Red Hot Cyber. The Cybersecurity Blog
Featured Articles
Users noticed that last week Microsoft developers disabled the offline activation method for Windows 11 and 10 via KMS38, which has been used by hackers around the world for years. However, the offici...
Group-IB experts presented a detailed analysis of the long-running UNC2891 campaign, which demonstrated the continuing sophistication of ATM attack schemes. Attention focused on the Raspberry Pi, whic...
Israeli company NSO Group has appealed a California federal court ruling that bars it from using WhatsApp’s infrastructure to distribute its Pegasus surveillance software. The case, which has been o...
A vulnerability, designated CVE-2025-61757, was made public by Searchlight Cyber last Thursday. Company researchers discovered the issue and notified Oracle, which led to its disclosure. Oracle fixed ...
Microsoft has disclosed a critical vulnerability in SharePoint Online (discovered by RHC through our ongoing monitoring of critical CVEs on our portal), identified as CVE‑2025‑59245 , with a CVSS ...
Hyundai subsidiary HAEA data breach: Sensitive information at risk
Malware is a ticking time bomb! The threat to Siemens S7 PLCs begins in 2027.
The Illicit Distribution of Intimate Images: A Threat to Women’s Freedom
Vault7 with a Chinese twist: China’s secret global surveillance system exposed
Whisper Leak: The New Side-Channel Attack That Steals Messages with LLMs
QNAP fixes 7 critical NAS bugs discovered at Pwn2Own Ireland 2025
Hyundai subsidiary HAEA data breach: Sensitive information at risk
Redazione RHC - November 10th, 2025
HAEA, a subsidiary of South Korean Hyundai Motor Group and headquartered in California, USA, provides customized IT solutions and services for the automotive industry, particularly to Hyundai and Kia subsidiaries....
Malware is a ticking time bomb! The threat to Siemens S7 PLCs begins in 2027.
Redazione RHC - November 10th, 2025
Researchers discovered several libraries in the public NuGet registry containing code that will be activated in 2027 and 2028. The infected packages target three popular .NET data storage engines (Microsoft...
The Illicit Distribution of Intimate Images: A Threat to Women’s Freedom
Paolo Galdieri - November 10th, 2025
This is the fourth in a series of articles analyzing gender-based violence in the digital context, in anticipation of November 25, the International Day for the Elimination of Violence against...
Vault7 with a Chinese twist: China’s secret global surveillance system exposed
Redazione RHC - November 10th, 2025
Only the flag changes, but the result is always the same. In 2017, WikiLeaks published Vault7 , a leak that exposed the CIA's arsenal: toolkits for penetrating smartphones, smart TVs,...
Whisper Leak: The New Side-Channel Attack That Steals Messages with LLMs
Redazione RHC - November 10th, 2025
Microsoft has announced a new side-channel attack on remote language models. It allows a passive attacker, capable of viewing encrypted network traffic, to use artificial intelligence to determine the topic...
QNAP fixes 7 critical NAS bugs discovered at Pwn2Own Ireland 2025
Redazione RHC - November 10th, 2025
QNAP has fixed seven critical zero-day vulnerabilities in its Network Attached Storage (NAS) operating systems after a group of researchers successfully exploited them at Pwn2Own Ireland 2025 , held in...
Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE