Red Hot Cyber. The Cybersecurity Blog
Featured Articles

A recent study by Datadog Security Labs reveals an ongoing operation targeting organizations using Microsoft 365 and Okta for single sign-on (SSO) authentication. This operation uses sophisticated tec...

The React Server component security saga continues this week. Following the patching of a critical remote code execution (RCE) vulnerability that led to React2shell, researchers have discovered two ne...

Cisco Talos has identified a new ransomware campaign called DeadLock : attackers are exploiting a vulnerable Baidu antivirus driver (CVE-2024-51324) to disable EDR systems using the Bring Your Own Vul...

What we wrote in the article ” Patriotic Code: from DDoSia and NoName057(16) to CISM, the algorithm that shapes youth for Putin ” on Red Hot Cyber on July 23rd is now fully consistent with the inf...

Gartner analysts have urged businesses to temporarily stop using browsers with built-in artificial intelligence (AI) capabilities . In a recent advisory, the company emphasizes that such tools pose un...
React2Shell Vulnerability: 8.7M Servers at Risk – CVE-2025-55182
Cloudflare Just Broke the Internet… Again. Centralization Risks Exposed
Chinese Cyber Spies Use Brickstorm Malware to Infiltrate Critical Networks
Splunk Enterprise Vulnerability: CVE-2025-20386 and CVE-2025-20387
Apache HTTP Server Update Fixes Critical Security Vulnerabilities
Cyber Insurance: Why Basic Hygiene Matters

React2Shell Vulnerability: 8.7M Servers at Risk – CVE-2025-55182
Redazione RHC - December 4th, 2025
In 2025, the IT and security communities are buzzing with excitement over a single name: " React2Shell ." With the disclosure of a new vulnerability, CVE-2025-55182, classified as CVSS 10.0,...

Cloudflare Just Broke the Internet… Again. Centralization Risks Exposed
Redazione RHC - December 4th, 2025
Cloudflare is back in the spotlight after a new wave of outages that, on December 5, 2025, is affecting several components of the platform. In addition to the Dashboard and...

Chinese Cyber Spies Use Brickstorm Malware to Infiltrate Critical Networks
Redazione RHC - December 4th, 2025
Chinese cyber spies have been lurking in the networks of critical organizations for years, infecting infrastructure with sophisticated malware and stealing data, government agencies and private experts warn. According to...

Splunk Enterprise Vulnerability: CVE-2025-20386 and CVE-2025-20387
Redazione RHC - December 4th, 2025
Security researchers have discovered two high-risk vulnerabilities (CVE-2025-20386 and CVE-2025-20387, with CVSS severity 8.0) affecting the Splunk Enterprise platform and Universal Forwarder components. These vulnerabilities result from incorrect permissions on...

Apache HTTP Server Update Fixes Critical Security Vulnerabilities
Redazione RHC - December 4th, 2025
The Apache Software Foundation has released a significant update for its popular Apache HTTP Server , addressing a total of five separate security vulnerabilities. Administrators are recommended to apply this...

Cyber Insurance: Why Basic Hygiene Matters
Redazione RHC - December 4th, 2025
Cyber insurance has become a topic of discussion on management committees. It's no longer an add-on, but rather an essential consideration in corporate risk management. Yet many companies rely on...
Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

