Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
UtiliaCS 320x100
Fortinet 970x120px

Red Hot Cyber. The Cybersecurity Blog

Browser-in-the-Browser Phishing Attack: How to Protect Yourself
Critical WebKit Vulnerability Exposes iOS Devices to Code Execution
Xspeeder Devices Hit by AI-Discovered Zero-Day Vulnerability CVE-2025-54322
Job Scams on Social Media: How to Avoid Fake Remote Job Offers
Cyber Criminals Recruit Insiders: Companies at Risk of Internal Threats
Villager Framework: AI-Powered Penetration Testing Tool
A $500 Tool Claims to Kill EDRs at Kernel Level: Inside the NtKiller Underground Ad
Webrat Malware Targets Security Researchers with GitHub Exploit Traps
A backdoor in NVIDIA code. Three 9.8 bugs plague AI and robotics development systems
La Poste Hit by Pro-Russian DDoS Attack During Peak Holiday Season
Previous Next

Ultime news

Protecting Loved Ones from Scams and Financial Abuse Cybercrime

Protecting Loved Ones from Scams and Financial Abuse

Hi guys,My name is Giorgio , I'm 58 years old, I've always worked as an administrative technician, and in life,...
Redazione RHC - 15 December 2025
Critical Windows Vulnerability CVE-2025-59230 Exposed Cybercrime

Critical Windows Vulnerability CVE-2025-59230 Exposed

Windows services dedicated to remote connections have always been an inexhaustible source of "satisfaction" for those involved in cybersecurity, revealing...
Redazione RHC - 15 December 2025
Women in Cybersecurity: Breaking Down Barriers and Stereotypes Cybercrime

Women in Cybersecurity: Breaking Down Barriers and Stereotypes

The scene is always the same: monitors lit, dashboards full of alerts, logs scrolling too quickly, an anxious customer on...
Ada Spinelli - 15 December 2025
Storm-0249 Uses DLL Sideloading in Highly Targeted Attacks Cybercrime

Storm-0249 Uses DLL Sideloading in Highly Targeted Attacks

A well-known initial access broker (IAB) called " Storm-0249 " has changed its operational strategies, using phishing campaigns as well...
Redazione RHC - 15 December 2025
VS Code Extensions Infected with Sophisticated Malware via Typosquatting Cybercrime

VS Code Extensions Infected with Sophisticated Malware via Typosquatting

A sophisticated malware campaign has been detected within the Visual Studio Code (VS Code) marketplace. Researchers at ReversingLabs (RL) have...
Redazione RHC - 15 December 2025
NVIDIA Merlin Security Update: Fixing High-Severity Vulnerabilities Cybercrime

NVIDIA Merlin Security Update: Fixing High-Severity Vulnerabilities

NVIDIA has released a significant security update for its Merlin framework, addressing several high-severity vulnerabilities. These vulnerabilities could allow attackers...
Redazione RHC - 15 December 2025
« Precedente   Successivo »

Passwordless Authentication: The Future of Secure Online Access

- December 9th, 2025

Using passwords to access online accounts is no longer as secure as it once was. In fact, passwords are now one of the most common vulnerabilities used by cybercriminals to...
Share on Facebook Share on LinkedIn Share on X

Critical PromptPwnd Vulnerability Exposes AI-Powered GitLab, GitHub Pipelines

- December 9th, 2025

A critical vulnerability, identified as "PromptPwnd," affects AI agents that are integrated into the GitLab CI/CD and GitHub Actions pipelines. Through this vulnerability, attackers are able to inject malicious commands...
Share on Facebook Share on LinkedIn Share on X

LLM-Powered Malware: The Future of Autonomous Cyber Threats

- December 9th, 2025

Researchers at Netskope Threat Labs have just published a new analysis on the possibility of creating autonomous malware built exclusively from Large Language Models (LLMs), eliminating the need to encode...
Share on Facebook Share on LinkedIn Share on X

Intellexa Exploits Zero-Day Vulnerabilities with Spyware

- December 8th, 2025

Despite significant geopolitical challenges, the mercenary spyware industry remains a resilient and persistent threat; in this context, the well-known vendor Intellexa continues to expand its arsenal. A recent report from...
Share on Facebook Share on LinkedIn Share on X

Malaysia Cracks Down on Bitcoin Mining Thefts

- December 8th, 2025

Thieves usually target tangible assets: cash or non-cash, jewelry, cars. But with cryptocurrencies, things are much stranger. Malaysian police are hunting down around 14,000 illegal Bitcoin mining companies that have...
Share on Facebook Share on LinkedIn Share on X

Australia Bans Social Media for Under 16s: What You Need to Know

- December 8th, 2025

Australia is soon to introduce groundbreaking legislation banning social media access for children under 16, an initiative that will set a precedent worldwide. A similar measure will soon be adopted...
Share on Facebook Share on LinkedIn Share on X

Palo Alto Networks VPN Vulnerability Exploited by Hackers

- December 8th, 2025

An increasingly aggressive campaign, directly targeting remote access infrastructure, has prompted threat actors to actively attempt to exploit vulnerabilities in Palo Alto Networks' GlobalProtect VPN portals . On December 5,...
Share on Facebook Share on LinkedIn Share on X

US Brothers Accused of Destroying 96 Databases with AI

- December 8th, 2025

The U.S. Department of Justice has accused twin brothers Muneeb and Sohaib Akhter of deleting 96 databases containing sensitive information, including investigative records and documents requested under the Freedom of...
Share on Facebook Share on LinkedIn Share on X

US Seizes Phishing Site Used by Myanmar Scammers to Steal Millions

- December 8th, 2025

The U.S. Department of Justice has announced the shutdown of a phishing website used by scammers in Myanmar to steal thousands of dollars from victims. According to the department, the...
Share on Facebook Share on LinkedIn Share on X

Digital Literacy in Schools: The Key to Unlocking Students’ Potential

- December 8th, 2025

According to Eurostat, in 2023 only 55% of European Union citizens aged 16 to 74 had at least basic digital skills, with strong differences between countries: values ​​ranging from around...
Share on Facebook Share on LinkedIn Share on X

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Featured Articles

Immagine del sitoCybercrime
Browser-in-the-Browser Phishing Attack: How to Protect Yourself
Manuel Roccon - 29/12/2025

This article analyzes a recent and sophisticated phishing campaign that uses the Browser-in-the-Browser (BitB) technique to steal credentials, particularly those from services like Microsoft 365. The BitB attack is notable for its ability to generate…

Immagine del sitoCybercrime
Critical WebKit Vulnerability Exposes iOS Devices to Code Execution
Redazione RHC - 29/12/2025

A new report details a critical vulnerability discovered by security researcher Joseph Goydish in Apple’s WebKit engine. This security flaw, if exploited in conjunction with other exploits, could allow attackers to execute arbitrary code on…

Immagine del sitoCybercrime
Xspeeder Devices Hit by AI-Discovered Zero-Day Vulnerability CVE-2025-54322
Redazione RHC - 29/12/2025

When it comes to cybersecurity, it’s easy to fall into the trap of thinking that problems are always far away, that they only affect others. But the reality is that a vulnerability is always around…

Immagine del sitoCybercrime
Job Scams on Social Media: How to Avoid Fake Remote Job Offers
Redazione RHC - 29/12/2025

Fraudulent job ads promising easy money and remote work continue to flood social media, particularly in the Middle East and North Africa . Under the guise of part-time jobs that require no experience , scammers…

Immagine del sitoCybercrime
Cyber Criminals Recruit Insiders: Companies at Risk of Internal Threats
Redazione RHC - 27/12/2025

The cybercriminal community is rapidly increasing its interest in recruiting personnel from within companies . Instead of sophisticated external attacks, criminals are increasingly relying on internal sources— people willing to provide access to company systems…