Red Hot Cyber. The Cybersecurity Blog
Featured Articles

A recent study by Datadog Security Labs reveals an ongoing operation targeting organizations using Microsoft 365 and Okta for single sign-on (SSO) authentication. This operation uses sophisticated tec...

The React Server component security saga continues this week. Following the patching of a critical remote code execution (RCE) vulnerability that led to React2shell, researchers have discovered two ne...

Cisco Talos has identified a new ransomware campaign called DeadLock : attackers are exploiting a vulnerable Baidu antivirus driver (CVE-2024-51324) to disable EDR systems using the Bring Your Own Vul...

What we wrote in the article ” Patriotic Code: from DDoSia and NoName057(16) to CISM, the algorithm that shapes youth for Putin ” on Red Hot Cyber on July 23rd is now fully consistent with the inf...

Gartner analysts have urged businesses to temporarily stop using browsers with built-in artificial intelligence (AI) capabilities . In a recent advisory, the company emphasizes that such tools pose un...
Microsoft Fixes Old Windows LNK Vulnerability Exploited in Attacks
Critical React Server Vulnerability: Update Now to Prevent RCE Attacks
Critical Vulnerability in King Addons for Elementor Exploited
Google Discover AI Headlines: Revolutionizing News Feed or Clickbait Nightmare?
Storm-0900 Phishing Campaign Spreads XWorm Malware
Windows 10 Still Running on 1 Billion PCs, Upgrade to Windows 11 Urged

Microsoft Fixes Old Windows LNK Vulnerability Exploited in Attacks
Redazione RHC - December 3rd, 2025
Microsoft has quietly patched a long-standing Windows vulnerability that has been exploited in real-world attacks for several years. The update was released on November's Patch Tuesday, despite the company having...

Critical React Server Vulnerability: Update Now to Prevent RCE Attacks
Redazione RHC - December 3rd, 2025
Developers and administrators around the world are urgently updating their servers following the discovery of a critical vulnerability in React Server, which allows attackers to remotely execute unauthenticated code with...

Critical Vulnerability in King Addons for Elementor Exploited
Redazione RHC - December 3rd, 2025
During the registration process, a critical security flaw (CVE-2025-8489) in the King Addons WordPress Elementor plugin was exploited by attackers, allowing them to gain administrative privileges via a privilege escalation...

Google Discover AI Headlines: Revolutionizing News Feed or Clickbait Nightmare?
Redazione RHC - December 3rd, 2025
Google is testing AI-generated headlines in its Discover feed, replacing original news headlines with original ones. Sean Hollister, editor-in-chief of The Verge, reported this , noting that short and often...

Storm-0900 Phishing Campaign Spreads XWorm Malware
Redazione RHC - December 3rd, 2025
Over the holiday season, a coordinated attack was detected and blocked by Microsoft Threat Intelligence security analysts, involving tens of thousands of emails crafted to deceive recipients. The cybercriminal group...

Windows 10 Still Running on 1 Billion PCs, Upgrade to Windows 11 Urged
Redazione RHC - December 3rd, 2025
Windows 10 has been officially retired, but it still runs on approximately one billion personal computers worldwide. A significant number of devices are technically ready to upgrade to Windows 11,...
Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

