Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
320x100 Itcentric
UtiliaCS 970x120

Red Hot Cyber. The Cybersecurity Blog

Undertow Vulnerability CVE-2025-12543 Exposes Java Ecosystem to Critical Security Risks
Iran Protests Escalate as Reza Pahlavi Calls for Action Against Government
Veeam Backup Vulnerability: Critical RCE Flaw Discovered – Update Now
When Attack Discovery Becomes Automated, Detection Stops Scaling
CVE-2026-21858: n8n Vulnerability Exposes Thousands of Servers to RCE
Disable Windows 11 AI Features Easily with RemoveWindowsAI Tool
DevSecOps: Integrating Security into Your Development Process
WhatsApp Device Fingerprinting: New Measures Against Privacy Threats
PS5 BootROM Key Leaked, Sony’s Security Compromised
Windows 11 Performance Test: Surprising Results with Windows 8.1
Previous Next

Ultime news

MongoBleed Vulnerability Exploited: Update MongoDB Now to Prevent Data Breach Cybercrime

MongoBleed Vulnerability Exploited: Update MongoDB Now to Prevent Data Breach

The Cybersecurity and Infrastructure Security Agency (CISA) has officially raised the alarm about a critical vulnerability in MongoDB, adding the...
Redazione RHC - 30 December 2025
Apple Supply Chain Hit by Cyberattack: Sensitive Data at Risk Cybercrime

Apple Supply Chain Hit by Cyberattack: Sensitive Data at Risk

During the first half of December, a Chinese company assembling devices for Apple was hit by an advanced cyberattack that...
Redazione RHC - 30 December 2025
Browser-in-the-Browser Phishing Attack: How to Protect Yourself Cybercrime

Browser-in-the-Browser Phishing Attack: How to Protect Yourself

This article analyzes a recent and sophisticated phishing campaign that uses the Browser-in-the-Browser (BitB) technique to steal credentials, particularly those...
Manuel Roccon - 29 December 2025
Critical WebKit Vulnerability Exposes iOS Devices to Code Execution Cybercrime

Critical WebKit Vulnerability Exposes iOS Devices to Code Execution

A new report details a critical vulnerability discovered by security researcher Joseph Goydish in Apple's WebKit engine. This security flaw,...
Redazione RHC - 29 December 2025
Xspeeder Devices Hit by AI-Discovered Zero-Day Vulnerability CVE-2025-54322 Cybercrime

Xspeeder Devices Hit by AI-Discovered Zero-Day Vulnerability CVE-2025-54322

When it comes to cybersecurity, it's easy to fall into the trap of thinking that problems are always far away,...
Redazione RHC - 29 December 2025
TurboDiffusion: AI Video Generation Accelerated Up to 200 Times Cybercrime

TurboDiffusion: AI Video Generation Accelerated Up to 200 Times

Automatic video generation using artificial intelligence took a significant leap on December 25, 2025, when Tsinghua University announced the open...
Redazione RHC - 29 December 2025
« Precedente   Successivo »

San Francisco Power Outage Exposes Waymo Self-Driving Car Vulnerabilities

- December 22nd, 2025

A massive power outage in San Francisco has disrupted self-driving vehicle traffic. Waymo self-driving vehicles have been spotted on city streets, stopped at intersections with their emergency lights on. The...
Share on Facebook Share on LinkedIn Share on X

Microsoft Shifts Activation Process: What It Means for Air-Gapped Systems

- December 22nd, 2025

In the past, many users and system administrators have relied on Microsoft's telephone activation service to manage installations in specific contexts. During the Windows 8 era, MAK ( Multiple Activation...
Share on Facebook Share on LinkedIn Share on X

PuTTY Under Siege: Hackers Exploit Popular Client for SSH Attacks

- December 22nd, 2025

Hackers love to exploit the most innocuous tools to infiltrate their targets' networks, and we all know this. And in this case, they're targeting PuTTY , the popular SSH client....
Share on Facebook Share on LinkedIn Share on X

OAuth Device Code Phishing: New Attack Vector for Account Takeover

- December 22nd, 2025

Cybercriminals are getting smarter and have found a new way to exploit corporate security protocols. It seems incredible, but it's true: they're using a legitimate Microsoft authentication feature to steal...
Share on Facebook Share on LinkedIn Share on X

DIG AI: The Dark Web’s New AI Tool for Cybercrime

- December 21st, 2025

A new AI tool has appeared on the dark web and quickly attracted the attention of security experts, and not for the best of reasons. This is an artificial intelligence...
Share on Facebook Share on LinkedIn Share on X

TikTok Accused of Illegally Tracking Users’ Data Across Apps

- December 21st, 2025

The popular video app TikTok has found itself at the center of a new scandal over violations of European data protection regulations. The service has been found to track users'...
Share on Facebook Share on LinkedIn Share on X

Naftali Bennett Telegram Account Hacked in Israel Politics

- December 21st, 2025

Former Israeli Prime Minister Naftali Bennett has admitted that his Telegram account was hacked, although his device was not compromised. He made the announcement following reports of a hacked iPhone...
Share on Facebook Share on LinkedIn Share on X

Cisco Secure Email Gateway Vulnerability Exploited: Act Now

- December 21st, 2025

A critical zero-day flaw in Cisco Secure Email Gateway and Cisco Secure Email and Web Manager devices is causing concern among security researchers. With over 120 vulnerable devices already identified...
Share on Facebook Share on LinkedIn Share on X

Airbus Eyes Sovereign Cloud to Mitigate US Data Risks

- December 21st, 2025

In recent months, a question has been emerging with increasing insistence on European corporate boards: is the US cloud really safe for all companies? Especially for those operating in strategic...
Share on Facebook Share on LinkedIn Share on X

North Korean Hackers Steal $2 Billion in Crypto, Targeting DeFi Sector

- December 21st, 2025

In 2025, North Korean hackers stole a record $2 billion in cryptocurrency , 51% more than the previous year. However, the number of attacks has decreased, while the damage has...
Share on Facebook Share on LinkedIn Share on X

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Featured Articles

Immagine del sitoCybercrime
Undertow Vulnerability CVE-2025-12543 Exposes Java Ecosystem to Critical Security Risks
Redazione RHC - 09/01/2026

A flaw has been discovered in the foundation of the Java web ecosystem. Undertow , the high-performance web server that powers enterprise heavyweights like WildFly and JBoss EAP , has been hit by a critical…

Immagine del sitoCybercrime
Iran Protests Escalate as Reza Pahlavi Calls for Action Against Government
Redazione RHC - 09/01/2026

Iranian protesters chanted and marched through the streets until Friday morning, following a call from exiled former Prince Reza Pahlavi to demonstrate, despite the Iranian theocracy cutting off the country from the internet and international…

Immagine del sitoCybercrime
Veeam Backup Vulnerability: Critical RCE Flaw Discovered – Update Now
Redazione RHC - 08/01/2026

Backups are generally considered the last line of defense, but this week Veeam reminded us that backup systems themselves can become entry points for attacks. The company released security updates for Backup & Replication ,…

Immagine del sitoCybercrime
When Attack Discovery Becomes Automated, Detection Stops Scaling
Alexander Rogan - 08/01/2026

For much of the past two decades, cybersecurity has been built on a simple assumption: malicious activity can be detected, analysed, and responded to before meaningful damage occurs. This assumption shaped everything from SOC design…

Immagine del sitoCybercrime
CVE-2026-21858: n8n Vulnerability Exposes Thousands of Servers to RCE
Redazione RHC - 08/01/2026

The vulnerability, identified as CVE-2026-21858, which we recently reported on, affects approximately 100,000 servers worldwide, threatening to expose proprietary API keys, customer databases, and AI workflows. The vulnerability, with a CVSS score of 10, has…