Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
Redhotcyber Banner Sito 320x100px Uscita 101125
Fortinet 970x120px

Red Hot Cyber. The Cybersecurity Blog

Apple Supply Chain Hit by Cyberattack: Sensitive Data at Risk
Browser-in-the-Browser Phishing Attack: How to Protect Yourself
Critical WebKit Vulnerability Exposes iOS Devices to Code Execution
Xspeeder Devices Hit by AI-Discovered Zero-Day Vulnerability CVE-2025-54322
Job Scams on Social Media: How to Avoid Fake Remote Job Offers
Cyber Criminals Recruit Insiders: Companies at Risk of Internal Threats
Villager Framework: AI-Powered Penetration Testing Tool
A $500 Tool Claims to Kill EDRs at Kernel Level: Inside the NtKiller Underground Ad
Webrat Malware Targets Security Researchers with GitHub Exploit Traps
A backdoor in NVIDIA code. Three 9.8 bugs plague AI and robotics development systems
Previous Next

Ultime news

Critical Windows Admin Center Flaw CVE-2025-64669 Exposes Servers to Attack Cybercrime

Critical Windows Admin Center Flaw CVE-2025-64669 Exposes Servers to Attack

A security flaw has been discovered in Microsoft's Windows Admin Center (WAC) . Essentially, a permissions error could allow any...
Redazione RHC - 18 December 2025
Ink Dragon Hackers Uncovered: Sophisticated Cyber Espionage Operation Cybercrime

Ink Dragon Hackers Uncovered: Sophisticated Cyber Espionage Operation

It was only a matter of time. Governments around the world have now put their security systems on high alert....
Redazione RHC - 18 December 2025
Google Discontinues Dark Web Report, Shifts to Active Protection Cybercrime

Google Discontinues Dark Web Report, Shifts to Active Protection

No more useless alerts. No more passive monitoring. Less than two years after its launch, Google has decided to shut...
Luca Galuppi - 17 December 2025
CyberVolk Ransomware Flawed: Free File Recovery Possible Cybercrime

CyberVolk Ransomware Flawed: Free File Recovery Possible

This isn't the first time criminal hackers make mistakes, and it won't be the last. The pro-Russian hacktivist group CyberVolk...
Redazione RHC - 17 December 2025
OSINT Ethics and Legality: Navigating Open Source Intelligence Cybercrime

OSINT Ethics and Legality: Navigating Open Source Intelligence

Open Source Intelligence (OSINT) has emerged in recent years as one of the most fascinating, yet most insidious, disciplines in...
Alexandro Irace - 17 December 2025
The Psychology of Passwords: Why Weak Passwords Persist Cybercrime

The Psychology of Passwords: Why Weak Passwords Persist

The psychology of passwords starts right here: trying to understand people before systems. Welcome to "The Mind Behind Passwords," the...
Simone D'Agostino - 17 December 2025
« Precedente   Successivo »

NetSupport RAT Malware Campaign Uncovered: Expert Analysis

- December 11th, 2025

Securonix specialists have discovered a multi-layered malware campaign aimed at secretly installing the NetSupport RAT remote access tool . The attack involves a series of carefully hidden stages, each designed...
Share on Facebook Share on LinkedIn Share on X

Digital Stress: How to Achieve Balance in a Hyper-Connected World

- December 11th, 2025

We live in dissociation: we praise work-life balance, yet we find ourselves constantly online, like puppets on invisible strings. The real problem is not technology, but how we, humans, respond...
Share on Facebook Share on LinkedIn Share on X

DeadLock Ransomware Exploits Baidu Antivirus Vulnerability for EDR Bypass

- December 11th, 2025

Cisco Talos has identified a new ransomware campaign called DeadLock : attackers are exploiting a vulnerable Baidu antivirus driver (CVE-2024-51324) to disable EDR systems using the Bring Your Own Vulnerable...
Share on Facebook Share on LinkedIn Share on X

VPN Credentials on the Dark Web: A Growing Cybersecurity Threat

- December 11th, 2025

In the darkest corners of the internet, the trafficking of stolen data and unauthorized access continues to thrive. A recent post on a closed underground forum shows 896 FortiSSL VPN...
Share on Facebook Share on LinkedIn Share on X

Uncovering Russia’s Cyber Operations: CISM’s Role in DDoS Attacks

- December 11th, 2025

What we wrote in the article " Patriotic Code: from DDoSia and NoName057(16) to CISM, the algorithm that shapes youth for Putin " on Red Hot Cyber on July 23rd...
Share on Facebook Share on LinkedIn Share on X

Microsoft Outlook RCE Vulnerability: Update Now to Prevent Attacks

- December 11th, 2025

A critical remote code execution (RCE) vulnerability in Outlook has been patched by Microsoft, potentially allowing attackers to run malicious code on vulnerable systems. The vulnerability, tracked under CVE-2025-62562, stems...
Share on Facebook Share on LinkedIn Share on X

Google Chrome Urgent Update Fixes Zero-Day Vulnerability

- December 11th, 2025

An urgent update has been released by Google for the stable version of the Desktop browser, in order to address an extremely serious vulnerability that is currently being exploited. This...
Share on Facebook Share on LinkedIn Share on X

EtherRAT Malware Exploits React2Shell Vulnerability with Ethereum C2

- December 11th, 2025

Just two days after the critical React2Shell vulnerability was discovered, Sysdig researchers discovered a new malware, EtherRAT, in a compromised Next.js application. The malware uses Ethereum smart contracts for communication...
Share on Facebook Share on LinkedIn Share on X

Is QDay approaching? QuantWare presents its 10,000-qubit quantum processor

- December 10th, 2025

The world of quantum technology has made an impressive leap forward: QuantWare has unveiled the world's first 10,000-qubit processor, 100 times more than any existing device . Furthermore, the new...
Share on Facebook Share on LinkedIn Share on X

Ivanti Endpoint Manager Vulnerabilities: Update Now to Prevent RCE

- December 10th, 2025

Ivanti has released an urgent update for its Endpoint Manager (EPM) platform, addressing a set of significant vulnerabilities that could allow attackers to execute code of their choosing or hijack...
Share on Facebook Share on LinkedIn Share on X

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Featured Articles

Immagine del sitoCybercrime
Apple Supply Chain Hit by Cyberattack: Sensitive Data at Risk
Redazione RHC - 30/12/2025

During the first half of December, a Chinese company assembling devices for Apple was hit by an advanced cyberattack that may have exposed sensitive information related to a production line. The incident was reported by…

Immagine del sitoCybercrime
Browser-in-the-Browser Phishing Attack: How to Protect Yourself
Manuel Roccon - 29/12/2025

This article analyzes a recent and sophisticated phishing campaign that uses the Browser-in-the-Browser (BitB) technique to steal credentials, particularly those from services like Microsoft 365. The BitB attack is notable for its ability to generate…

Immagine del sitoCybercrime
Critical WebKit Vulnerability Exposes iOS Devices to Code Execution
Redazione RHC - 29/12/2025

A new report details a critical vulnerability discovered by security researcher Joseph Goydish in Apple’s WebKit engine. This security flaw, if exploited in conjunction with other exploits, could allow attackers to execute arbitrary code on…

Immagine del sitoCybercrime
Xspeeder Devices Hit by AI-Discovered Zero-Day Vulnerability CVE-2025-54322
Redazione RHC - 29/12/2025

When it comes to cybersecurity, it’s easy to fall into the trap of thinking that problems are always far away, that they only affect others. But the reality is that a vulnerability is always around…

Immagine del sitoCybercrime
Job Scams on Social Media: How to Avoid Fake Remote Job Offers
Redazione RHC - 29/12/2025

Fraudulent job ads promising easy money and remote work continue to flood social media, particularly in the Middle East and North Africa . Under the guise of part-time jobs that require no experience , scammers…