Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
LECS 320x100 1
Banner Ransomfeed 970x120 1

Red Hot Cyber. The Cybersecurity Blog

NexPhone: Three operating systems in your pocket! The phone that challenges the very concept of a PC.
BlueNoroff: The Hacker Group Revolutionizing Cybercrime
Nearly 2,000 bugs in 100 dating apps: How your data can be stolen
MacSync: The macOS malware that empties your wallet… after weeks
Larva-25012 Proxyjacking Campaign Targets South Korea with Notepad++ Malware
PurpleBravo’s Contagious Interview: Malware Campaign Targets Global Firms
KONNI Malware Targets Crypto Developers with AI-Powered Attacks
Fortinet FortiOS Vulnerability Exploited: CVE-2025-59718 Patch Bypass
Cisco Zero-Day Vulnerability CVE-2026-20045 Actively Exploited
Red Hot Cyber and Hack The Box: together for the CTF at the RHC 2026 conference
Previous Next

Ultime news

Apple Supply Chain Hit by Cyberattack: Sensitive Data at Risk Cybercrime

Apple Supply Chain Hit by Cyberattack: Sensitive Data at Risk

During the first half of December, a Chinese company assembling devices for Apple was hit by an advanced cyberattack that...
Redazione RHC - 30 December 2025
Browser-in-the-Browser Phishing Attack: How to Protect Yourself Cybercrime

Browser-in-the-Browser Phishing Attack: How to Protect Yourself

This article analyzes a recent and sophisticated phishing campaign that uses the Browser-in-the-Browser (BitB) technique to steal credentials, particularly those...
Manuel Roccon - 29 December 2025
Critical WebKit Vulnerability Exposes iOS Devices to Code Execution Cybercrime

Critical WebKit Vulnerability Exposes iOS Devices to Code Execution

A new report details a critical vulnerability discovered by security researcher Joseph Goydish in Apple's WebKit engine. This security flaw,...
Redazione RHC - 29 December 2025
Xspeeder Devices Hit by AI-Discovered Zero-Day Vulnerability CVE-2025-54322 Cybercrime

Xspeeder Devices Hit by AI-Discovered Zero-Day Vulnerability CVE-2025-54322

When it comes to cybersecurity, it's easy to fall into the trap of thinking that problems are always far away,...
Redazione RHC - 29 December 2025
TurboDiffusion: AI Video Generation Accelerated Up to 200 Times Cybercrime

TurboDiffusion: AI Video Generation Accelerated Up to 200 Times

Automatic video generation using artificial intelligence took a significant leap on December 25, 2025, when Tsinghua University announced the open...
Redazione RHC - 29 December 2025
OpenAI to Introduce ChatGPT Ads, Revolutionizing AI-Powered Marketing Cybercrime

OpenAI to Introduce ChatGPT Ads, Revolutionizing AI-Powered Marketing

OpenAI is once again discussing the possibility of introducing advertising into ChatGPT , this time in the form of so-called...
Redazione RHC - 29 December 2025
« Precedente   Successivo »

The Future of Work: 4-Day Week with AI and Tech Advances

- December 13th, 2025

The prospect of a four-day workweek, with a resulting three-day long weekend, may not be far off. This is according to Christopher A. Pissarides , a British-Cypriot economist and Nobel...
Share on Facebook Share on LinkedIn Share on X

ARTEMIS Leads in AI-Powered Pentesting, Outperforming Human Experts

- December 13th, 2025

Stanford researchers and their colleagues conducted an unusual experiment: they compared the performance of ten professional specialists and a set of autonomous AI agents in a real-world corporate pentest. The...
Share on Facebook Share on LinkedIn Share on X

Apple Patches Critical WebKit Vulnerabilities in iOS Update

- December 13th, 2025

Following the discovery of two critical zero-day vulnerabilities in the WebKit browser engine, Apple has urgently released security updates for iPhone and iPad users. Both vulnerabilities reside in WebKit ,...
Share on Facebook Share on LinkedIn Share on X

Kali Linux 2025.4: Discover the Power of Wayland and Enhanced Security Tools

- December 12th, 2025

The recent 2025.4 release of Kali Linux has been made available to the public, introducing significant improvements to the GNOME, KDE, and Xfce desktop environments . From now on, Wayland...
Share on Facebook Share on LinkedIn Share on X

French Interior Ministry Hit by Cyberattack, Data Security at Risk

- December 12th, 2025

The French Ministry of the Interior's email servers were targeted by a cyberattack. The hacker managed to access "several files," but no "serious compromise" has been detected so far. The...
Share on Facebook Share on LinkedIn Share on X

IRS.GOV: alleged data breach affects the accounts of 18 million citizens

- December 12th, 2025

An alleged database containing sensitive information on 18 million U.S. citizens over 65 has appeared for sale on a popular dark web forum. The advertiser, who uses the pseudonym "Frenshyny,"...
Share on Facebook Share on LinkedIn Share on X

Amnesty International Launches .onion Site for Secure Access to Human Rights Info

- December 12th, 2025

Amnesty International has launched its own website, accessible via the .onion domain on the Tor network, offering a new secure channel for accessing the organization's information and research. The initiative,...
Share on Facebook Share on LinkedIn Share on X

NANOREMOTE Trojan Uses Google Drive for Command and Control

- December 12th, 2025

A new multifunctional Windows Trojan called NANOREMOTE uses a cloud file storage service as its command center , making the threat harder to detect and giving attackers a persistent channel...
Share on Facebook Share on LinkedIn Share on X

Microsoft Azure OAuth Attack: ConsentFix Malware Steals Accounts

- December 12th, 2025

A new scheme called " ConsentFix " expands the capabilities of the already known ClickFix social media attack and allows Microsoft accounts to be hijacked without a password or multi-factor...
Share on Facebook Share on LinkedIn Share on X

Linux Foundation Launches Agentic AI Foundation with Key Tech Players

- December 12th, 2025

The establishment of the Agentic AI Foundation (AAIF), a dedicated fund under the auspices of the Linux Foundation , was jointly announced by several leading companies in the field of...
Share on Facebook Share on LinkedIn Share on X

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Featured Articles

Immagine del sitoinnovation
NexPhone: Three operating systems in your pocket! The phone that challenges the very concept of a PC.
Redazione RHC - 23/01/2026

The question has been circulating for over ten years: can a smartphone really replace a computer? Over time, the industry has repeatedly attempted to provide a concrete answer, without ever reaching a definitive solution. From…

Immagine del sitoCybercrime
BlueNoroff: The Hacker Group Revolutionizing Cybercrime
Redazione RHC - 23/01/2026

The BlueNoroff hacker group has long since transformed cybercrime into a high-tech business, with tens of millions of dollars, cryptocurrency assets, and entire financial ecosystems at stake. A report by Picus Security details the group’s…

Immagine del sitoCybercrime
Nearly 2,000 bugs in 100 dating apps: How your data can be stolen
Redazione RHC - 23/01/2026

A study of 100 dating apps revealed a disturbing picture: nearly 2,000 vulnerabilities were detected, 17% of which were classified as critical. The analysis was conducted by AppSec Solutions. The study’s results were published by…

Immagine del sitoCybercrime
MacSync: The macOS malware that empties your wallet… after weeks
Redazione RHC - 23/01/2026

A new malware campaign has emerged in the macOS world, one that relies not on sophisticated exploits, but on good old-fashioned social engineering. It’s powered by the MacSync malware, distributed using the ” malware-as-a-service ”…

Immagine del sitoCybercrime
Larva-25012 Proxyjacking Campaign Targets South Korea with Notepad++ Malware
Redazione RHC - 22/01/2026

A sophisticated proxyjacking campaign is targeting systems in South Korea, attributed to the actor Larva-25012 , which distributes proxyware disguised as legitimate Notepad++ installers. The campaign demonstrates significant technical evolution, using process injection in explorer.exe…