Red Hot Cyber. The Cybersecurity Blog
Featured Articles
A botnet service called Aisuru offers an army of compromised IoT devices and routers to launch high-traffic DDoS attacks. In just three months, the massive Aisuru botnet launched more than 1,300 DDoS ...
A joint investigation by BCA LTD, NorthScan, and ANY.RUN has exposed one of North Korea’s most secretive hacking schemes. Under the guise of routine recruitment, the team monitored how operators fro...
Google has released Chrome 143 for Windows, macOS, and Linux; the release contains an important patch. The new version ( 143.0.7499.40 for Linux and 143.0.7499.40/41 for Windows and macOS) addresses 1...
December isn’t just about Christmas lights: for those working in cybersecurity, it’s the month when the human factor collapses and companies rush to buy solutions just to be “compliant” for th...
In today’s environment, securing a network requires much more than setting a complex password. A cyber attack against a wireless network follows a structured path that evolves from passive monitorin...
Critical Vulnerability in Azure Bastion Scores 10! When RDP and SSH in the Cloud Are Checkmated
Risk averted for millions of Microsoft users! The critical vulnerability in Microsoft SharePoint 9.8
Sturnus, the banking Trojan that intercepts WhatsApp, Telegram, and Signal messages
Disloyal Employees: Fired, Returns to Work, and Resets 2,500 Passwords Without the Company’s Knowledge
MONOLOCK: The new “silent” ransomware group that rejects leak sites and affiliate panels.
Critical vulnerability in the WordPress plugin W3 Total Cache. 430,000 sites at risk!
Critical Vulnerability in Azure Bastion Scores 10! When RDP and SSH in the Cloud Are Checkmated
Redazione RHC - November 20th, 2025
An authentication bypass vulnerability has been discovered in Azure Bastion , Microsoft's managed service that enables secure RDP and SSH connections to virtual machines in Azure without directly exposing them...
Risk averted for millions of Microsoft users! The critical vulnerability in Microsoft SharePoint 9.8
Redazione RHC - November 20th, 2025
Microsoft has disclosed a critical vulnerability in SharePoint Online (discovered by RHC through our ongoing monitoring of critical CVEs on our portal), identified as CVE‑2025‑59245 , with a CVSS v3.1...
Sturnus, the banking Trojan that intercepts WhatsApp, Telegram, and Signal messages
Redazione RHC - November 20th, 2025
ThreatFabric specialists have discovered a new banking Trojan, Sturnus . The malware is capable of intercepting messages from end-to-end encrypted messaging apps (Signal, WhatsApp, Telegram) and gaining full control over...
Disloyal Employees: Fired, Returns to Work, and Resets 2,500 Passwords Without the Company’s Knowledge
Redazione RHC - November 20th, 2025
An employee has pleaded guilty to hacking into his former employer's network and causing nearly $1 million in damages after being fired. According to the indictment, 35-year-old Maxwell Schultz, who...
MONOLOCK: The new “silent” ransomware group that rejects leak sites and affiliate panels.
Luca Stivali - November 20th, 2025
The ransomware landscape is changing. The most exposed actors—LockBit, Hunters International, and Trigona—have paid the price for overexposure, including international operations, infiltrations, deliberate leaks, and operational collapses. After years dominated...
Critical vulnerability in the WordPress plugin W3 Total Cache. 430,000 sites at risk!
Redazione RHC - November 20th, 2025
A critical vulnerability, CVE-2025-9501, has been discovered in the popular WordPress plugin W3 Total Cache . This vulnerability allows the execution of arbitrary PHP commands on the server without authentication....
Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE