Red Hot Cyber. The Cybersecurity Blog
And let the phishing begin! Microsoft is taking action against a zero-day exploit already exploited in Office
Once again, Microsoft was forced to quickly fix some flaws. The company has released unscheduled patches for Microsoft Office, addressing a dangerous zero-day vulnerability that has already been explo...
When Malware Hides in Videos! The PixelCode Technique Breaks the Rules
PixelCode began as a research project exploring a hidden technique for storing binary data within images or videos . Instead of leaving a plaintext executable, the file is converted into pixel data, t...
CISA alert: Exploit underway against VMware vCenter. Risk of RCE without authentication.
The critical vulnerability recently added to the Cybersecurity and Infrastructure Security Agency (CISA) catalog of known exploited vulnerabilities (KEVs) affects the Broadcom VMware vCenter Server an...
“I Stole 120,000 Bitcoins”: The Confession of the Bitfinex Hacker Who Now Wants to Defend Cyberspace
The story ofIlya Lichtenstein, the hacker responsible for one of the largest cyber attacks ever carried out against cryptocurrencies, reads like an episode of a TV series, yet it is absolutely real. A...
NoName057(16) hits Italy 487 times in the last 3 months: the DDoS wave does not stop
Italy has confirmed itself as one of the main targets of the DDoS attack campaign carried out by the hacktivist group NoName057(16) . According to what was declared directly by the collective, our cou...
BlueNoroff: The Hacker Group Revolutionizing Cybercrime
The BlueNoroff hacker group has long since transformed cybercrime into a high-tech business, with tens of millions of dollars, cryptocurrency assets, and entire financial ecosystems at stake. A report...
Nearly 2,000 bugs in 100 dating apps: How your data can be stolen
A study of 100 dating apps revealed a disturbing picture: nearly 2,000 vulnerabilities were detected, 17% of which were classified as critical. The analysis was conducted by AppSec Solutions. The stud...
MacSync: The macOS malware that empties your wallet… after weeks
A new malware campaign has emerged in the macOS world, one that relies not on sophisticated exploits, but on good old-fashioned social engineering. It’s powered by the MacSync malware, distributed usi...
PurpleBravo’s Contagious Interview: Malware Campaign Targets Global Firms
For over a year, the North Korean group PurpleBravo has been running a targeted malware campaign called “Contagious Interview,” using fake job interviews to attack companies in Europe, Asia, the Middl...
KONNI Malware Targets Crypto Developers with AI-Powered Attacks
Check Point Research recently discovered a sophisticated phishing campaign orchestrated by KONNI , a threat group linked to North Korea . Historically focused on diplomatic targets in South Korea, the...
Ultime news
The Dark Side of Convenience: How Digital Payments Threaten Our Privacy
Ransomware Attacks on the Rise: US Professionals Turn to Cybercrime
Apache StreamPipes Vulnerability: Update to Prevent Admin Takeover
The Dark Side of Cybercrime: Human Costs and Consequences
OpenAI Hiring Chief Security Officer to Mitigate AI Risks
Petlibro Vulnerabilities Exposed: Control Your Pet’s Safety Now
IRS.GOV: alleged data breach affects the accounts of 18 million citizens
Redazione RHC - December 12th, 2025
Amnesty International Launches .onion Site for Secure Access to Human Rights Info
Stefano Gazzella - December 12th, 2025
NANOREMOTE Trojan Uses Google Drive for Command and Control
Massimiliano Brolli - December 12th, 2025
Microsoft Azure OAuth Attack: ConsentFix Malware Steals Accounts
Redazione RHC - December 12th, 2025
Linux Foundation Launches Agentic AI Foundation with Key Tech Players
Silvia Felici - December 12th, 2025
Disney Invests $1 Billion in OpenAI for Sora Video Deal
Silvia Felici - December 12th, 2025
Microsoft 365 Okta Phishing Attack: Experts Warn of New Threat
Redazione RHC - December 12th, 2025
React Server Components Vulnerability: Update to Prevent DoS Attacks
Agostino Pellegrino - December 12th, 2025
Critical Windows PowerShell Vulnerability CVE-2025-54100: Update Now
Agostino Pellegrino - December 12th, 2025
Telegram Losing Ground to Crackdown on Cybercrime Activities
Sandro Sana - December 12th, 2025
Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE
Featured Articles
Cyber NewsOnce again, Microsoft was forced to quickly fix some flaws. The company has released unscheduled patches for Microsoft Office, addressing a dangerous zero-day vulnerability that has already been exploited in cyberattacks. The issue, identified as…
Cyber NewsThe recent discovery of a vulnerability in ServiceNow’s AI platform has shaken the cybersecurity industry. This flaw, characterized by an extremely high severity score, allowed unauthenticated attackers to impersonate any corporate user. To launch the…
CybercrimeA recent leak revealed 149 million logins and passwords exposed online , including accounts for financial services, social media, gaming, and dating sites. The discovery was made by researcher Jeremiah Fowler and shared with ExpressVPN.…
CybercrimePixelCode began as a research project exploring a hidden technique for storing binary data within images or videos . Instead of leaving a plaintext executable, the file is converted into pixel data, transforming each byte…
Cyber NewsSecurity researchers have recently observed a worrying evolution in the offensive tactics attributed to North Korean-linked actors as part of the campaign known as Contagious Interview : no longer simple fake job interview scams, but…












