Red Hot Cyber. The Cybersecurity Blog
Featured Articles

Israeli company NSO Group has appealed a California federal court ruling that bars it from using WhatsApp’s infrastructure to distribute its Pegasus surveillance software. The case, which has been o...

A vulnerability, designated CVE-2025-61757, was made public by Searchlight Cyber last Thursday. Company researchers discovered the issue and notified Oracle, which led to its disclosure. Oracle fixed ...

Microsoft has disclosed a critical vulnerability in SharePoint Online (discovered by RHC through our ongoing monitoring of critical CVEs on our portal), identified as CVE‑2025‑59245 , with a CVSS ...

The ransomware landscape is changing. The most exposed actors—LockBit, Hunters International, and Trigona—have paid the price for overexposure, including international operations, infiltrations, d...

A critical vulnerability, CVE-2025-9501, has been discovered in the popular WordPress plugin W3 Total Cache . This vulnerability allows the execution of arbitrary PHP commands on the server without au...
21 Years of Firefox: A History of Innovation and Independence
Hyundai subsidiary HAEA data breach: Sensitive information at risk
Malware is a ticking time bomb! The threat to Siemens S7 PLCs begins in 2027.
The Illicit Distribution of Intimate Images: A Threat to Women’s Freedom
Vault7 with a Chinese twist: China’s secret global surveillance system exposed
Whisper Leak: The New Side-Channel Attack That Steals Messages with LLMs

21 Years of Firefox: A History of Innovation and Independence
Redazione RHC - November 10th, 2025
November 9th marked the 21st anniversary of Firefox 1.0. In 2004, it was the first stable release of Mozilla's new browser, which quickly positioned itself as a simple and secure...

Hyundai subsidiary HAEA data breach: Sensitive information at risk
Redazione RHC - November 10th, 2025
HAEA, a subsidiary of South Korean Hyundai Motor Group and headquartered in California, USA, provides customized IT solutions and services for the automotive industry, particularly to Hyundai and Kia subsidiaries....

Malware is a ticking time bomb! The threat to Siemens S7 PLCs begins in 2027.
Redazione RHC - November 10th, 2025
Researchers discovered several libraries in the public NuGet registry containing code that will be activated in 2027 and 2028. The infected packages target three popular .NET data storage engines (Microsoft...

The Illicit Distribution of Intimate Images: A Threat to Women’s Freedom
Paolo Galdieri - November 10th, 2025
This is the fourth in a series of articles analyzing gender-based violence in the digital context, in anticipation of November 25, the International Day for the Elimination of Violence against...

Vault7 with a Chinese twist: China’s secret global surveillance system exposed
Redazione RHC - November 10th, 2025
Only the flag changes, but the result is always the same. In 2017, WikiLeaks published Vault7 , a leak that exposed the CIA's arsenal: toolkits for penetrating smartphones, smart TVs,...

Whisper Leak: The New Side-Channel Attack That Steals Messages with LLMs
Redazione RHC - November 10th, 2025
Microsoft has announced a new side-channel attack on remote language models. It allows a passive attacker, capable of viewing encrypted network traffic, to use artificial intelligence to determine the topic...
Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

