Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
TM RedHotCyber 320x100 042514
Banner Ransomfeed 970x120 1

Red Hot Cyber. The Cybersecurity Blog

Undertow Vulnerability CVE-2025-12543 Exposes Java Ecosystem to Critical Security Risks
Iran Protests Escalate as Reza Pahlavi Calls for Action Against Government
Veeam Backup Vulnerability: Critical RCE Flaw Discovered – Update Now
When Attack Discovery Becomes Automated, Detection Stops Scaling
CVE-2026-21858: n8n Vulnerability Exposes Thousands of Servers to RCE
Disable Windows 11 AI Features Easily with RemoveWindowsAI Tool
DevSecOps: Integrating Security into Your Development Process
WhatsApp Device Fingerprinting: New Measures Against Privacy Threats
PS5 BootROM Key Leaked, Sony’s Security Compromised
Windows 11 Performance Test: Surprising Results with Windows 8.1
Previous Next

Ultime news

Spotify Web Scraping: Anna’s Archive Scrapes 300TB of Music Library Cybercrime

Spotify Web Scraping: Anna’s Archive Scrapes 300TB of Music Library

Activists and hackers at Anna's Archive have reportedly combed nearly the entire music library of the largest streaming service, Spotify....
Redazione RHC - 23 December 2025
CVE-2025-47761: FortiClient VPN Zero-Day Exploit Lets Privilege Escalation Vulnerability

CVE-2025-47761: FortiClient VPN Zero-Day Exploit Lets Privilege Escalation

The following analysis examines the attack vector for CVE-2025-47761 , a vulnerability found in the Fortips_74.sys kernel driver used by...
Manuel Roccon - 23 December 2025
Ukrainian Hacker Charged in Major Ransomware Attacks Cybercrime

Ukrainian Hacker Charged in Major Ransomware Attacks

A Ukrainian man implicated in a series of ransomware attacks has been found guilty in the United States. These cybercrimes...
Redazione RHC - 23 December 2025
The Rise of Digital Walls: How National Sovereignty Threatens Global Internet Cybercrime

The Rise of Digital Walls: How National Sovereignty Threatens Global Internet

As we always report on these pages, nations are pushing for the development of domestic software and hardware devices, that...
Redazione RHC - 23 December 2025
Critical MongoDB Vulnerability Exposed: CVE-2025-14847 Cybercrime

Critical MongoDB Vulnerability Exposed: CVE-2025-14847

A critical vulnerability has been identified in MongoDB, one of the most widely used NoSQL database platforms globally. This security...
Redazione RHC - 23 December 2025
Smart TV Spying: Major Brands Accused of Collecting User Data Cybercrime

Smart TV Spying: Major Brands Accused of Collecting User Data

Texas Attorney General Ken Paxton has charged five major television manufacturers with illegally collecting user data using automatic content recognition...
Redazione RHC - 23 December 2025
« Precedente   Successivo »

SOAP Vulnerability in .NET Framework Allows Remote Code Execution

- December 14th, 2025

Security researchers have discovered a vulnerability in .NET that could affect several enterprise products and lead to remote code execution. The issue stems from the way Microsoft .NET-based applications handle...
Share on Facebook Share on LinkedIn Share on X

CVE-2025-55182 React Server Components Vulnerability Exploited

- December 13th, 2025

A recent report from the Google Threat Intelligence Group (GTIG) illustrates the chaotic results of this information dissemination, highlighting how savvy adversaries have already gained a foothold within targeted networks....
Share on Facebook Share on LinkedIn Share on X

Top 25 Software Vulnerabilities 2025: MITRE CWE Ranking and Security Tips

- December 13th, 2025

MITRE has released its ranking of the 25 most dangerous software vulnerabilities predicted for 2025, based on data collected through the National Vulnerability Database. These vulnerabilities were identified by analyzing...
Share on Facebook Share on LinkedIn Share on X

The Future of Work: 4-Day Week with AI and Tech Advances

- December 13th, 2025

The prospect of a four-day workweek, with a resulting three-day long weekend, may not be far off. This is according to Christopher A. Pissarides , a British-Cypriot economist and Nobel...
Share on Facebook Share on LinkedIn Share on X

ARTEMIS Leads in AI-Powered Pentesting, Outperforming Human Experts

- December 13th, 2025

Stanford researchers and their colleagues conducted an unusual experiment: they compared the performance of ten professional specialists and a set of autonomous AI agents in a real-world corporate pentest. The...
Share on Facebook Share on LinkedIn Share on X

Apple Patches Critical WebKit Vulnerabilities in iOS Update

- December 13th, 2025

Following the discovery of two critical zero-day vulnerabilities in the WebKit browser engine, Apple has urgently released security updates for iPhone and iPad users. Both vulnerabilities reside in WebKit ,...
Share on Facebook Share on LinkedIn Share on X

Kali Linux 2025.4: Discover the Power of Wayland and Enhanced Security Tools

- December 12th, 2025

The recent 2025.4 release of Kali Linux has been made available to the public, introducing significant improvements to the GNOME, KDE, and Xfce desktop environments . From now on, Wayland...
Share on Facebook Share on LinkedIn Share on X

French Interior Ministry Hit by Cyberattack, Data Security at Risk

- December 12th, 2025

The French Ministry of the Interior's email servers were targeted by a cyberattack. The hacker managed to access "several files," but no "serious compromise" has been detected so far. The...
Share on Facebook Share on LinkedIn Share on X

IRS.GOV: alleged data breach affects the accounts of 18 million citizens

- December 12th, 2025

An alleged database containing sensitive information on 18 million U.S. citizens over 65 has appeared for sale on a popular dark web forum. The advertiser, who uses the pseudonym "Frenshyny,"...
Share on Facebook Share on LinkedIn Share on X

Amnesty International Launches .onion Site for Secure Access to Human Rights Info

- December 12th, 2025

Amnesty International has launched its own website, accessible via the .onion domain on the Tor network, offering a new secure channel for accessing the organization's information and research. The initiative,...
Share on Facebook Share on LinkedIn Share on X

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Featured Articles

Immagine del sitoCybercrime
Undertow Vulnerability CVE-2025-12543 Exposes Java Ecosystem to Critical Security Risks
Redazione RHC - 09/01/2026

A flaw has been discovered in the foundation of the Java web ecosystem. Undertow , the high-performance web server that powers enterprise heavyweights like WildFly and JBoss EAP , has been hit by a critical…

Immagine del sitoCybercrime
Iran Protests Escalate as Reza Pahlavi Calls for Action Against Government
Redazione RHC - 09/01/2026

Iranian protesters chanted and marched through the streets until Friday morning, following a call from exiled former Prince Reza Pahlavi to demonstrate, despite the Iranian theocracy cutting off the country from the internet and international…

Immagine del sitoCybercrime
Veeam Backup Vulnerability: Critical RCE Flaw Discovered – Update Now
Redazione RHC - 08/01/2026

Backups are generally considered the last line of defense, but this week Veeam reminded us that backup systems themselves can become entry points for attacks. The company released security updates for Backup & Replication ,…

Immagine del sitoCybercrime
When Attack Discovery Becomes Automated, Detection Stops Scaling
Alexander Rogan - 08/01/2026

For much of the past two decades, cybersecurity has been built on a simple assumption: malicious activity can be detected, analysed, and responded to before meaningful damage occurs. This assumption shaped everything from SOC design…

Immagine del sitoCybercrime
CVE-2026-21858: n8n Vulnerability Exposes Thousands of Servers to RCE
Redazione RHC - 08/01/2026

The vulnerability, identified as CVE-2026-21858, which we recently reported on, affects approximately 100,000 servers worldwide, threatening to expose proprietary API keys, customer databases, and AI workflows. The vulnerability, with a CVSS score of 10, has…