Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
Crowdstrike 320×100
Banner Ancharia Desktop 1 1

Red Hot Cyber. The Cybersecurity Blog

Cyber Criminals Recruit Insiders: Companies at Risk of Internal Threats
Villager Framework: AI-Powered Penetration Testing Tool
A $500 Tool Claims to Kill EDRs at Kernel Level: Inside the NtKiller Underground Ad
Webrat Malware Targets Security Researchers with GitHub Exploit Traps
A backdoor in NVIDIA code. Three 9.8 bugs plague AI and robotics development systems
La Poste Hit by Pro-Russian DDoS Attack During Peak Holiday Season
CVE-2025-47761: FortiClient VPN Zero-Day Exploit Lets Privilege Escalation
Critical MongoDB Vulnerability Exposed: CVE-2025-14847
RansomHouse Ransomware Upgraded: Enhanced Encryption Threat
Cyber Attacks on the Rise: Wiper Malware and Data Destruction in 2025
Previous Next

Ultime news

Microsoft Azure OAuth Attack: ConsentFix Malware Steals Accounts Cybercrime

Microsoft Azure OAuth Attack: ConsentFix Malware Steals Accounts

A new scheme called " ConsentFix " expands the capabilities of the already known ClickFix social media attack and allows...
Redazione RHC - 12 December 2025
Linux Foundation Launches Agentic AI Foundation with Key Tech Players Cybercrime

Linux Foundation Launches Agentic AI Foundation with Key Tech Players

The establishment of the Agentic AI Foundation (AAIF), a dedicated fund under the auspices of the Linux Foundation , was...
Redazione RHC - 12 December 2025
Disney Invests $1 Billion in OpenAI for Sora Video Deal Cybercrime

Disney Invests $1 Billion in OpenAI for Sora Video Deal

Disney will invest $1 billion in OpenAI and officially license its characters for use in its Sora video generator. The...
Redazione RHC - 12 December 2025
Microsoft 365 Okta Phishing Attack: Experts Warn of New Threat Cybercrime

Microsoft 365 Okta Phishing Attack: Experts Warn of New Threat

A recent study by Datadog Security Labs reveals an ongoing operation targeting organizations using Microsoft 365 and Okta for single...
Redazione RHC - 12 December 2025
React Server Components Vulnerability: Update to Prevent DoS Attacks Cybercrime

React Server Components Vulnerability: Update to Prevent DoS Attacks

The React Server component security saga continues this week. Following the patching of a critical remote code execution (RCE) vulnerability...
Redazione RHC - 12 December 2025
Critical Windows PowerShell Vulnerability CVE-2025-54100: Update Now Cybercrime

Critical Windows PowerShell Vulnerability CVE-2025-54100: Update Now

An urgent security update has been released to address a critical vulnerability in Windows PowerShell that allows attackers to execute...
Redazione RHC - 12 December 2025
« Precedente   Successivo »

Splunk Enterprise Vulnerability: CVE-2025-20386 and CVE-2025-20387

- December 5th, 2025

Security researchers have discovered two high-risk vulnerabilities (CVE-2025-20386 and CVE-2025-20387, with CVSS severity 8.0) affecting the Splunk Enterprise platform and Universal Forwarder components. These vulnerabilities result from incorrect permissions on...
Share on Facebook Share on LinkedIn Share on X

Apache HTTP Server Update Fixes Critical Security Vulnerabilities

- December 5th, 2025

The Apache Software Foundation has released a significant update for its popular Apache HTTP Server , addressing a total of five separate security vulnerabilities. Administrators are recommended to apply this...
Share on Facebook Share on LinkedIn Share on X

Cyber Insurance: Why Basic Hygiene Matters

- December 5th, 2025

Cyber insurance has become a topic of discussion on management committees. It's no longer an add-on, but rather an essential consideration in corporate risk management. Yet many companies rely on...
Share on Facebook Share on LinkedIn Share on X

Meta AI WhatsApp Investigation

- December 5th, 2025

Nine months after its implementation in Europe, Meta’s conversational artificial intelligence (AI) tool, integrated directly into WhatsApp, will be investigated by the European Commission . Two officials from the Brussels...
Share on Facebook Share on LinkedIn Share on X

Gulf States’ Digital Transformation: A New Era of Innovation and Security

- December 5th, 2025

It is a time of great geopolitical changes in the Gulf. It has been evident for some time that the dynamics between the major Middle Eastern players are indeed undergoing...
Share on Facebook Share on LinkedIn Share on X

Neurodivergence in Cybersecurity: A Hidden Competitive Advantage

- December 5th, 2025

Personal growth manuals sell hyperfocus as the secret to success. Routines as the key to productivity. Stepping out of your comfort zone as a universal panacea. But Jeff Bezos (...
Share on Facebook Share on LinkedIn Share on X

Leroy Merlin Cyberattack Exposes Personal Data of French Customers

- December 4th, 2025

A cyberattack has affected Leroy Merlin, involving the personal data of numerous customers in France, impacting hundreds of thousands of individuals. Leroy Merlin assures that "additional security measures have been...
Share on Facebook Share on LinkedIn Share on X

Anonymity for Sale: Russian SIM Card Market Thrives Amid Regulations

- December 4th, 2025

Efforts by legislators and law enforcement to combat money laundering and more complex SIM card verification procedures have not significantly weakened the position of anonymous number dealers. This conclusion emerges...
Share on Facebook Share on LinkedIn Share on X

Hackers Compromise 120k IP Cameras for Pornographic Videos

- December 4th, 2025

South Korean police have reported the arrest of four individuals who, presumably independently, compromised over 120,000 IP cameras. According to investigators, at least two of them did so to steal...
Share on Facebook Share on LinkedIn Share on X

Microsoft Fixes Old Windows LNK Vulnerability Exploited in Attacks

- December 4th, 2025

Microsoft has quietly patched a long-standing Windows vulnerability that has been exploited in real-world attacks for several years. The update was released on November's Patch Tuesday, despite the company having...
Share on Facebook Share on LinkedIn Share on X

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Featured Articles

Immagine del sitoCybercrime
Cyber Criminals Recruit Insiders: Companies at Risk of Internal Threats
Redazione RHC - 27/12/2025

The cybercriminal community is rapidly increasing its interest in recruiting personnel from within companies . Instead of sophisticated external attacks, criminals are increasingly relying on internal sources— people willing to provide access to company systems…

Immagine del sitoCybercrime
Villager Framework: AI-Powered Penetration Testing Tool
Redazione RHC - 26/12/2025

Straiker’s AI Research (STAR) team has identified Villager, a native AI-based penetration testing framework developed by the Chinese group Cyberspike . The tool, presented as a red team solution , is designed to fully automate…

Immagine del sitoCybercrime
A $500 Tool Claims to Kill EDRs at Kernel Level: Inside the NtKiller Underground Ad
Redazione RHC - 25/12/2025

An ad has surfaced on a closed underground forum frequented by malware operators and initial access brokers, attracting the attention of the cyber threat intelligence community. The post promotes “NtKiller,” a supposed “kernel-level” utility designed…

Immagine del sitoCybercrime
Webrat Malware Targets Security Researchers with GitHub Exploit Traps
Redazione RHC - 24/12/2025

There’s a specific moment, almost always at night, when curiosity overtakes caution. A newly opened repository, few stars but a success. very high score, the README file is well written enough to seem real. This…

Immagine del sitoCybercrime
A backdoor in NVIDIA code. Three 9.8 bugs plague AI and robotics development systems
Redazione RHC - 24/12/2025

When it comes to cybersecurity, you can never be too careful. Furthermore, when we talk about backdoors (or alleged ones), the question that follows is: who inserted them? Was it for maintenance purposes or for…