Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
Crowdstrike 320×100
Banner Desktop

Red Hot Cyber. The Cybersecurity Blog

Larva-25012 Proxyjacking Campaign Targets South Korea with Notepad++ Malware
PurpleBravo’s Contagious Interview: Malware Campaign Targets Global Firms
KONNI Malware Targets Crypto Developers with AI-Powered Attacks
Fortinet FortiOS Vulnerability Exploited: CVE-2025-59718 Patch Bypass
Cisco Zero-Day Vulnerability CVE-2026-20045 Actively Exploited
Red Hot Cyber and Hack The Box: together for the CTF at the RHC 2026 conference
Everest Ransomware Attacks McDonald’s, 861GB Data Stolen
ESXi Zero-Day Exploit: How to Protect Your VMware Environment
Google Fast Pair Vulnerability: WhisperPair Exposes Millions of Devices
Elon Musk Sues OpenAI for $134 Billion Over AI Betrayal
Previous Next

Ultime news

Critical RCE Vulnerability in D-Link DSL Routers – Update Now Cybercrime

Critical RCE Vulnerability in D-Link DSL Routers – Update Now

A critical remote code execution (RCE) flaw in older D-Link DSL routers has been identified as CVE-2026-0625, with a CVSS...
Redazione RHC - 7 January 2026
Critical n8n Vulnerability: Update Now to Prevent RCE Attacks Vulnerability

Critical n8n Vulnerability: Update Now to Prevent RCE Attacks

n8n, the “fair-code” workflow automation platform beloved by engineering teams for its combination of low-code speed and programming flexibility, has...
Redazione RHC - 7 January 2026
Ledger Data Breach: Global-e Hack Exposes Customer Info Cybercrime

Ledger Data Breach: Global-e Hack Exposes Customer Info

Hackers have infiltrated Global-e's systems, and some Ledger customers are now at risk of receiving highly convincing scam emails. Ledger...
Redazione RHC - 7 January 2026
LED Data Transmission System for Smart Traffic innovation

LED Data Transmission System for Smart Traffic

Researchers at Tokyo Polytechnic University have presented a simple and cost-effective wireless data transmission system using LEDs. The project boasts...
Redazione RHC - 7 January 2026
Microsoft Shifts to Rust: AI-Driven Code Transformation by 2030 Cybercrime

Microsoft Shifts to Rust: AI-Driven Code Transformation by 2030

Microsoft has launched one of the most ambitious code transformation programs ever announced in the software industry: the stated goal...
Redazione RHC - 7 January 2026
Microsoft’s AI Future: Models to Systems with Satya Nadella Cybercrime

Microsoft’s AI Future: Models to Systems with Satya Nadella

With 2026 just around the corner, Microsoft CEO Satya Nadella shared a thoughtful reflection on the state of the AI...
Redazione RHC - 6 January 2026
« Precedente   Successivo »

Uzbekistan License Plate Surveillance System Exposed Online

- December 27th, 2025

Cybersecurity specialist Anurag Sen discovered that Uzbekistan's license plate recognition system database was freely accessible online: anyone could access all the information . It is unclear how long the system...
Share on Facebook Share on LinkedIn Share on X

Interpol Operation Sentinel Cracks Down on Cybercrime with 574 Arrests

- December 27th, 2025

Interpol conducted Operation Sentinel, an international operation that resulted in the arrest of 574 people and the recovery of $3 million stolen through BEC attacks, fraud, and extortion. The operation...
Share on Facebook Share on LinkedIn Share on X

Villager Framework: AI-Powered Penetration Testing Tool

- December 26th, 2025

Straiker's AI Research (STAR) team has identified Villager, a native AI-based penetration testing framework developed by the Chinese group Cyberspike . The tool, presented as a red team solution ,...
Share on Facebook Share on LinkedIn Share on X

TIME’s Machine of the Year: How Personal Computer Changed Society

- December 26th, 2025

TIME magazine's selection of a "Person of the Year" is a tradition dating back to 1927, when the award was given to Charles Lindbergh after his historic solo crossing of...
Share on Facebook Share on LinkedIn Share on X

Livewire Vulnerability Exposed: 130k Apps at Risk of Remote Code Execution

- December 26th, 2025

An in-depth security analysis of Livewire , an essential framework for developing dynamic interfaces in Laravel, has revealed a significant vulnerability. Synacktiv security experts have identified a critical flaw and...
Share on Facebook Share on LinkedIn Share on X

Microsoft Boosts BitLocker with Hardware Acceleration for Enhanced Security

- December 25th, 2025

Over the years, Microsoft has strived to keep BitLocker's performance impact within reasonable limits, historically below double digits. The goal has always been to ensure data protection without significantly impacting...
Share on Facebook Share on LinkedIn Share on X

DriverFixer0428: macOS Credential Stealer Linked to North Korea

- December 25th, 2025

A thorough static and dynamic analysis has led to the identification of a macOS malware called DriverFixer0428 , classified as a credential stealer and attributed with a medium-high confidence level...
Share on Facebook Share on LinkedIn Share on X

A $500 Tool Claims to Kill EDRs at Kernel Level: Inside the NtKiller Underground Ad

- December 25th, 2025

An ad has surfaced on a closed underground forum frequented by malware operators and initial access brokers, attracting the attention of the cyber threat intelligence community. The post promotes "NtKiller,"...
Share on Facebook Share on LinkedIn Share on X

Webrat Malware Targets Security Researchers with GitHub Exploit Traps

- December 24th, 2025

There's a specific moment, almost always at night, when curiosity overtakes caution. A newly opened repository, few stars but a success. very high score, the README file is well written...
Share on Facebook Share on LinkedIn Share on X

Nezha Malware: Abusing Legitimate Tools for Remote Access

- December 24th, 2025

There comes a moment, often too late, when you realize the problem didn't come from forcing the door, but from using the house keys. This is what happens when a...
Share on Facebook Share on LinkedIn Share on X

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Featured Articles

Immagine del sitoCybercrime
Larva-25012 Proxyjacking Campaign Targets South Korea with Notepad++ Malware
Redazione RHC - 22/01/2026

A sophisticated proxyjacking campaign is targeting systems in South Korea, attributed to the actor Larva-25012 , which distributes proxyware disguised as legitimate Notepad++ installers. The campaign demonstrates significant technical evolution, using process injection in explorer.exe…

Immagine del sitoCybercrime
PurpleBravo’s Contagious Interview: Malware Campaign Targets Global Firms
Redazione RHC - 22/01/2026

For over a year, the North Korean group PurpleBravo has been running a targeted malware campaign called “Contagious Interview,” using fake job interviews to attack companies in Europe, Asia, the Middle East, and Central America.…

Immagine del sitoCybercrime
KONNI Malware Targets Crypto Developers with AI-Powered Attacks
Redazione RHC - 22/01/2026

Check Point Research recently discovered a sophisticated phishing campaign orchestrated by KONNI , a threat group linked to North Korea . Historically focused on diplomatic targets in South Korea, the malicious actor has now expanded…

Immagine del sitoCybercrime
Fortinet FortiOS Vulnerability Exploited: CVE-2025-59718 Patch Bypass
Redazione RHC - 22/01/2026

Attackers are exploiting a previously patched critical FortiGate authentication flaw (CVE-2025-59718) through a patch bypass method to breach protected firewalls, as Fortinet customers are experiencing. Fortinet reportedly plans to soon release FortiOS versions 7.4.11, 7.6.6,…

Immagine del sitoCybercrime
Cisco Zero-Day Vulnerability CVE-2026-20045 Actively Exploited
Redazione RHC - 22/01/2026

A critical zero-day remote code execution (RCE) vulnerability, identified as CVE-2026-20045, has been discovered by Cisco and is being actively exploited in active attacks. Cisco has urged immediate patching, and its Product Security Incident Response…