Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
Redhotcyber Banner Sito 320x100px Uscita 101125
Cyber Offensive Fundamentals 970x120 V0.1

Red Hot Cyber. The Cybersecurity Blog

Everest Ransomware Attacks McDonald’s, 861GB Data Stolen
ESXi Zero-Day Exploit: How to Protect Your VMware Environment
Google Fast Pair Vulnerability: WhisperPair Exposes Millions of Devices
Elon Musk Sues OpenAI for $134 Billion Over AI Betrayal
Net-NTLMv1 Exploitation: Rainbow Tables for Modern Attacks
Your paycheck is zero! Congratulations, someone answered the phone wrong
Two Ukrainians Suspected in Black Basta Ransomware Attacks
Gootloader Malware Returns with Enhanced Evasion Techniques
VoidLink Malware: Advanced Linux Framework Targets Cloud Infrastructures
Microsoft Copilot Vulnerability Exposes User Data to Hackers
Previous Next

Ultime news

Uzbekistan License Plate Surveillance System Exposed Online Cybercrime

Uzbekistan License Plate Surveillance System Exposed Online

Cybersecurity specialist Anurag Sen discovered that Uzbekistan's license plate recognition system database was freely accessible online: anyone could access all...
Redazione RHC - 27 December 2025
Interpol Operation Sentinel Cracks Down on Cybercrime with 574 Arrests Cybercrime

Interpol Operation Sentinel Cracks Down on Cybercrime with 574 Arrests

Interpol conducted Operation Sentinel, an international operation that resulted in the arrest of 574 people and the recovery of $3...
Redazione RHC - 27 December 2025
Villager Framework: AI-Powered Penetration Testing Tool Cybercrime

Villager Framework: AI-Powered Penetration Testing Tool

Straiker's AI Research (STAR) team has identified Villager, a native AI-based penetration testing framework developed by the Chinese group Cyberspike...
Redazione RHC - 26 December 2025
TIME’s Machine of the Year: How Personal Computer Changed Society Culture

TIME’s Machine of the Year: How Personal Computer Changed Society

TIME magazine's selection of a "Person of the Year" is a tradition dating back to 1927, when the award was...
Redazione RHC - 26 December 2025
Livewire Vulnerability Exposed: 130k Apps at Risk of Remote Code Execution Cybercrime

Livewire Vulnerability Exposed: 130k Apps at Risk of Remote Code Execution

An in-depth security analysis of Livewire , an essential framework for developing dynamic interfaces in Laravel, has revealed a significant...
Redazione RHC - 26 December 2025
Microsoft Boosts BitLocker with Hardware Acceleration for Enhanced Security Cybercrime

Microsoft Boosts BitLocker with Hardware Acceleration for Enhanced Security

Over the years, Microsoft has strived to keep BitLocker's performance impact within reasonable limits, historically below double digits. The goal...
Redazione RHC - 25 December 2025
« Precedente   Successivo »

French Interior Ministry Hit by Cyberattack, Data Security at Risk

- December 12th, 2025

The French Ministry of the Interior's email servers were targeted by a cyberattack. The hacker managed to access "several files," but no "serious compromise" has been detected so far. The...
Share on Facebook Share on LinkedIn Share on X

IRS.GOV: alleged data breach affects the accounts of 18 million citizens

- December 12th, 2025

An alleged database containing sensitive information on 18 million U.S. citizens over 65 has appeared for sale on a popular dark web forum. The advertiser, who uses the pseudonym "Frenshyny,"...
Share on Facebook Share on LinkedIn Share on X

Amnesty International Launches .onion Site for Secure Access to Human Rights Info

- December 12th, 2025

Amnesty International has launched its own website, accessible via the .onion domain on the Tor network, offering a new secure channel for accessing the organization's information and research. The initiative,...
Share on Facebook Share on LinkedIn Share on X

NANOREMOTE Trojan Uses Google Drive for Command and Control

- December 12th, 2025

A new multifunctional Windows Trojan called NANOREMOTE uses a cloud file storage service as its command center , making the threat harder to detect and giving attackers a persistent channel...
Share on Facebook Share on LinkedIn Share on X

Microsoft Azure OAuth Attack: ConsentFix Malware Steals Accounts

- December 12th, 2025

A new scheme called " ConsentFix " expands the capabilities of the already known ClickFix social media attack and allows Microsoft accounts to be hijacked without a password or multi-factor...
Share on Facebook Share on LinkedIn Share on X

Linux Foundation Launches Agentic AI Foundation with Key Tech Players

- December 12th, 2025

The establishment of the Agentic AI Foundation (AAIF), a dedicated fund under the auspices of the Linux Foundation , was jointly announced by several leading companies in the field of...
Share on Facebook Share on LinkedIn Share on X

Disney Invests $1 Billion in OpenAI for Sora Video Deal

- December 12th, 2025

Disney will invest $1 billion in OpenAI and officially license its characters for use in its Sora video generator. The deal comes amid a heated debate in Hollywood over how...
Share on Facebook Share on LinkedIn Share on X

Microsoft 365 Okta Phishing Attack: Experts Warn of New Threat

- December 12th, 2025

A recent study by Datadog Security Labs reveals an ongoing operation targeting organizations using Microsoft 365 and Okta for single sign-on (SSO) authentication. This operation uses sophisticated techniques to bypass...
Share on Facebook Share on LinkedIn Share on X

React Server Components Vulnerability: Update to Prevent DoS Attacks

- December 12th, 2025

The React Server component security saga continues this week. Following the patching of a critical remote code execution (RCE) vulnerability that led to React2shell, researchers have discovered two new vulnerabilities....
Share on Facebook Share on LinkedIn Share on X

Critical Windows PowerShell Vulnerability CVE-2025-54100: Update Now

- December 12th, 2025

An urgent security update has been released to address a critical vulnerability in Windows PowerShell that allows attackers to execute malicious code on affected systems. This security flaw, designated CVE-2025-54100,...
Share on Facebook Share on LinkedIn Share on X

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Featured Articles

Immagine del sitoCybercrime
Everest Ransomware Attacks McDonald’s, 861GB Data Stolen
Redazione RHC - 21/01/2026

Yesterday, the Everest cybercriminal gang claimed responsibility for a cyberattack on McDonald’s on their Data Leak Site (DLS) . From the gang’s post, the cybercriminals claim to have 861GB of data exfiltrated from the company’s…

Immagine del sitoCybercrime
ESXi Zero-Day Exploit: How to Protect Your VMware Environment
Redazione RHC - 20/01/2026

A group of attackers is using a zero-day exploit toolkit to compromise VMware ESXi instances in an uncontrolled manner, taking advantage of multiple vulnerabilities to bypass virtual machine restrictions. The current incident highlights the ongoing…

Immagine del sitoCybercrime
Google Fast Pair Vulnerability: WhisperPair Exposes Millions of Devices
Redazione RHC - 19/01/2026

Researchers from the Cybersecurity and Industrial Cryptography team at KU Leuven have discovered a critical flaw in the Google Fast Pair protocol. The vulnerability allows attackers to hijack control of millions of Bluetooth devices, track…

Immagine del sitoCybercrime
Elon Musk Sues OpenAI for $134 Billion Over AI Betrayal
Redazione RHC - 19/01/2026

Elon Musk has filed a staggering $134 billion in damages in a malicious lawsuit against OpenAI and Microsoft. According to Bloomberg , the latest lawsuit accuses OpenAI of betraying its core mission as a nonprofit…

Immagine del sitoCulture
Net-NTLMv1 Exploitation: Rainbow Tables for Modern Attacks
Redazione RHC - 18/01/2026

Mandiant has released a large set of rainbow tables dedicated to Net-NTLMv1 with the aim of concretely demonstrating how insecure this authentication protocol has become. Although Net-NTLMv1 has been deprecated for years and its weaknesses…