News – Read More
Mass Exploitation of Critical PHP Vulnerability Begins
/in General NewsGreyNoise warns of mass exploitation of a critical vulnerability in PHP leading to remote code execution on vulnerable servers.
The post Mass Exploitation of Critical PHP Vulnerability Begins appeared first on SecurityWeek.
SecurityWeek – Read More
Google Paid Out $12 Million via Bug Bounty Programs in 2024
/in General NewsIn 2024, Google paid out nearly $12 million in bug bounties through its revamped vulnerability reward programs.
The post Google Paid Out $12 Million via Bug Bounty Programs in 2024 appeared first on SecurityWeek.
SecurityWeek – Read More
560,000 People Impacted Across Four Healthcare Data Breaches
/in General NewsSeveral healthcare organizations in different US states have disclosed data breaches affecting 100,000-200,000 individuals.
The post 560,000 People Impacted Across Four Healthcare Data Breaches appeared first on SecurityWeek.
SecurityWeek – Read More
⚡ THN Weekly Recap: New Attacks, Old Tricks, Bigger Impact
/in General NewsCyber threats today don’t just evolve—they mutate rapidly, testing the resilience of everything from global financial systems to critical infrastructure. As cybersecurity confronts new battlegrounds—ranging from nation-state espionage and ransomware to manipulated AI chatbots—the landscape becomes increasingly complex, prompting vital questions: How secure are our cloud environments? Can our
The Hacker News – Read More
Most AI voice cloning tools aren’t safe from scammers, Consumer Reports finds
/in General NewsConsumer Reports assessed the most leading voice cloning tools, including Descript and ElevenLabs. Here’s the verdict.
Latest stories for ZDNET in Security – Read More