Red Hot Cyber

Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.

Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.

LECS 320x100 1

LECS 970x120 1

Red Hot Cyber. The Cybersecurity Blog

Undertow Vulnerability CVE-2025-12543 Exposes Java Ecosystem to Critical Security Risks

Iran Protests Escalate as Reza Pahlavi Calls for Action Against Government

Veeam Backup Vulnerability: Critical RCE Flaw Discovered – Update Now

When Attack Discovery Becomes Automated, Detection Stops Scaling

CVE-2026-21858: n8n Vulnerability Exposes Thousands of Servers to RCE

Disable Windows 11 AI Features Easily with RemoveWindowsAI Tool

DevSecOps: Integrating Security into Your Development Process

WhatsApp Device Fingerprinting: New Measures Against Privacy Threats

PS5 BootROM Key Leaked, Sony’s Security Compromised

Windows 11 Performance Test: Surprising Results with Windows 8.1

Ultime news

SOAP Vulnerability in .NET Framework Allows Remote Code Execution

Cybercrime

SOAP Vulnerability in .NET Framework Allows Remote Code Execution

Security researchers have discovered a vulnerability in .NET that could affect several enterprise products and lead to remote code execution....

Redazione RHC - 14 December 2025

CVE-2025-55182 React Server Components Vulnerability Exploited

Cybercrime

CVE-2025-55182 React Server Components Vulnerability Exploited

A recent report from the Google Threat Intelligence Group (GTIG) illustrates the chaotic results of this information dissemination, highlighting how...

Redazione RHC - 13 December 2025

Top 25 Software Vulnerabilities 2025: MITRE CWE Ranking and Security Tips

Cybercrime

Top 25 Software Vulnerabilities 2025: MITRE CWE Ranking and Security Tips

MITRE has released its ranking of the 25 most dangerous software vulnerabilities predicted for 2025, based on data collected through...

Redazione RHC - 13 December 2025

The Future of Work: 4-Day Week with AI and Tech Advances

innovation

The Future of Work: 4-Day Week with AI and Tech Advances

The prospect of a four-day workweek, with a resulting three-day long weekend, may not be far off. This is according...

Redazione RHC - 13 December 2025

ARTEMIS Leads in AI-Powered Pentesting, Outperforming Human Experts

Hacking

ARTEMIS Leads in AI-Powered Pentesting, Outperforming Human Experts

Stanford researchers and their colleagues conducted an unusual experiment: they compared the performance of ten professional specialists and a set...

Redazione RHC - 13 December 2025

Apple Patches Critical WebKit Vulnerabilities in iOS Update

Vulnerability

Apple Patches Critical WebKit Vulnerabilities in iOS Update

Following the discovery of two critical zero-day vulnerabilities in the WebKit browser engine, Apple has urgently released security updates for...

Redazione RHC - 13 December 2025

« Precedente Successivo »

Cryptomixer Shut Down: Europol Cracks Down on $1.3B Bitcoin Mixing Service

Redazione RHC - December 2nd, 2025

Law enforcement agencies in Switzerland and Germany have reported the dismantling of Cryptomixer , a major mixing service operating since 2016 that helped criminals launder illicitly obtained funds. According to...

888 Data Leaker: Ryanair Breach Exposed

Luca Stivali - December 2nd, 2025

In the underground forum landscape, there are actors who operate episodically, seeking a single media hit, and others who build an almost industrial pipeline of compromises over time, releasing technical...

WiFi Network Security: Protect Against Hacking with WPA3 and ARP Spoofing

Francesco Demarcus - December 2nd, 2025

In today's environment, securing a network requires much more than setting a complex password. A cyber attack against a wireless network follows a structured path that evolves from passive monitoring...

ShadyPanda Malware Infects 4.3M Browsers with Chrome Edge Extensions

Redazione RHC - December 2nd, 2025

Researchers at Koi Security described a multi-stage operation called ShadyPanda . Over the course of seven years, attackers released seemingly useful extensions for Chrome and Edge, built up an audience...

The Dark Side of Internet Control: Durov’s Warning

Sandro Sana - December 2nd, 2025

Post 462 on Durov's official channel immediately went into “scream mode”: “ The end of the free internet. The free internet is becoming a tool of control .” No birthday...

Phishing Attacks Surge in Black Friday Season: Stay Vigilant

Redazione RHC - December 2nd, 2025

This year, too, cybercriminals are taking advantage of seasonal shopping periods to spread phishing websites and fraudulent promotions, aiming to steal personal information and payment details . Gaming platforms remain...

Human Washing Machine Launched: Japan’s Science Unveils Unique Device

Redazione RHC - December 1st, 2025

Japanese company Science has launched a washing machine for humans. The 2.30-meter-long capsule bathes a person in 15 minutes and attracted considerable interest at the recently concluded Osaka Expo. The...

Brazilian Systems Targeted in Sophisticated OAST Exploit Campaign

Redazione RHC - December 1st, 2025

Security researchers have discovered a sophisticated exploit campaign that leverages a private out-of-band application security testing (OAST) service hosted on Google Cloud infrastructure. The campaign primarily targets systems in Brazil...

Australian Man Jailed for Evil Twin Wi-Fi Scam Targeting Airline Passengers

Redazione RHC - December 1st, 2025

An Australian court has convicted a 44-year-old man who stole the personal data of airline passengers and airport visitors over several months . He was sentenced to seven years and...

KrakenBite Phishing Service Exposed

Redazione RHC - December 1st, 2025

The underground cybercrime market continues to evolve rapidly, fueled by specialized groups designing and selling tools for increasingly sophisticated digital scams. Among these, a particularly active player in recent weeks...

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Featured Articles

Immagine del sito

Cybercrime

Undertow Vulnerability CVE-2025-12543 Exposes Java Ecosystem to Critical Security Risks

Redazione RHC - 09/01/2026

A flaw has been discovered in the foundation of the Java web ecosystem. Undertow , the high-performance web server that powers enterprise heavyweights like WildFly and JBoss EAP , has been hit by a critical…

Immagine del sito

Cybercrime

Iran Protests Escalate as Reza Pahlavi Calls for Action Against Government

Redazione RHC - 09/01/2026

Iranian protesters chanted and marched through the streets until Friday morning, following a call from exiled former Prince Reza Pahlavi to demonstrate, despite the Iranian theocracy cutting off the country from the internet and international…

Immagine del sito

Cybercrime

Veeam Backup Vulnerability: Critical RCE Flaw Discovered – Update Now

Redazione RHC - 08/01/2026

Backups are generally considered the last line of defense, but this week Veeam reminded us that backup systems themselves can become entry points for attacks. The company released security updates for Backup & Replication ,…

Immagine del sito

Cybercrime

When Attack Discovery Becomes Automated, Detection Stops Scaling

Alexander Rogan - 08/01/2026

For much of the past two decades, cybersecurity has been built on a simple assumption: malicious activity can be detected, analysed, and responded to before meaningful damage occurs. This assumption shaped everything from SOC design…

Immagine del sito

Cybercrime

CVE-2026-21858: n8n Vulnerability Exposes Thousands of Servers to RCE

Redazione RHC - 08/01/2026

The vulnerability, identified as CVE-2026-21858, which we recently reported on, affects approximately 100,000 servers worldwide, threatening to expose proprietary API keys, customer databases, and AI workflows. The vulnerability, with a CVSS score of 10, has…