Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
HackTheBox 320x100 1
Redhotcyber Banner Sito 970x120px Uscita 101125

Red Hot Cyber. The Cybersecurity Blog

Larva-25012 Proxyjacking Campaign Targets South Korea with Notepad++ Malware
PurpleBravo’s Contagious Interview: Malware Campaign Targets Global Firms
KONNI Malware Targets Crypto Developers with AI-Powered Attacks
Fortinet FortiOS Vulnerability Exploited: CVE-2025-59718 Patch Bypass
Cisco Zero-Day Vulnerability CVE-2026-20045 Actively Exploited
Red Hot Cyber and Hack The Box: together for the CTF at the RHC 2026 conference
Everest Ransomware Attacks McDonald’s, 861GB Data Stolen
ESXi Zero-Day Exploit: How to Protect Your VMware Environment
Google Fast Pair Vulnerability: WhisperPair Exposes Millions of Devices
Elon Musk Sues OpenAI for $134 Billion Over AI Betrayal
Previous Next

Ultime news

UK Boosts Subsea Cable Protection with Autonomous Vessels Cybercrime

UK Boosts Subsea Cable Protection with Autonomous Vessels

The UK government has announced plans to strengthen the protection of undersea cables using autonomous vessels. Military ships and aircraft...
Redazione RHC - 28 December 2025
China’s Humanoid Robot Industry Booms with UBtech’s Walker S2 innovation

China’s Humanoid Robot Industry Booms with UBtech’s Walker S2

A video, hundreds of humanoid robots, and a reaction that went viral. When UBtech demonstrated its S2 Walkers moving in...
Redazione RHC - 28 December 2025
Cyber Criminals Recruit Insiders: Companies at Risk of Internal Threats Cybercrime

Cyber Criminals Recruit Insiders: Companies at Risk of Internal Threats

The cybercriminal community is rapidly increasing its interest in recruiting personnel from within companies . Instead of sophisticated external attacks,...
Redazione RHC - 27 December 2025
US Data Center Battery Dependency: A Growing Concern for AI and Defense Cybercrime

US Data Center Battery Dependency: A Growing Concern for AI and Defense

In Northern Virginia, along what has come to be called the “data center corridor,” stand massive, windowless facilities that form...
Redazione RHC - 27 December 2025
Uzbekistan License Plate Surveillance System Exposed Online Cybercrime

Uzbekistan License Plate Surveillance System Exposed Online

Cybersecurity specialist Anurag Sen discovered that Uzbekistan's license plate recognition system database was freely accessible online: anyone could access all...
Redazione RHC - 27 December 2025
Interpol Operation Sentinel Cracks Down on Cybercrime with 574 Arrests Cybercrime

Interpol Operation Sentinel Cracks Down on Cybercrime with 574 Arrests

Interpol conducted Operation Sentinel, an international operation that resulted in the arrest of 574 people and the recovery of $3...
Redazione RHC - 27 December 2025
« Precedente   Successivo »

Microsoft Azure OAuth Attack: ConsentFix Malware Steals Accounts

- December 12th, 2025

A new scheme called " ConsentFix " expands the capabilities of the already known ClickFix social media attack and allows Microsoft accounts to be hijacked without a password or multi-factor...
Share on Facebook Share on LinkedIn Share on X

Linux Foundation Launches Agentic AI Foundation with Key Tech Players

- December 12th, 2025

The establishment of the Agentic AI Foundation (AAIF), a dedicated fund under the auspices of the Linux Foundation , was jointly announced by several leading companies in the field of...
Share on Facebook Share on LinkedIn Share on X

Disney Invests $1 Billion in OpenAI for Sora Video Deal

- December 12th, 2025

Disney will invest $1 billion in OpenAI and officially license its characters for use in its Sora video generator. The deal comes amid a heated debate in Hollywood over how...
Share on Facebook Share on LinkedIn Share on X

Microsoft 365 Okta Phishing Attack: Experts Warn of New Threat

- December 12th, 2025

A recent study by Datadog Security Labs reveals an ongoing operation targeting organizations using Microsoft 365 and Okta for single sign-on (SSO) authentication. This operation uses sophisticated techniques to bypass...
Share on Facebook Share on LinkedIn Share on X

React Server Components Vulnerability: Update to Prevent DoS Attacks

- December 12th, 2025

The React Server component security saga continues this week. Following the patching of a critical remote code execution (RCE) vulnerability that led to React2shell, researchers have discovered two new vulnerabilities....
Share on Facebook Share on LinkedIn Share on X

Critical Windows PowerShell Vulnerability CVE-2025-54100: Update Now

- December 12th, 2025

An urgent security update has been released to address a critical vulnerability in Windows PowerShell that allows attackers to execute malicious code on affected systems. This security flaw, designated CVE-2025-54100,...
Share on Facebook Share on LinkedIn Share on X

Telegram Losing Ground to Crackdown on Cybercrime Activities

- December 12th, 2025

Telegram, which over the course of its history has become one of the most popular messaging apps in the world, is gradually losing its status as a convenient platform for...
Share on Facebook Share on LinkedIn Share on X

Notepad++ Vulnerability Fixed: Update to 8.8.9 to Avoid Malware

- December 11th, 2025

Notepad++ is often targeted by attackers because the software is popular and widely used. A recently discovered vulnerability in the open-source text and code editor Notepad++ could allow attackers to...
Share on Facebook Share on LinkedIn Share on X

NetSupport RAT Malware Campaign Uncovered: Expert Analysis

- December 11th, 2025

Securonix specialists have discovered a multi-layered malware campaign aimed at secretly installing the NetSupport RAT remote access tool . The attack involves a series of carefully hidden stages, each designed...
Share on Facebook Share on LinkedIn Share on X

Digital Stress: How to Achieve Balance in a Hyper-Connected World

- December 11th, 2025

We live in dissociation: we praise work-life balance, yet we find ourselves constantly online, like puppets on invisible strings. The real problem is not technology, but how we, humans, respond...
Share on Facebook Share on LinkedIn Share on X

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Featured Articles

Immagine del sitoCybercrime
Larva-25012 Proxyjacking Campaign Targets South Korea with Notepad++ Malware
Redazione RHC - 22/01/2026

A sophisticated proxyjacking campaign is targeting systems in South Korea, attributed to the actor Larva-25012 , which distributes proxyware disguised as legitimate Notepad++ installers. The campaign demonstrates significant technical evolution, using process injection in explorer.exe…

Immagine del sitoCybercrime
PurpleBravo’s Contagious Interview: Malware Campaign Targets Global Firms
Redazione RHC - 22/01/2026

For over a year, the North Korean group PurpleBravo has been running a targeted malware campaign called “Contagious Interview,” using fake job interviews to attack companies in Europe, Asia, the Middle East, and Central America.…

Immagine del sitoCybercrime
KONNI Malware Targets Crypto Developers with AI-Powered Attacks
Redazione RHC - 22/01/2026

Check Point Research recently discovered a sophisticated phishing campaign orchestrated by KONNI , a threat group linked to North Korea . Historically focused on diplomatic targets in South Korea, the malicious actor has now expanded…

Immagine del sitoCybercrime
Fortinet FortiOS Vulnerability Exploited: CVE-2025-59718 Patch Bypass
Redazione RHC - 22/01/2026

Attackers are exploiting a previously patched critical FortiGate authentication flaw (CVE-2025-59718) through a patch bypass method to breach protected firewalls, as Fortinet customers are experiencing. Fortinet reportedly plans to soon release FortiOS versions 7.4.11, 7.6.6,…

Immagine del sitoCybercrime
Cisco Zero-Day Vulnerability CVE-2026-20045 Actively Exploited
Redazione RHC - 22/01/2026

A critical zero-day remote code execution (RCE) vulnerability, identified as CVE-2026-20045, has been discovered by Cisco and is being actively exploited in active attacks. Cisco has urged immediate patching, and its Product Security Incident Response…