Contact
Red Hot Cyber

Cybersecurity, Cybercrime News and Vulnerability Analysis

Home
LECS 970x120 1
    Supply Chain Attack: How Notepad++ Was Compromised via CVE-2025-15556
    Manuel Roccon | Cybercrime | 04/02/2026

    In cybersecurity, we often focus on finding complex bugs in source code, ignoring the fact that end-user trust is built on a much simpler foundation: a download link. The Notepad++ incident, now class...

    Microsoft Office under attack: the bug needs to be patched to prevent Russian espionage.
    Bajram Zeqiri | Cyber News | 03/02/2026

    In recent days, APT28 , a well-known Russian-linked hacker group, has intensified its attacks by exploiting a vulnerability in Microsoft Office. The flaw, classified as CVE-2026-21509, was disclosed b...

    Goodbye to NTLM! Microsoft is moving towards a new era of authentication with Kerberos
    Silvia Felici | Cyber News | 01/02/2026

    For over three decades, it has been a silent pillar of the Windows ecosystem. Now, however, NTLM ‘s time seems definitively over. Microsoft has decided to initiate a profound transition that marks the...

    The world’s first humanoid robot store has opened in China. Will we be ready?
    Carolina Vivianti | innovation | 30/01/2026

    At ten o’clock in the morning, in Wuhan, two 1.3-meter-tall humanoid robots begin moving with precision. They turn, jump, and follow a rhythm. It’s the opening signal for the country’s first 7S humano...

    Douglas Engelbart was born today: the man who saw and invented the digital future.
    Massimiliano Brolli | Culture | 30/01/2026

    Sometimes, when you think about it, you wonder how we take the world around us for granted. Like, we click, scroll, type, and it all seems so natural, as if it’s always been there. But no, there was s...

    WhatsApp gets a makeover: “Paranoia” mode arrives (and no, it’s not for everyone).
    Silvia Felici | Cyber News | 29/01/2026

    WhatsApp has decided to toughen up. Not for everyone, not always, but when needed. The decision comes against a backdrop of a now-familiar climate: increasing cyber attacks, espionage that no longer m...

    Beware of “I am not a robot”: the malware trap that uses Google Calendar.
    Bajram Zeqiri | Cybercrime | 29/01/2026

    A new threat is lurking, exploiting our greatest weakness: habit. How many times, in fact, do you find yourself clicking on verification boxes without thinking twice? Now, it seems that malicious peop...

    A blow to the heart of cybercrime: RAMP taken offline. The “temple” of ransomware falls!
    Bajram Zeqiri | Cybercrime | 28/01/2026

    The RAMP (Russian Anonymous Marketplace) forum, one of the main hubs of the international cybercrime underground, has been officially shut down and seized by US law enforcement . The news emerged afte...

    Digital Autonomy: France Says Goodbye to Teams and Zoom by 2027
    Silvia Felici | Cyberpolitics | 28/01/2026

    This isn’t the first initiative to emerge on this front recently. Indeed, we’ve heard several of them, one after the other. And it’s almost inevitable: technological autonomy and national security are...

    And let the phishing begin! Microsoft is taking action against a zero-day exploit already exploited in Office
    Pietro Melillo | Cyber News | 27/01/2026

    Once again, Microsoft was forced to quickly fix some flaws. The company has released unscheduled patches for Microsoft Office, addressing a dangerous zero-day vulnerability that has already been explo...

    Precedente Successivo

    Latest news

    Apache Struts 2 Vulnerability CVE-2025-68493 Exposes Sensitive Data Cyber News

    Apache Struts 2 Vulnerability CVE-2025-68493 Exposes Sensitive Data

    A new flaw has emerged in the foundation of one of the most popular Java frameworks on the web. Cybersecurity...
    Agostino Pellegrino - January 12, 2026
    Uncovering Dark AI: The Truth Behind Crime-as-a-Service Chatbots Cyber News

    Uncovering Dark AI: The Truth Behind Crime-as-a-Service Chatbots

    In recent months, the cybersecurity landscape has been awash with media hype surrounding new AI Dark Chatbots promoted as "Crime-as-a-Service"...
    Bajram Zeqiri - January 12, 2026
    AI-Generated Mac Malware: SimpleStealth Threatens User Security Cyber News

    AI-Generated Mac Malware: SimpleStealth Threatens User Security

    A group of industry specialists has identified for the first time a macOS malware whose code clearly shows signs of...
    Massimiliano Brolli - January 11, 2026
    The Future of Tech: Sovereignty, Security, and Cloud Control Cyber News

    The Future of Tech: Sovereignty, Security, and Cloud Control

    In today's world, technology is no longer a mere tool for efficiency or convenience, but a primary geopolitical lever ....
    Silvia Felici - January 11, 2026
    Internet Shutdowns Cost $19.7B in 2025, Sophisticated Censorship Rises Cyber News

    Internet Shutdowns Cost $19.7B in 2025, Sophisticated Censorship Rises

    Imagine a situation where the internet appears to be working, but websites won't open beyond the first screen, messaging apps...
    Redazione RHC - January 11, 2026
    Instagram Data Leak Exposes 17.5 Million Users on Dark Web Cyber News

    Instagram Data Leak Exposes 17.5 Million Users on Dark Web

    A massive digital archive containing the private information of approximately 17.5 million Instagram users appears to have fallen into the...
    Redazione RHC - January 10, 2026
    « Previous   Next »

    CVE-2025-47761: FortiClient VPN Zero-Day Exploit Lets Privilege Escalation

    The following analysis examines the attack vector for CVE-2025-47761 , a vulnerability found in the Fortips_74.sys kernel driver used by FortiClient VPN for Windows. The core of the vulnerability lies...

    - December 23rd, 2025

    Share on Facebook Share on LinkedIn Share on X

    Ukrainian Hacker Charged in Major Ransomware Attacks

    A Ukrainian man implicated in a series of ransomware attacks has been found guilty in the United States. These cybercrimes affected companies in several countries, including the United States, Canada,...

    - December 23rd, 2025

    Share on Facebook Share on LinkedIn Share on X

    The Rise of Digital Walls: How National Sovereignty Threatens Global Internet

    As we always report on these pages, nations are pushing for the development of domestic software and hardware devices, that is, technologies developed within the nation that are more easily...

    - December 23rd, 2025

    Share on Facebook Share on LinkedIn Share on X

    Critical MongoDB Vulnerability Exposed: CVE-2025-14847

    A critical vulnerability has been identified in MongoDB, one of the most widely used NoSQL database platforms globally. This security flaw, tracked under CVE-2025-14847, allows attackers to extract sensitive data...

    - December 23rd, 2025

    Share on Facebook Share on LinkedIn Share on X

    Smart TV Spying: Major Brands Accused of Collecting User Data

    Texas Attorney General Ken Paxton has charged five major television manufacturers with illegally collecting user data using automatic content recognition (ACR) technology to record what owners watch. The charges concern...

    - December 23rd, 2025

    Share on Facebook Share on LinkedIn Share on X

    Phishing Campaigns Exploit File Sharing Services

    Researchers at Check Point, a pioneer and global leader in cybersecurity solutions, have discovered a phishing campaign in which attackers pose as file-sharing and electronic signature services to send financially-themed...

    - December 23rd, 2025

    Share on Facebook Share on LinkedIn Share on X

    RansomHouse Ransomware Upgraded: Enhanced Encryption Threat

    The group behind RansomHouse, one of the most notorious ransomware distribution services, has strengthened the technical capabilities of its attacks. According to experts, the cybercriminals have added an updated encryption...

    - December 22nd, 2025

    Share on Facebook Share on LinkedIn Share on X

    Cyber Attacks on the Rise: Wiper Malware and Data Destruction in 2025

    According to BI.ZONE, by 2025, attackers will increasingly opt for total destruction of corporate infrastructure rather than encryption . This refers to scenarios in which, after penetrating a network, attackers...

    - December 22nd, 2025

    Share on Facebook Share on LinkedIn Share on X

    MS13-089 Ransomware: Double Extortion Without Encryption

    MS13-089 opens a leak site on the dark web, exposes the first data and adopts a double extortion strategy without encryption. A brand built on an old Microsoft ID For...

    - December 22nd, 2025

    Share on Facebook Share on LinkedIn Share on X

    OAuth Device Code Phishing: New Attack Vector for Account Takeover

    Cybercriminals are getting smarter and have found a new way to exploit corporate security protocols. It seems incredible, but it's true: they're using a legitimate Microsoft authentication feature to steal...

    - December 22nd, 2025

    Share on Facebook Share on LinkedIn Share on X

    Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE