Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
Home
And let the phishing begin! Microsoft is taking action against a zero-day exploit already exploited in Office-ServiceNow Under Attack: How an Email Can Open the Doors to Your Business-Shocking Discovery on Instagram: Private Posts Accessible Without Login!-Email Security Under Pressure: Phishing Kits to Double in 2025-How a simple Visual Studio Code file can become a backdoor for state-run hackers-And let the phishing begin! Microsoft is taking action against a zero-day exploit already exploited in Office-ServiceNow Under Attack: How an Email Can Open the Doors to Your Business-Shocking Discovery on Instagram: Private Posts Accessible Without Login!-Email Security Under Pressure: Phishing Kits to Double in 2025-How a simple Visual Studio Code file can become a backdoor for state-run hackers
LECS 320x100 1
970x120 Olympous

Red Hot Cyber. The Cybersecurity Blog

    149 Million Accounts Exposed: The Database No One Should Have Seen
    Massimiliano Brolli | Cybercrime | 26/01/2026

    A recent leak revealed 149 million logins and passwords exposed online , including accounts for financial services, social media, gaming, and dating sites. The discovery was made by researcher Jeremia...

    When Malware Hides in Videos! The PixelCode Technique Breaks the Rules
    Marcello Filacchioni | Cybercrime | 26/01/2026

    PixelCode began as a research project exploring a hidden technique for storing binary data within images or videos . Instead of leaving a plaintext executable, the file is converted into pixel data, t...

    CISA alert: Exploit underway against VMware vCenter. Risk of RCE without authentication.
    Manuel Roccon | Cyber News | 25/01/2026

    The critical vulnerability recently added to the Cybersecurity and Infrastructure Security Agency (CISA) catalog of known exploited vulnerabilities (KEVs) affects the Broadcom VMware vCenter Server an...

    “I Stole 120,000 Bitcoins”: The Confession of the Bitfinex Hacker Who Now Wants to Defend Cyberspace
    Agostino Pellegrino | Cyber News | 25/01/2026

    The story ofIlya Lichtenstein, the hacker responsible for one of the largest cyber attacks ever carried out against cryptocurrencies, reads like an episode of a TV series, yet it is absolutely real. A...

    NoName057(16) hits Italy 487 times in the last 3 months: the DDoS wave does not stop
    Marcello Filacchioni | Cyber News | 24/01/2026

    Italy has confirmed itself as one of the main targets of the DDoS attack campaign carried out by the hacktivist group NoName057(16) . According to what was declared directly by the collective, our cou...

    Nearly 2,000 bugs in 100 dating apps: How your data can be stolen
    Agostino Pellegrino | Cyber News | 23/01/2026

    A study of 100 dating apps revealed a disturbing picture: nearly 2,000 vulnerabilities were detected, 17% of which were classified as critical. The analysis was conducted by AppSec Solutions. The stud...

    MacSync: The macOS malware that empties your wallet… after weeks
    Massimiliano Brolli | Cyber News | 23/01/2026

    A new malware campaign has emerged in the macOS world, one that relies not on sophisticated exploits, but on good old-fashioned social engineering. It’s powered by the MacSync malware, distributed usi...

    PurpleBravo’s Contagious Interview: Malware Campaign Targets Global Firms
    Sandro Sana | Cyber News | 22/01/2026

    For over a year, the North Korean group PurpleBravo has been running a targeted malware campaign called “Contagious Interview,” using fake job interviews to attack companies in Europe, Asia, the Middl...

    KONNI Malware Targets Crypto Developers with AI-Powered Attacks
    Stefano Gazzella | Cyber News | 22/01/2026

    Check Point Research recently discovered a sophisticated phishing campaign orchestrated by KONNI , a threat group linked to North Korea . Historically focused on diplomatic targets in South Korea, the...

    Cisco Zero-Day Vulnerability CVE-2026-20045 Actively Exploited
    Agostino Pellegrino | Vulnerability | 22/01/2026

    A critical zero-day remote code execution (RCE) vulnerability, identified as CVE-2026-20045, has been discovered by Cisco and is being actively exploited in active attacks. Cisco has urged immediate p...

    Precedente Successivo

    Ultime news

    1X NEO Robot Unveils World Model for Advanced Learning Cyber News

    1X NEO Robot Unveils World Model for Advanced Learning

    1X has released a major update for its NEO humanoid robot , not promising much but introducing a significant change...
    Redazione RHC - 13 January 2026
    Cybercrime Meets Real-Life Violence: Foxtrot Network’s Dark Side Cyber News

    Cybercrime Meets Real-Life Violence: Foxtrot Network’s Dark Side

    In recent months, there has been increasing talk of a paradigm shift in cybercrime . What for years was perceived...
    Redazione RHC - 13 January 2026
    EDRStartupHinder: Bypassing Windows EDR Security with BindLink Cyber News

    EDRStartupHinder: Bypassing Windows EDR Security with BindLink

    Sometimes, to disable Windows protection , you don't need to attack the antivirus directly. Simply preventing it from starting properly...
    Redazione RHC - 13 January 2026
    Burnout in Cybersecurity: The Hidden Risk to Your Organization Culture

    Burnout in Cybersecurity: The Hidden Risk to Your Organization

    In the world of cybersecurity, we often talk about attacks, vulnerabilities, and incidents. Less is said about a silent variable...
    Paloma Donadi - 13 January 2026
    APT28 Phishing Campaign: Credential Harvesting Tactics Cybercrime

    APT28 Phishing Campaign: Credential Harvesting Tactics

    The threat actor APT28 , classified as an Advanced Persistent Threat, active since at least 2004, identified by the alias...
    Lorenzo Nardi - 13 January 2026
    Iran Cyber Crisis: Connettività Compromised Cybercrime

    Iran Cyber Crisis: Connettività Compromised

    Sometimes important things don't arrive at a press conference. They arrive like a graph that stops breathing: the connectivity line...
    Roberto Villani - 13 January 2026
    « Precedente   Successivo »

    PentestAgent: Revolutionizing Penetration Testing with AI-Powered Tools

    PentestAgent is another new open source project developed by the GH05TCREW group that aims to support penetration testing activities through the use of agents based on language models. The tool...

    - January 5th, 2026

    Share on Facebook Share on LinkedIn Share on X

    US Treasury Removes Sanctions on Intellexa Spyware Developers

    The U.S. Treasury Department unexpectedly removed from its sanctions list three individuals previously accused of ties to Intellexa , the developer of the Predator spyware . The decision was made...

    - January 5th, 2026

    Share on Facebook Share on LinkedIn Share on X

    Rue Language: Revolutionizing System Programming with AI

    Veteran software developer Steve Klabnik, who helped create Rust and Ruby on Rails, has started work on a new programming language called Rue . The name may seem ambiguous— it...

    - January 5th, 2026

    Share on Facebook Share on LinkedIn Share on X

    Password Security: The Impact of Human Behavior on Password Strength

    Password security and human behavior are more connected than we think. In previous episodes, we tried to shift our focus: passwords don't just protect systems, they tell stories about people....

    - January 4th, 2026

    Share on Facebook Share on LinkedIn Share on X

    Potential Data Breach at Pickett USA Exposes Critical Energy Infrastructure

    An unknown attacker claims to have hacked Pickett and Associates (Pickett USA), a Florida-based engineering firm, and is now selling a large amount of engineering data related to projects managed...

    - January 4th, 2026

    Share on Facebook Share on LinkedIn Share on X

    Forensic Timeliner: Advanced Digital Forensics Tool for DFIR Analysis

    Forensic Timeliner is a high-performance forensic processing engine designed to support DFIR (Digital Forensics and Incident Response ) analysts in artifact triage and correlation. The tool allows you to quickly...

    - January 4th, 2026

    Share on Facebook Share on LinkedIn Share on X

    Google Unveils Nano Banana 2 Flash for Rapid Image Generation

    Google is preparing to introduce a new generative AI model for image processing: the Nano Banana 2 Flash . It will be part of its Flash lineup , which focuses...

    - January 4th, 2026

    Share on Facebook Share on LinkedIn Share on X

    Ancient Chinese Silk Loom: The World’s First Computer?

    When you evaluate a computer not just by its outer casing and display, but fundamentally as a machine that accepts directions, performs actions automatically, and delivers results, a contender for...

    - January 3rd, 2026

    Share on Facebook Share on LinkedIn Share on X

    Neuralink’s Brain-Computer Implants to Revolutionize Human Life by 2026

    Neuralink, Elon Musk's brain implant company, is preparing to realize what until recently seemed like science fiction. According to Musk, the company plans to launch "large-scale production" of brain-computer devices...

    - January 3rd, 2026

    Share on Facebook Share on LinkedIn Share on X

    Zero-Day Exploits on the Rise: How to Protect Your Network

    Until recently, zero-day vulnerabilities seemed like exotic artifacts from the world of special operations and espionage . Now they're a common tool for hacking corporate networks, and not just because...

    - January 2nd, 2026

    Share on Facebook Share on LinkedIn Share on X

    Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

    Featured Articles

    Immagine del sitoCyber News
    And let the phishing begin! Microsoft is taking action against a zero-day exploit already exploited in Office
    Redazione RHC - 27/01/2026

    Once again, Microsoft was forced to quickly fix some flaws. The company has released unscheduled patches for Microsoft Office, addressing a dangerous zero-day vulnerability that has already been exploited in cyberattacks. The issue, identified as…

    Immagine del sitoCyber News
    ServiceNow Under Attack: How an Email Can Open the Doors to Your Business
    Redazione RHC - 27/01/2026

    The recent discovery of a vulnerability in ServiceNow’s AI platform has shaken the cybersecurity industry. This flaw, characterized by an extremely high severity score, allowed unauthenticated attackers to impersonate any corporate user. To launch the…

    Immagine del sitoCybercrime
    149 Million Accounts Exposed: The Database No One Should Have Seen
    Massimiliano Brolli - 26/01/2026

    A recent leak revealed 149 million logins and passwords exposed online , including accounts for financial services, social media, gaming, and dating sites. The discovery was made by researcher Jeremiah Fowler and shared with ExpressVPN.…

    Immagine del sitoCybercrime
    When Malware Hides in Videos! The PixelCode Technique Breaks the Rules
    Marcello Filacchioni - 26/01/2026

    PixelCode began as a research project exploring a hidden technique for storing binary data within images or videos . Instead of leaving a plaintext executable, the file is converted into pixel data, transforming each byte…

    Immagine del sitoCyber News
    How a simple Visual Studio Code file can become a backdoor for state-run hackers
    Redazione RHC - 26/01/2026

    Security researchers have recently observed a worrying evolution in the offensive tactics attributed to North Korean-linked actors as part of the campaign known as Contagious Interview : no longer simple fake job interview scams, but…