Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
LECS 320x100 1
Crowdstriker 970×120

Red Hot Cyber. The Cybersecurity Blog

NexPhone: Three operating systems in your pocket! The phone that challenges the very concept of a PC.
BlueNoroff: The Hacker Group Revolutionizing Cybercrime
Nearly 2,000 bugs in 100 dating apps: How your data can be stolen
MacSync: The macOS malware that empties your wallet… after weeks
Larva-25012 Proxyjacking Campaign Targets South Korea with Notepad++ Malware
PurpleBravo’s Contagious Interview: Malware Campaign Targets Global Firms
KONNI Malware Targets Crypto Developers with AI-Powered Attacks
Fortinet FortiOS Vulnerability Exploited: CVE-2025-59718 Patch Bypass
Cisco Zero-Day Vulnerability CVE-2026-20045 Actively Exploited
Red Hot Cyber and Hack The Box: together for the CTF at the RHC 2026 conference
Previous Next

Ultime news

Uzbekistan License Plate Surveillance System Exposed Online Cybercrime

Uzbekistan License Plate Surveillance System Exposed Online

Cybersecurity specialist Anurag Sen discovered that Uzbekistan's license plate recognition system database was freely accessible online: anyone could access all...
Redazione RHC - 27 December 2025
Interpol Operation Sentinel Cracks Down on Cybercrime with 574 Arrests Cybercrime

Interpol Operation Sentinel Cracks Down on Cybercrime with 574 Arrests

Interpol conducted Operation Sentinel, an international operation that resulted in the arrest of 574 people and the recovery of $3...
Redazione RHC - 27 December 2025
Villager Framework: AI-Powered Penetration Testing Tool Cybercrime

Villager Framework: AI-Powered Penetration Testing Tool

Straiker's AI Research (STAR) team has identified Villager, a native AI-based penetration testing framework developed by the Chinese group Cyberspike...
Redazione RHC - 26 December 2025
TIME’s Machine of the Year: How Personal Computer Changed Society Culture

TIME’s Machine of the Year: How Personal Computer Changed Society

TIME magazine's selection of a "Person of the Year" is a tradition dating back to 1927, when the award was...
Redazione RHC - 26 December 2025
Livewire Vulnerability Exposed: 130k Apps at Risk of Remote Code Execution Cybercrime

Livewire Vulnerability Exposed: 130k Apps at Risk of Remote Code Execution

An in-depth security analysis of Livewire , an essential framework for developing dynamic interfaces in Laravel, has revealed a significant...
Redazione RHC - 26 December 2025
Microsoft Boosts BitLocker with Hardware Acceleration for Enhanced Security Cybercrime

Microsoft Boosts BitLocker with Hardware Acceleration for Enhanced Security

Over the years, Microsoft has strived to keep BitLocker's performance impact within reasonable limits, historically below double digits. The goal...
Redazione RHC - 25 December 2025
« Precedente   Successivo »

Uncovering Russia’s Cyber Operations: CISM’s Role in DDoS Attacks

- December 11th, 2025

What we wrote in the article " Patriotic Code: from DDoSia and NoName057(16) to CISM, the algorithm that shapes youth for Putin " on Red Hot Cyber on July 23rd...
Share on Facebook Share on LinkedIn Share on X

Microsoft Outlook RCE Vulnerability: Update Now to Prevent Attacks

- December 11th, 2025

A critical remote code execution (RCE) vulnerability in Outlook has been patched by Microsoft, potentially allowing attackers to run malicious code on vulnerable systems. The vulnerability, tracked under CVE-2025-62562, stems...
Share on Facebook Share on LinkedIn Share on X

Google Chrome Urgent Update Fixes Zero-Day Vulnerability

- December 11th, 2025

An urgent update has been released by Google for the stable version of the Desktop browser, in order to address an extremely serious vulnerability that is currently being exploited. This...
Share on Facebook Share on LinkedIn Share on X

EtherRAT Malware Exploits React2Shell Vulnerability with Ethereum C2

- December 11th, 2025

Just two days after the critical React2Shell vulnerability was discovered, Sysdig researchers discovered a new malware, EtherRAT, in a compromised Next.js application. The malware uses Ethereum smart contracts for communication...
Share on Facebook Share on LinkedIn Share on X

Is QDay approaching? QuantWare presents its 10,000-qubit quantum processor

- December 10th, 2025

The world of quantum technology has made an impressive leap forward: QuantWare has unveiled the world's first 10,000-qubit processor, 100 times more than any existing device . Furthermore, the new...
Share on Facebook Share on LinkedIn Share on X

Ivanti Endpoint Manager Vulnerabilities: Update Now to Prevent RCE

- December 10th, 2025

Ivanti has released an urgent update for its Endpoint Manager (EPM) platform, addressing a set of significant vulnerabilities that could allow attackers to execute code of their choosing or hijack...
Share on Facebook Share on LinkedIn Share on X

Malicious VSCode Extensions Steal Crypto Wallets and Browser Sessions

- December 10th, 2025

Two malicious extensions have been discovered that infect developers' computers with stealer programs on Microsoft's Visual Studio Code marketplace. The malware can take screenshots, steal passwords and cryptocurrency wallets, and...
Share on Facebook Share on LinkedIn Share on X

Windows Cloud Files Mini Filter Vulnerability Under Active Exploitation

- December 10th, 2025

A zero-day vulnerability in the Windows Cloud Files Mini Filter driver (cldflt.sys) is currently being actively exploited. Microsoft has released urgent security updates to address this vulnerability. The vulnerability is...
Share on Facebook Share on LinkedIn Share on X

The Dark Side of AI: How Technology is Being Used to Control Humans

- December 10th, 2025

Cory Doctorow says it with the clarity of someone who has studied the consequences of digital capitalism for years: AI, as it's sold today, isn't about enhancing humans. It's about...
Share on Facebook Share on LinkedIn Share on X

Gartner Warns: AI-Powered Browsers Pose Significant Security Risks to Businesses

- December 10th, 2025

Gartner analysts have urged businesses to temporarily stop using browsers with built-in artificial intelligence (AI) capabilities . In a recent advisory, the company emphasizes that such tools pose unnecessary risks...
Share on Facebook Share on LinkedIn Share on X

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Featured Articles

Immagine del sitoinnovation
NexPhone: Three operating systems in your pocket! The phone that challenges the very concept of a PC.
Redazione RHC - 23/01/2026

The question has been circulating for over ten years: can a smartphone really replace a computer? Over time, the industry has repeatedly attempted to provide a concrete answer, without ever reaching a definitive solution. From…

Immagine del sitoCybercrime
BlueNoroff: The Hacker Group Revolutionizing Cybercrime
Redazione RHC - 23/01/2026

The BlueNoroff hacker group has long since transformed cybercrime into a high-tech business, with tens of millions of dollars, cryptocurrency assets, and entire financial ecosystems at stake. A report by Picus Security details the group’s…

Immagine del sitoCybercrime
Nearly 2,000 bugs in 100 dating apps: How your data can be stolen
Redazione RHC - 23/01/2026

A study of 100 dating apps revealed a disturbing picture: nearly 2,000 vulnerabilities were detected, 17% of which were classified as critical. The analysis was conducted by AppSec Solutions. The study’s results were published by…

Immagine del sitoCybercrime
MacSync: The macOS malware that empties your wallet… after weeks
Redazione RHC - 23/01/2026

A new malware campaign has emerged in the macOS world, one that relies not on sophisticated exploits, but on good old-fashioned social engineering. It’s powered by the MacSync malware, distributed using the ” malware-as-a-service ”…

Immagine del sitoCybercrime
Larva-25012 Proxyjacking Campaign Targets South Korea with Notepad++ Malware
Redazione RHC - 22/01/2026

A sophisticated proxyjacking campaign is targeting systems in South Korea, attributed to the actor Larva-25012 , which distributes proxyware disguised as legitimate Notepad++ installers. The campaign demonstrates significant technical evolution, using process injection in explorer.exe…