Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
Crowdstrike 320×100
HackTheBox 970x120 1

Red Hot Cyber. The Cybersecurity Blog

Apple Supply Chain Hit by Cyberattack: Sensitive Data at Risk
Browser-in-the-Browser Phishing Attack: How to Protect Yourself
Critical WebKit Vulnerability Exposes iOS Devices to Code Execution
Xspeeder Devices Hit by AI-Discovered Zero-Day Vulnerability CVE-2025-54322
Job Scams on Social Media: How to Avoid Fake Remote Job Offers
Cyber Criminals Recruit Insiders: Companies at Risk of Internal Threats
Villager Framework: AI-Powered Penetration Testing Tool
A $500 Tool Claims to Kill EDRs at Kernel Level: Inside the NtKiller Underground Ad
Webrat Malware Targets Security Researchers with GitHub Exploit Traps
A backdoor in NVIDIA code. Three 9.8 bugs plague AI and robotics development systems
Previous Next

Ultime news

Google Unveils Gemini 3 Flash AI Model, Rivals OpenAI GPT-5.2 innovation

Google Unveils Gemini 3 Flash AI Model, Rivals OpenAI GPT-5.2

The battle for AI leadership is increasingly moving from the lab to mass production. The day after the release of...
Redazione RHC - 18 December 2025
Rise of AI Degrees: Students Shift from Computer Science to AI Cybercrime

Rise of AI Degrees: Students Shift from Computer Science to AI

A marked shift in college student preferences is taking place in the United States. More and more young people are...
Redazione RHC - 18 December 2025
SonicWall SMA1000 Vulnerability: Critical Security Patch Released Cybercrime

SonicWall SMA1000 Vulnerability: Critical Security Patch Released

Researchers have discovered a vulnerability, identified as CVE-2025-40602, affecting SonicWall's SMA1000 series of secure access gateways. This flaw is particularly...
Redazione RHC - 18 December 2025
HPE OneView Vulnerability CVE-2025-37164: Critical Security Update Required Cybercrime

HPE OneView Vulnerability CVE-2025-37164: Critical Security Update Required

Cybersecurity is a serious issue, especially when it comes to vulnerabilities that can compromise an entire system. Well, Hewlett Packard...
Redazione RHC - 18 December 2025
CISA Warns of Critical Vulnerabilities in Cisco, SonicWall, and ASUS Devices Cybercrime

CISA Warns of Critical Vulnerabilities in Cisco, SonicWall, and ASUS Devices

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert including three new vulnerabilities in its catalog of...
Redazione RHC - 18 December 2025
Critical Windows Admin Center Flaw CVE-2025-64669 Exposes Servers to Attack Cybercrime

Critical Windows Admin Center Flaw CVE-2025-64669 Exposes Servers to Attack

A security flaw has been discovered in Microsoft's Windows Admin Center (WAC) . Essentially, a permissions error could allow any...
Redazione RHC - 18 December 2025
« Precedente   Successivo »

NANOREMOTE Trojan Uses Google Drive for Command and Control

- December 12th, 2025

A new multifunctional Windows Trojan called NANOREMOTE uses a cloud file storage service as its command center , making the threat harder to detect and giving attackers a persistent channel...
Share on Facebook Share on LinkedIn Share on X

Microsoft Azure OAuth Attack: ConsentFix Malware Steals Accounts

- December 12th, 2025

A new scheme called " ConsentFix " expands the capabilities of the already known ClickFix social media attack and allows Microsoft accounts to be hijacked without a password or multi-factor...
Share on Facebook Share on LinkedIn Share on X

Linux Foundation Launches Agentic AI Foundation with Key Tech Players

- December 12th, 2025

The establishment of the Agentic AI Foundation (AAIF), a dedicated fund under the auspices of the Linux Foundation , was jointly announced by several leading companies in the field of...
Share on Facebook Share on LinkedIn Share on X

Disney Invests $1 Billion in OpenAI for Sora Video Deal

- December 12th, 2025

Disney will invest $1 billion in OpenAI and officially license its characters for use in its Sora video generator. The deal comes amid a heated debate in Hollywood over how...
Share on Facebook Share on LinkedIn Share on X

Microsoft 365 Okta Phishing Attack: Experts Warn of New Threat

- December 12th, 2025

A recent study by Datadog Security Labs reveals an ongoing operation targeting organizations using Microsoft 365 and Okta for single sign-on (SSO) authentication. This operation uses sophisticated techniques to bypass...
Share on Facebook Share on LinkedIn Share on X

React Server Components Vulnerability: Update to Prevent DoS Attacks

- December 12th, 2025

The React Server component security saga continues this week. Following the patching of a critical remote code execution (RCE) vulnerability that led to React2shell, researchers have discovered two new vulnerabilities....
Share on Facebook Share on LinkedIn Share on X

Critical Windows PowerShell Vulnerability CVE-2025-54100: Update Now

- December 12th, 2025

An urgent security update has been released to address a critical vulnerability in Windows PowerShell that allows attackers to execute malicious code on affected systems. This security flaw, designated CVE-2025-54100,...
Share on Facebook Share on LinkedIn Share on X

Telegram Losing Ground to Crackdown on Cybercrime Activities

- December 12th, 2025

Telegram, which over the course of its history has become one of the most popular messaging apps in the world, is gradually losing its status as a convenient platform for...
Share on Facebook Share on LinkedIn Share on X

Notepad++ Vulnerability Fixed: Update to 8.8.9 to Avoid Malware

- December 11th, 2025

Notepad++ is often targeted by attackers because the software is popular and widely used. A recently discovered vulnerability in the open-source text and code editor Notepad++ could allow attackers to...
Share on Facebook Share on LinkedIn Share on X

NetSupport RAT Malware Campaign Uncovered: Expert Analysis

- December 11th, 2025

Securonix specialists have discovered a multi-layered malware campaign aimed at secretly installing the NetSupport RAT remote access tool . The attack involves a series of carefully hidden stages, each designed...
Share on Facebook Share on LinkedIn Share on X

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Featured Articles

Immagine del sitoCybercrime
Apple Supply Chain Hit by Cyberattack: Sensitive Data at Risk
Redazione RHC - 30/12/2025

During the first half of December, a Chinese company assembling devices for Apple was hit by an advanced cyberattack that may have exposed sensitive information related to a production line. The incident was reported by…

Immagine del sitoCybercrime
Browser-in-the-Browser Phishing Attack: How to Protect Yourself
Manuel Roccon - 29/12/2025

This article analyzes a recent and sophisticated phishing campaign that uses the Browser-in-the-Browser (BitB) technique to steal credentials, particularly those from services like Microsoft 365. The BitB attack is notable for its ability to generate…

Immagine del sitoCybercrime
Critical WebKit Vulnerability Exposes iOS Devices to Code Execution
Redazione RHC - 29/12/2025

A new report details a critical vulnerability discovered by security researcher Joseph Goydish in Apple’s WebKit engine. This security flaw, if exploited in conjunction with other exploits, could allow attackers to execute arbitrary code on…

Immagine del sitoCybercrime
Xspeeder Devices Hit by AI-Discovered Zero-Day Vulnerability CVE-2025-54322
Redazione RHC - 29/12/2025

When it comes to cybersecurity, it’s easy to fall into the trap of thinking that problems are always far away, that they only affect others. But the reality is that a vulnerability is always around…

Immagine del sitoCybercrime
Job Scams on Social Media: How to Avoid Fake Remote Job Offers
Redazione RHC - 29/12/2025

Fraudulent job ads promising easy money and remote work continue to flood social media, particularly in the Middle East and North Africa . Under the guise of part-time jobs that require no experience , scammers…