Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
Redhotcyber Banner Sito 320x100px Uscita 101125
Crowdstriker 970×120

Red Hot Cyber. The Cybersecurity Blog

Undertow Vulnerability CVE-2025-12543 Exposes Java Ecosystem to Critical Security Risks
Iran Protests Escalate as Reza Pahlavi Calls for Action Against Government
Veeam Backup Vulnerability: Critical RCE Flaw Discovered – Update Now
When Attack Discovery Becomes Automated, Detection Stops Scaling
CVE-2026-21858: n8n Vulnerability Exposes Thousands of Servers to RCE
Disable Windows 11 AI Features Easily with RemoveWindowsAI Tool
DevSecOps: Integrating Security into Your Development Process
WhatsApp Device Fingerprinting: New Measures Against Privacy Threats
PS5 BootROM Key Leaked, Sony’s Security Compromised
Windows 11 Performance Test: Surprising Results with Windows 8.1
Previous Next

Ultime news

Ink Dragon Hackers Uncovered: Sophisticated Cyber Espionage Operation Cybercrime

Ink Dragon Hackers Uncovered: Sophisticated Cyber Espionage Operation

It was only a matter of time. Governments around the world have now put their security systems on high alert....
Redazione RHC - 18 December 2025
Google Discontinues Dark Web Report, Shifts to Active Protection Cybercrime

Google Discontinues Dark Web Report, Shifts to Active Protection

No more useless alerts. No more passive monitoring. Less than two years after its launch, Google has decided to shut...
Luca Galuppi - 17 December 2025
CyberVolk Ransomware Flawed: Free File Recovery Possible Cybercrime

CyberVolk Ransomware Flawed: Free File Recovery Possible

This isn't the first time criminal hackers make mistakes, and it won't be the last. The pro-Russian hacktivist group CyberVolk...
Redazione RHC - 17 December 2025
OSINT Ethics and Legality: Navigating Open Source Intelligence Cybercrime

OSINT Ethics and Legality: Navigating Open Source Intelligence

Open Source Intelligence (OSINT) has emerged in recent years as one of the most fascinating, yet most insidious, disciplines in...
Alexandro Irace - 17 December 2025
The Psychology of Passwords: Why Weak Passwords Persist Cybercrime

The Psychology of Passwords: Why Weak Passwords Persist

The psychology of passwords starts right here: trying to understand people before systems. Welcome to "The Mind Behind Passwords," the...
Simone D'Agostino - 17 December 2025
Russian Cyber Operations Shift to Targeting Western Critical Infrastructure Cybercrime

Russian Cyber Operations Shift to Targeting Western Critical Infrastructure

New details emerge from an Amazon Threat Intelligence report that highlight an alarming shift in Russian government-backed cyber operations. High-level...
Redazione RHC - 17 December 2025
« Precedente   Successivo »

Apache Tika Vulnerability CVE-2025-66516: Critical XXE Attack Risk

- December 6th, 2025

A critical vulnerability has been published in Apache Tika that could allow an XML external entity injection attack, known as XXE . The vulnerability, classified as CVE-2025-66516, has a CVE...
Share on Facebook Share on LinkedIn Share on X

China Accuses US of Cyber Attacks, Denies Involvement in Brickstorm Malware

- December 6th, 2025

A spokesperson for the Chinese Embassy in Canada responded to a reporter's question about the outcry in Canada over so-called "Chinese cyber attacks." A reporter asked : Recently, the Canadian...
Share on Facebook Share on LinkedIn Share on X

AI Browser Attack: Google Drive Wiper Threat Exposed

- December 6th, 2025

Researchers at Striker STAR Labs have described a new agent-based browser attack that can turn a regular email into a near-complete wiper of your Google Drive inbox. The attack targets...
Share on Facebook Share on LinkedIn Share on X

NATO Cyber Coalition Exercise: Enhancing Cyber Defense with 1,300 Experts

- December 6th, 2025

NATO held its largest-ever cyber defense exercise, Cyber Coalition, in Estonia, involving approximately 1,300 specialists . The goal was to practice protecting critical infrastructure from large-scale cyber attacks, simulating scenarios...
Share on Facebook Share on LinkedIn Share on X

Microsoft 365 Price Hike: What You Need to Know About the 2026 Increase

- December 6th, 2025

Starting July 1, 2026, Microsoft 365 and Office 365 subscription prices for business and government customers will increase by 8% to 33% , depending on the plan. This price adjustment...
Share on Facebook Share on LinkedIn Share on X

React2Shell Vulnerability Exploited by China-Linked Hackers, Patch Now

- December 6th, 2025

We often discuss on this site that the window between the publication of an exploit and the launch of active attacks is drastically shrinking. For this reason, it's increasingly crucial...
Share on Facebook Share on LinkedIn Share on X

FreeBSD 15.0: Discover the Power of This Unix-like Operating System

- December 6th, 2025

Behind many of the digital applications and services we take for granted every day lies a silent giant: FreeBSD . Known primarily to insiders, this Unix-like operating system has become...
Share on Facebook Share on LinkedIn Share on X

Cloudflare Blocks AI Bots: The Future of Internet Economy at Stake

- December 5th, 2025

Since July 1st, Cloudflare has blocked 416 billion requests from artificial intelligence bots attempting to extract content from its customers' websites. According to Matthew Prince, co-founder and CEO of Cloudflare,...
Share on Facebook Share on LinkedIn Share on X

React2Shell Vulnerability: 8.7M Servers at Risk – CVE-2025-55182

- December 5th, 2025

In 2025, the IT and security communities are buzzing with excitement over a single name: " React2Shell ." With the disclosure of a new vulnerability, CVE-2025-55182, classified as CVSS 10.0,...
Share on Facebook Share on LinkedIn Share on X

Cloudflare Just Broke the Internet… Again. Centralization Risks Exposed

- December 5th, 2025

Cloudflare is back in the spotlight after a new wave of outages that, on December 5, 2025, is affecting several components of the platform. In addition to the Dashboard and...
Share on Facebook Share on LinkedIn Share on X

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Featured Articles

Immagine del sitoCybercrime
Undertow Vulnerability CVE-2025-12543 Exposes Java Ecosystem to Critical Security Risks
Redazione RHC - 09/01/2026

A flaw has been discovered in the foundation of the Java web ecosystem. Undertow , the high-performance web server that powers enterprise heavyweights like WildFly and JBoss EAP , has been hit by a critical…

Immagine del sitoCybercrime
Iran Protests Escalate as Reza Pahlavi Calls for Action Against Government
Redazione RHC - 09/01/2026

Iranian protesters chanted and marched through the streets until Friday morning, following a call from exiled former Prince Reza Pahlavi to demonstrate, despite the Iranian theocracy cutting off the country from the internet and international…

Immagine del sitoCybercrime
Veeam Backup Vulnerability: Critical RCE Flaw Discovered – Update Now
Redazione RHC - 08/01/2026

Backups are generally considered the last line of defense, but this week Veeam reminded us that backup systems themselves can become entry points for attacks. The company released security updates for Backup & Replication ,…

Immagine del sitoCybercrime
When Attack Discovery Becomes Automated, Detection Stops Scaling
Alexander Rogan - 08/01/2026

For much of the past two decades, cybersecurity has been built on a simple assumption: malicious activity can be detected, analysed, and responded to before meaningful damage occurs. This assumption shaped everything from SOC design…

Immagine del sitoCybercrime
CVE-2026-21858: n8n Vulnerability Exposes Thousands of Servers to RCE
Redazione RHC - 08/01/2026

The vulnerability, identified as CVE-2026-21858, which we recently reported on, affects approximately 100,000 servers worldwide, threatening to expose proprietary API keys, customer databases, and AI workflows. The vulnerability, with a CVSS score of 10, has…