Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
TM RedHotCyber 320x100 042514
Cyber Offensive Fundamentals 970x120 V0.1

Red Hot Cyber. The Cybersecurity Blog

NexPhone: Three operating systems in your pocket! The phone that challenges the very concept of a PC.
BlueNoroff: The Hacker Group Revolutionizing Cybercrime
Nearly 2,000 bugs in 100 dating apps: How your data can be stolen
MacSync: The macOS malware that empties your wallet… after weeks
Larva-25012 Proxyjacking Campaign Targets South Korea with Notepad++ Malware
PurpleBravo’s Contagious Interview: Malware Campaign Targets Global Firms
KONNI Malware Targets Crypto Developers with AI-Powered Attacks
Fortinet FortiOS Vulnerability Exploited: CVE-2025-59718 Patch Bypass
Cisco Zero-Day Vulnerability CVE-2026-20045 Actively Exploited
Red Hot Cyber and Hack The Box: together for the CTF at the RHC 2026 conference
Previous Next

Ultime news

CVE-2026-21858: n8n Vulnerability Exposes Thousands of Servers to RCE Cybercrime

CVE-2026-21858: n8n Vulnerability Exposes Thousands of Servers to RCE

The vulnerability, identified as CVE-2026-21858, which we recently reported on, affects approximately 100,000 servers worldwide, threatening to expose proprietary API...
Redazione RHC - 8 January 2026
Malware PHALT#BLYX Uses Social Engineering and MSBuild to Infect Systems Cybercrime

Malware PHALT#BLYX Uses Social Engineering and MSBuild to Infect Systems

A cancellation message from Booking.com with a high penalty seems like a typical business practice for hotels and apartments. But...
Redazione RHC - 7 January 2026
Disable Windows 11 AI Features Easily with RemoveWindowsAI Tool Cybercrime

Disable Windows 11 AI Features Easily with RemoveWindowsAI Tool

A new open-source script allows Windows 11 users to widely disable the operating system's built-in artificial intelligence features . The...
Redazione RHC - 7 January 2026
DevSecOps: Integrating Security into Your Development Process Cybercrime

DevSecOps: Integrating Security into Your Development Process

When it comes to application security, there's rarely a single problem. It's almost always a chain of small flaws, poor...
Massimiliano Brolli - 7 January 2026
Critical RCE Vulnerability in D-Link DSL Routers – Update Now Cybercrime

Critical RCE Vulnerability in D-Link DSL Routers – Update Now

A critical remote code execution (RCE) flaw in older D-Link DSL routers has been identified as CVE-2026-0625, with a CVSS...
Redazione RHC - 7 January 2026
Critical n8n Vulnerability: Update Now to Prevent RCE Attacks Vulnerability

Critical n8n Vulnerability: Update Now to Prevent RCE Attacks

n8n, the “fair-code” workflow automation platform beloved by engineering teams for its combination of low-code speed and programming flexibility, has...
Redazione RHC - 7 January 2026
« Precedente   Successivo »

Uzbekistan License Plate Surveillance System Exposed Online

- December 27th, 2025

Cybersecurity specialist Anurag Sen discovered that Uzbekistan's license plate recognition system database was freely accessible online: anyone could access all the information . It is unclear how long the system...
Share on Facebook Share on LinkedIn Share on X

Interpol Operation Sentinel Cracks Down on Cybercrime with 574 Arrests

- December 27th, 2025

Interpol conducted Operation Sentinel, an international operation that resulted in the arrest of 574 people and the recovery of $3 million stolen through BEC attacks, fraud, and extortion. The operation...
Share on Facebook Share on LinkedIn Share on X

Villager Framework: AI-Powered Penetration Testing Tool

- December 26th, 2025

Straiker's AI Research (STAR) team has identified Villager, a native AI-based penetration testing framework developed by the Chinese group Cyberspike . The tool, presented as a red team solution ,...
Share on Facebook Share on LinkedIn Share on X

TIME’s Machine of the Year: How Personal Computer Changed Society

- December 26th, 2025

TIME magazine's selection of a "Person of the Year" is a tradition dating back to 1927, when the award was given to Charles Lindbergh after his historic solo crossing of...
Share on Facebook Share on LinkedIn Share on X

Livewire Vulnerability Exposed: 130k Apps at Risk of Remote Code Execution

- December 26th, 2025

An in-depth security analysis of Livewire , an essential framework for developing dynamic interfaces in Laravel, has revealed a significant vulnerability. Synacktiv security experts have identified a critical flaw and...
Share on Facebook Share on LinkedIn Share on X

Microsoft Boosts BitLocker with Hardware Acceleration for Enhanced Security

- December 25th, 2025

Over the years, Microsoft has strived to keep BitLocker's performance impact within reasonable limits, historically below double digits. The goal has always been to ensure data protection without significantly impacting...
Share on Facebook Share on LinkedIn Share on X

DriverFixer0428: macOS Credential Stealer Linked to North Korea

- December 25th, 2025

A thorough static and dynamic analysis has led to the identification of a macOS malware called DriverFixer0428 , classified as a credential stealer and attributed with a medium-high confidence level...
Share on Facebook Share on LinkedIn Share on X

A $500 Tool Claims to Kill EDRs at Kernel Level: Inside the NtKiller Underground Ad

- December 25th, 2025

An ad has surfaced on a closed underground forum frequented by malware operators and initial access brokers, attracting the attention of the cyber threat intelligence community. The post promotes "NtKiller,"...
Share on Facebook Share on LinkedIn Share on X

Webrat Malware Targets Security Researchers with GitHub Exploit Traps

- December 24th, 2025

There's a specific moment, almost always at night, when curiosity overtakes caution. A newly opened repository, few stars but a success. very high score, the README file is well written...
Share on Facebook Share on LinkedIn Share on X

Nezha Malware: Abusing Legitimate Tools for Remote Access

- December 24th, 2025

There comes a moment, often too late, when you realize the problem didn't come from forcing the door, but from using the house keys. This is what happens when a...
Share on Facebook Share on LinkedIn Share on X

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Featured Articles

Immagine del sitoinnovation
NexPhone: Three operating systems in your pocket! The phone that challenges the very concept of a PC.
Redazione RHC - 23/01/2026

The question has been circulating for over ten years: can a smartphone really replace a computer? Over time, the industry has repeatedly attempted to provide a concrete answer, without ever reaching a definitive solution. From…

Immagine del sitoCybercrime
BlueNoroff: The Hacker Group Revolutionizing Cybercrime
Redazione RHC - 23/01/2026

The BlueNoroff hacker group has long since transformed cybercrime into a high-tech business, with tens of millions of dollars, cryptocurrency assets, and entire financial ecosystems at stake. A report by Picus Security details the group’s…

Immagine del sitoCybercrime
Nearly 2,000 bugs in 100 dating apps: How your data can be stolen
Redazione RHC - 23/01/2026

A study of 100 dating apps revealed a disturbing picture: nearly 2,000 vulnerabilities were detected, 17% of which were classified as critical. The analysis was conducted by AppSec Solutions. The study’s results were published by…

Immagine del sitoCybercrime
MacSync: The macOS malware that empties your wallet… after weeks
Redazione RHC - 23/01/2026

A new malware campaign has emerged in the macOS world, one that relies not on sophisticated exploits, but on good old-fashioned social engineering. It’s powered by the MacSync malware, distributed using the ” malware-as-a-service ”…

Immagine del sitoCybercrime
Larva-25012 Proxyjacking Campaign Targets South Korea with Notepad++ Malware
Redazione RHC - 22/01/2026

A sophisticated proxyjacking campaign is targeting systems in South Korea, attributed to the actor Larva-25012 , which distributes proxyware disguised as legitimate Notepad++ installers. The campaign demonstrates significant technical evolution, using process injection in explorer.exe…