Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
Home
Beware of WhatsApp groups: An image can compromise your smartphone.-ServiceNow Under Attack: How an Email Can Open the Doors to Your Business-149 Million Accounts Exposed: The Database No One Should Have Seen-Shocking Discovery on Instagram: Private Posts Accessible Without Login!-Email Security Under Pressure: Phishing Kits to Double in 2025-Beware of WhatsApp groups: An image can compromise your smartphone.-ServiceNow Under Attack: How an Email Can Open the Doors to Your Business-149 Million Accounts Exposed: The Database No One Should Have Seen-Shocking Discovery on Instagram: Private Posts Accessible Without Login!-Email Security Under Pressure: Phishing Kits to Double in 2025
320x100 Itcentric
970x120 Olympous

Red Hot Cyber. The Cybersecurity Blog

    And let the phishing begin! Microsoft is taking action against a zero-day exploit already exploited in Office
    Pietro Melillo | Cyber News | 27/01/2026

    Once again, Microsoft was forced to quickly fix some flaws. The company has released unscheduled patches for Microsoft Office, addressing a dangerous zero-day vulnerability that has already been explo...

    When Malware Hides in Videos! The PixelCode Technique Breaks the Rules
    Marcello Filacchioni | Cybercrime | 26/01/2026

    PixelCode began as a research project exploring a hidden technique for storing binary data within images or videos . Instead of leaving a plaintext executable, the file is converted into pixel data, t...

    CISA alert: Exploit underway against VMware vCenter. Risk of RCE without authentication.
    Manuel Roccon | Cyber News | 25/01/2026

    The critical vulnerability recently added to the Cybersecurity and Infrastructure Security Agency (CISA) catalog of known exploited vulnerabilities (KEVs) affects the Broadcom VMware vCenter Server an...

    “I Stole 120,000 Bitcoins”: The Confession of the Bitfinex Hacker Who Now Wants to Defend Cyberspace
    Agostino Pellegrino | Cyber News | 25/01/2026

    The story ofIlya Lichtenstein, the hacker responsible for one of the largest cyber attacks ever carried out against cryptocurrencies, reads like an episode of a TV series, yet it is absolutely real. A...

    NoName057(16) hits Italy 487 times in the last 3 months: the DDoS wave does not stop
    Marcello Filacchioni | Cyber News | 24/01/2026

    Italy has confirmed itself as one of the main targets of the DDoS attack campaign carried out by the hacktivist group NoName057(16) . According to what was declared directly by the collective, our cou...

    BlueNoroff: The Hacker Group Revolutionizing Cybercrime
    Marcello Filacchioni | Cyber News | 23/01/2026

    The BlueNoroff hacker group has long since transformed cybercrime into a high-tech business, with tens of millions of dollars, cryptocurrency assets, and entire financial ecosystems at stake. A report...

    Nearly 2,000 bugs in 100 dating apps: How your data can be stolen
    Agostino Pellegrino | Cyber News | 23/01/2026

    A study of 100 dating apps revealed a disturbing picture: nearly 2,000 vulnerabilities were detected, 17% of which were classified as critical. The analysis was conducted by AppSec Solutions. The stud...

    MacSync: The macOS malware that empties your wallet… after weeks
    Massimiliano Brolli | Cyber News | 23/01/2026

    A new malware campaign has emerged in the macOS world, one that relies not on sophisticated exploits, but on good old-fashioned social engineering. It’s powered by the MacSync malware, distributed usi...

    PurpleBravo’s Contagious Interview: Malware Campaign Targets Global Firms
    Sandro Sana | Cyber News | 22/01/2026

    For over a year, the North Korean group PurpleBravo has been running a targeted malware campaign called “Contagious Interview,” using fake job interviews to attack companies in Europe, Asia, the Middl...

    KONNI Malware Targets Crypto Developers with AI-Powered Attacks
    Stefano Gazzella | Cyber News | 22/01/2026

    Check Point Research recently discovered a sophisticated phishing campaign orchestrated by KONNI , a threat group linked to North Korea . Historically focused on diplomatic targets in South Korea, the...

    Precedente Successivo

    Ultime news

    The Dark Side of Convenience: How Digital Payments Threaten Our Privacy Cybercrime

    The Dark Side of Convenience: How Digital Payments Threaten Our Privacy

    Five days in London, and I felt like I was living inside a permanent demo of the future. The sleek,...
    Sandro Sana - 31 December 2025
    Ransomware Attacks on the Rise: US Professionals Turn to Cybercrime Cyber News

    Ransomware Attacks on the Rise: US Professionals Turn to Cybercrime

    In the landscape of cybercrime investigations, some cases take on particular significance not only because of the extent of the...
    Pietro Melillo - 31 December 2025
    Apache StreamPipes Vulnerability: Update to Prevent Admin Takeover Cyber News

    Apache StreamPipes Vulnerability: Update to Prevent Admin Takeover

    Apache StreamPipes is an open-source platform for real-time data analysis and processing (streaming analytics) , designed especially for IoT, Industry...
    Massimiliano Brolli - 31 December 2025
    The Dark Side of Cybercrime: Human Costs and Consequences Cyber News

    The Dark Side of Cybercrime: Human Costs and Consequences

    By 2025, cybercrime will increasingly go beyond “just money”: attacks aren’t just about downtime bills and ransom payments , but...
    Stefano Gazzella - 31 December 2025
    OpenAI Hiring Chief Security Officer to Mitigate AI Risks Cyber News

    OpenAI Hiring Chief Security Officer to Mitigate AI Risks

    OpenAI, the developer of ChatGPT, has announced the search for a new Chief Security Officer . The position, with an...
    Redazione RHC - 30 December 2025
    Petlibro Vulnerabilities Exposed: Control Your Pet’s Safety Now Cyber News

    Petlibro Vulnerabilities Exposed: Control Your Pet’s Safety Now

    A series of vulnerabilities have been discovered in the popular Petlibro pet food vending ecosystem. In the worst-case scenario, these...
    Agostino Pellegrino - 30 December 2025
    « Precedente   Successivo »

    IRS.GOV: alleged data breach affects the accounts of 18 million citizens

    An alleged database containing sensitive information on 18 million U.S. citizens over 65 has appeared for sale on a popular dark web forum. The advertiser, who uses the pseudonym "Frenshyny,"...

    - December 12th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Amnesty International Launches .onion Site for Secure Access to Human Rights Info

    Amnesty International has launched its own website, accessible via the .onion domain on the Tor network, offering a new secure channel for accessing the organization's information and research. The initiative,...

    - December 12th, 2025

    Share on Facebook Share on LinkedIn Share on X

    NANOREMOTE Trojan Uses Google Drive for Command and Control

    A new multifunctional Windows Trojan called NANOREMOTE uses a cloud file storage service as its command center , making the threat harder to detect and giving attackers a persistent channel...

    - December 12th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Microsoft Azure OAuth Attack: ConsentFix Malware Steals Accounts

    A new scheme called " ConsentFix " expands the capabilities of the already known ClickFix social media attack and allows Microsoft accounts to be hijacked without a password or multi-factor...

    - December 12th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Linux Foundation Launches Agentic AI Foundation with Key Tech Players

    The establishment of the Agentic AI Foundation (AAIF), a dedicated fund under the auspices of the Linux Foundation , was jointly announced by several leading companies in the field of...

    - December 12th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Disney Invests $1 Billion in OpenAI for Sora Video Deal

    Disney will invest $1 billion in OpenAI and officially license its characters for use in its Sora video generator. The deal comes amid a heated debate in Hollywood over how...

    - December 12th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Microsoft 365 Okta Phishing Attack: Experts Warn of New Threat

    A recent study by Datadog Security Labs reveals an ongoing operation targeting organizations using Microsoft 365 and Okta for single sign-on (SSO) authentication. This operation uses sophisticated techniques to bypass...

    - December 12th, 2025

    Share on Facebook Share on LinkedIn Share on X

    React Server Components Vulnerability: Update to Prevent DoS Attacks

    The React Server component security saga continues this week. Following the patching of a critical remote code execution (RCE) vulnerability that led to React2shell, researchers have discovered two new vulnerabilities....

    - December 12th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Critical Windows PowerShell Vulnerability CVE-2025-54100: Update Now

    An urgent security update has been released to address a critical vulnerability in Windows PowerShell that allows attackers to execute malicious code on affected systems. This security flaw, designated CVE-2025-54100,...

    - December 12th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Telegram Losing Ground to Crackdown on Cybercrime Activities

    Telegram, which over the course of its history has become one of the most popular messaging apps in the world, is gradually losing its status as a convenient platform for...

    - December 12th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

    Featured Articles

    Immagine del sitoCyber News
    And let the phishing begin! Microsoft is taking action against a zero-day exploit already exploited in Office
    Pietro Melillo - 27/01/2026

    Once again, Microsoft was forced to quickly fix some flaws. The company has released unscheduled patches for Microsoft Office, addressing a dangerous zero-day vulnerability that has already been exploited in cyberattacks. The issue, identified as…

    Immagine del sitoCyber News
    ServiceNow Under Attack: How an Email Can Open the Doors to Your Business
    Redazione RHC - 27/01/2026

    The recent discovery of a vulnerability in ServiceNow’s AI platform has shaken the cybersecurity industry. This flaw, characterized by an extremely high severity score, allowed unauthenticated attackers to impersonate any corporate user. To launch the…

    Immagine del sitoCybercrime
    149 Million Accounts Exposed: The Database No One Should Have Seen
    Redazione RHC - 26/01/2026

    A recent leak revealed 149 million logins and passwords exposed online , including accounts for financial services, social media, gaming, and dating sites. The discovery was made by researcher Jeremiah Fowler and shared with ExpressVPN.…

    Immagine del sitoCybercrime
    When Malware Hides in Videos! The PixelCode Technique Breaks the Rules
    Marcello Filacchioni - 26/01/2026

    PixelCode began as a research project exploring a hidden technique for storing binary data within images or videos . Instead of leaving a plaintext executable, the file is converted into pixel data, transforming each byte…

    Immagine del sitoCyber News
    How a simple Visual Studio Code file can become a backdoor for state-run hackers
    Redazione RHC - 26/01/2026

    Security researchers have recently observed a worrying evolution in the offensive tactics attributed to North Korean-linked actors as part of the campaign known as Contagious Interview : no longer simple fake job interview scams, but…