Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
Crowdstrike 320×100
Fortinet 970x120px

Red Hot Cyber. The Cybersecurity Blog

A $500 Tool Claims to Kill EDRs at Kernel Level: Inside the NtKiller Underground Ad
Webrat Malware Targets Security Researchers with GitHub Exploit Traps
A backdoor in NVIDIA code. Three 9.8 bugs plague AI and robotics development systems
La Poste Hit by Pro-Russian DDoS Attack During Peak Holiday Season
CVE-2025-47761: FortiClient VPN Zero-Day Exploit Lets Privilege Escalation
Critical MongoDB Vulnerability Exposed: CVE-2025-14847
RansomHouse Ransomware Upgraded: Enhanced Encryption Threat
Cyber Attacks on the Rise: Wiper Malware and Data Destruction in 2025
MS13-089 Ransomware: Double Extortion Without Encryption
Microsoft Shifts Activation Process: What It Means for Air-Gapped Systems
Previous Next

Ultime news

Chinese Cyber Spies Use Brickstorm Malware to Infiltrate Critical Networks Cybercrime

Chinese Cyber Spies Use Brickstorm Malware to Infiltrate Critical Networks

Chinese cyber spies have been lurking in the networks of critical organizations for years, infecting infrastructure with sophisticated malware and...
Redazione RHC - 5 December 2025
Splunk Enterprise Vulnerability: CVE-2025-20386 and CVE-2025-20387 Cybercrime

Splunk Enterprise Vulnerability: CVE-2025-20386 and CVE-2025-20387

Security researchers have discovered two high-risk vulnerabilities (CVE-2025-20386 and CVE-2025-20387, with CVSS severity 8.0) affecting the Splunk Enterprise platform and...
Redazione RHC - 5 December 2025
Apache HTTP Server Update Fixes Critical Security Vulnerabilities Cybercrime

Apache HTTP Server Update Fixes Critical Security Vulnerabilities

The Apache Software Foundation has released a significant update for its popular Apache HTTP Server , addressing a total of...
Redazione RHC - 5 December 2025
Cyber Insurance: Why Basic Hygiene Matters Cybercrime

Cyber Insurance: Why Basic Hygiene Matters

Cyber insurance has become a topic of discussion on management committees. It's no longer an add-on, but rather an essential...
Redazione RHC - 5 December 2025
Meta AI WhatsApp Investigation Cybercrime

Meta AI WhatsApp Investigation

Nine months after its implementation in Europe, Meta’s conversational artificial intelligence (AI) tool, integrated directly into WhatsApp, will be investigated...
Redazione RHC - 5 December 2025
Gulf States’ Digital Transformation: A New Era of Innovation and Security Cybercrime

Gulf States’ Digital Transformation: A New Era of Innovation and Security

It is a time of great geopolitical changes in the Gulf. It has been evident for some time that the...
Matteo Giada - 5 December 2025
« Precedente   Successivo »

Microsoft Blocks KMS38 Activation Method for Windows 10 and 11

- November 23rd, 2025

Users noticed that last week Microsoft developers disabled the offline activation method for Windows 11 and 10 via KMS38, which has been used by hackers around the world for years....
Share on Facebook Share on LinkedIn Share on X

Future prospects for computer science and technology graduates

- November 23rd, 2025

Artificial intelligence is changing the way recent computer science graduates approach the world of work. It's not about sudden job disappearances , but rather a transformation of entry-level roles in...
Share on Facebook Share on LinkedIn Share on X

ATMs targeted! Cybersecurity experts reveal an attack campaign targeting ATMs.

- November 23rd, 2025

Group-IB experts presented a detailed analysis of the long-running UNC2891 campaign, which demonstrated the continuing sophistication of ATM attack schemes. Attention focused on the Raspberry Pi, which the attackers used...
Share on Facebook Share on LinkedIn Share on X

Google Gemini Improves AI-Generated Image Verification

- November 23rd, 2025

Google has expanded the capabilities of its Gemini artificial intelligence service by adding a tool to the app and web version to check images for signs of automatic generation ....
Share on Facebook Share on LinkedIn Share on X

“We Want to Hack You Again!” NSO Group Rejects WhatsApp’s Pegasus Lawsuit

- November 22nd, 2025

Israeli company NSO Group has appealed a California federal court ruling that bars it from using WhatsApp's infrastructure to distribute its Pegasus surveillance software. The case, which has been ongoing...
Share on Facebook Share on LinkedIn Share on X

Oracle under attack: Pre-auth RCE vulnerability discovered that compromises entire systems

- November 22nd, 2025

A vulnerability, designated CVE-2025-61757, was made public by Searchlight Cyber last Thursday. Company researchers discovered the issue and notified Oracle, which led to its disclosure. Oracle fixed CVE-2025-61757 with the...
Share on Facebook Share on LinkedIn Share on X

CrowdStrike Insider Fired for Providing Sensitive Data to Criminal Hackers

- November 22nd, 2025

In recent months, the insider problem has become increasingly important for large companies , and one recent episode involved CrowdStrike. The cybersecurity firm has in fact removed an employee believed...
Share on Facebook Share on LinkedIn Share on X

Sysmon will finally be integrated into Windows 11 and Windows Server 2025 in 2026

- November 22nd, 2025

Microsoft has announced that it will integrate the popular Sysmon tool directly into Windows 11 and Windows Server 2025 in 2026. The announcement was made by Sysinternals creator Mark Russinovich....
Share on Facebook Share on LinkedIn Share on X

Sneaky2FA: The phishing scam that steals credentials with browser-in-the-browser attacks

- November 22nd, 2025

Push Security specialists have noticed that the Sneaky2FA phishing platform now supports browser-in-the-browser attacks, which allow the creation of fake login windows and the theft of credentials and sessions. Sneaky2FA...
Share on Facebook Share on LinkedIn Share on X

TamperedChef: Malware via Fake App Installers

- November 21st, 2025

The large-scale TamperedChef campaign is once again attracting the attention of specialists, as attackers continue to distribute malware via fake installers of popular applications. This scam, disguised as legitimate software,...
Share on Facebook Share on LinkedIn Share on X

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Featured Articles

Immagine del sitoCybercrime
A $500 Tool Claims to Kill EDRs at Kernel Level: Inside the NtKiller Underground Ad
Redazione RHC - 25/12/2025

An ad has surfaced on a closed underground forum frequented by malware operators and initial access brokers, attracting the attention of the cyber threat intelligence community. The post promotes “NtKiller,” a supposed “kernel-level” utility designed…

Immagine del sitoCybercrime
Webrat Malware Targets Security Researchers with GitHub Exploit Traps
Redazione RHC - 24/12/2025

There’s a specific moment, almost always at night, when curiosity overtakes caution. A newly opened repository, few stars but a success. very high score, the README file is well written enough to seem real. This…

Immagine del sitoCybercrime
A backdoor in NVIDIA code. Three 9.8 bugs plague AI and robotics development systems
Redazione RHC - 24/12/2025

When it comes to cybersecurity, you can never be too careful. Furthermore, when we talk about backdoors (or alleged ones), the question that follows is: who inserted them? Was it for maintenance purposes or for…

Immagine del sitoCybercrime
La Poste Hit by Pro-Russian DDoS Attack During Peak Holiday Season
Redazione RHC - 23/12/2025

According to internal sources at RedHotCyber , the digital offensive that is causing problems for the National Postal System in France has been officially claimed by the pro-Russian hacker collective NoName057(16). Analysts confirm that the…

Immagine del sitoVulnerability
CVE-2025-47761: FortiClient VPN Zero-Day Exploit Lets Privilege Escalation
Manuel Roccon - 23/12/2025

The following analysis examines the attack vector for CVE-2025-47761 , a vulnerability found in the Fortips_74.sys kernel driver used by FortiClient VPN for Windows. The core of the vulnerability lies in a mishandled IOCTL that…