Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
Redhotcyber Banner Sito 320x100px Uscita 101125
970x120

Red Hot Cyber. The Cybersecurity Blog

Apple Supply Chain Hit by Cyberattack: Sensitive Data at Risk
Browser-in-the-Browser Phishing Attack: How to Protect Yourself
Critical WebKit Vulnerability Exposes iOS Devices to Code Execution
Xspeeder Devices Hit by AI-Discovered Zero-Day Vulnerability CVE-2025-54322
Job Scams on Social Media: How to Avoid Fake Remote Job Offers
Cyber Criminals Recruit Insiders: Companies at Risk of Internal Threats
Villager Framework: AI-Powered Penetration Testing Tool
A $500 Tool Claims to Kill EDRs at Kernel Level: Inside the NtKiller Underground Ad
Webrat Malware Targets Security Researchers with GitHub Exploit Traps
A backdoor in NVIDIA code. Three 9.8 bugs plague AI and robotics development systems
Previous Next

Ultime news

React2Shell Vulnerability Exploited by China-Linked Hackers, Patch Now Cybercrime

React2Shell Vulnerability Exploited by China-Linked Hackers, Patch Now

We often discuss on this site that the window between the publication of an exploit and the launch of active...
Redazione RHC - 6 December 2025
FreeBSD 15.0: Discover the Power of This Unix-like Operating System Cybercrime

FreeBSD 15.0: Discover the Power of This Unix-like Operating System

Behind many of the digital applications and services we take for granted every day lies a silent giant: FreeBSD ....
Redazione RHC - 6 December 2025
Cloudflare Blocks AI Bots: The Future of Internet Economy at Stake Cybercrime

Cloudflare Blocks AI Bots: The Future of Internet Economy at Stake

Since July 1st, Cloudflare has blocked 416 billion requests from artificial intelligence bots attempting to extract content from its customers'...
Redazione RHC - 5 December 2025
React2Shell Vulnerability: 8.7M Servers at Risk – CVE-2025-55182 Cybercrime

React2Shell Vulnerability: 8.7M Servers at Risk – CVE-2025-55182

In 2025, the IT and security communities are buzzing with excitement over a single name: " React2Shell ." With the...
Redazione RHC - 5 December 2025
Cloudflare Just Broke the Internet… Again. Centralization Risks Exposed Cybercrime

Cloudflare Just Broke the Internet… Again. Centralization Risks Exposed

Cloudflare is back in the spotlight after a new wave of outages that, on December 5, 2025, is affecting several...
Redazione RHC - 5 December 2025
Chinese Cyber Spies Use Brickstorm Malware to Infiltrate Critical Networks Cybercrime

Chinese Cyber Spies Use Brickstorm Malware to Infiltrate Critical Networks

Chinese cyber spies have been lurking in the networks of critical organizations for years, infecting infrastructure with sophisticated malware and...
Redazione RHC - 5 December 2025
« Precedente   Successivo »

Google Gemini Improves AI-Generated Image Verification

- November 23rd, 2025

Google has expanded the capabilities of its Gemini artificial intelligence service by adding a tool to the app and web version to check images for signs of automatic generation ....
Share on Facebook Share on LinkedIn Share on X

“We Want to Hack You Again!” NSO Group Rejects WhatsApp’s Pegasus Lawsuit

- November 22nd, 2025

Israeli company NSO Group has appealed a California federal court ruling that bars it from using WhatsApp's infrastructure to distribute its Pegasus surveillance software. The case, which has been ongoing...
Share on Facebook Share on LinkedIn Share on X

Oracle under attack: Pre-auth RCE vulnerability discovered that compromises entire systems

- November 22nd, 2025

A vulnerability, designated CVE-2025-61757, was made public by Searchlight Cyber last Thursday. Company researchers discovered the issue and notified Oracle, which led to its disclosure. Oracle fixed CVE-2025-61757 with the...
Share on Facebook Share on LinkedIn Share on X

CrowdStrike Insider Fired for Providing Sensitive Data to Criminal Hackers

- November 22nd, 2025

In recent months, the insider problem has become increasingly important for large companies , and one recent episode involved CrowdStrike. The cybersecurity firm has in fact removed an employee believed...
Share on Facebook Share on LinkedIn Share on X

Sysmon will finally be integrated into Windows 11 and Windows Server 2025 in 2026

- November 22nd, 2025

Microsoft has announced that it will integrate the popular Sysmon tool directly into Windows 11 and Windows Server 2025 in 2026. The announcement was made by Sysinternals creator Mark Russinovich....
Share on Facebook Share on LinkedIn Share on X

Sneaky2FA: The phishing scam that steals credentials with browser-in-the-browser attacks

- November 22nd, 2025

Push Security specialists have noticed that the Sneaky2FA phishing platform now supports browser-in-the-browser attacks, which allow the creation of fake login windows and the theft of credentials and sessions. Sneaky2FA...
Share on Facebook Share on LinkedIn Share on X

TamperedChef: Malware via Fake App Installers

- November 21st, 2025

The large-scale TamperedChef campaign is once again attracting the attention of specialists, as attackers continue to distribute malware via fake installers of popular applications. This scam, disguised as legitimate software,...
Share on Facebook Share on LinkedIn Share on X

Whoever took down Cloudflare during the outage put their infrastructure at risk

- November 21st, 2025

A major outage in Cloudflare's infrastructure has unexpectedly tested the robustness of the cloud and its security systems for many businesses. On November 18, service outages caused websites around the...
Share on Facebook Share on LinkedIn Share on X

Critical Vulnerability in Azure Bastion Scores 10! When RDP and SSH in the Cloud Are Checkmated

- November 21st, 2025

An authentication bypass vulnerability has been discovered in Azure Bastion , Microsoft's managed service that enables secure RDP and SSH connections to virtual machines in Azure without directly exposing them...
Share on Facebook Share on LinkedIn Share on X

Risk averted for millions of Microsoft users! The critical vulnerability in Microsoft SharePoint 9.8

- November 21st, 2025

Microsoft has disclosed a critical vulnerability in SharePoint Online (discovered by RHC through our ongoing monitoring of critical CVEs on our portal), identified as CVE‑2025‑59245 , with a CVSS v3.1...
Share on Facebook Share on LinkedIn Share on X

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Featured Articles

Immagine del sitoCybercrime
Apple Supply Chain Hit by Cyberattack: Sensitive Data at Risk
Redazione RHC - 30/12/2025

During the first half of December, a Chinese company assembling devices for Apple was hit by an advanced cyberattack that may have exposed sensitive information related to a production line. The incident was reported by…

Immagine del sitoCybercrime
Browser-in-the-Browser Phishing Attack: How to Protect Yourself
Manuel Roccon - 29/12/2025

This article analyzes a recent and sophisticated phishing campaign that uses the Browser-in-the-Browser (BitB) technique to steal credentials, particularly those from services like Microsoft 365. The BitB attack is notable for its ability to generate…

Immagine del sitoCybercrime
Critical WebKit Vulnerability Exposes iOS Devices to Code Execution
Redazione RHC - 29/12/2025

A new report details a critical vulnerability discovered by security researcher Joseph Goydish in Apple’s WebKit engine. This security flaw, if exploited in conjunction with other exploits, could allow attackers to execute arbitrary code on…

Immagine del sitoCybercrime
Xspeeder Devices Hit by AI-Discovered Zero-Day Vulnerability CVE-2025-54322
Redazione RHC - 29/12/2025

When it comes to cybersecurity, it’s easy to fall into the trap of thinking that problems are always far away, that they only affect others. But the reality is that a vulnerability is always around…

Immagine del sitoCybercrime
Job Scams on Social Media: How to Avoid Fake Remote Job Offers
Redazione RHC - 29/12/2025

Fraudulent job ads promising easy money and remote work continue to flood social media, particularly in the Middle East and North Africa . Under the guise of part-time jobs that require no experience , scammers…