Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
TM RedHotCyber 320x100 042514
LECS 970x120 1

Red Hot Cyber. The Cybersecurity Blog

Precedente Successivo

Ultime news

MongoBleed Vulnerability Exploited: Update MongoDB Now to Prevent Data Breach Cyber News

MongoBleed Vulnerability Exploited: Update MongoDB Now to Prevent Data Breach

The Cybersecurity and Infrastructure Security Agency (CISA) has officially raised the alarm about a critical vulnerability in MongoDB, adding the...
Massimiliano Brolli - 30 December 2025
Apple Supply Chain Hit by Cyberattack: Sensitive Data at Risk Cyber News

Apple Supply Chain Hit by Cyberattack: Sensitive Data at Risk

During the first half of December, a Chinese company assembling devices for Apple was hit by an advanced cyberattack that...
Redazione RHC - 30 December 2025
Browser-in-the-Browser Phishing Attack: How to Protect Yourself Cybercrime

Browser-in-the-Browser Phishing Attack: How to Protect Yourself

This article analyzes a recent and sophisticated phishing campaign that uses the Browser-in-the-Browser (BitB) technique to steal credentials, particularly those...
Manuel Roccon - 29 December 2025
Critical WebKit Vulnerability Exposes iOS Devices to Code Execution Vulnerability

Critical WebKit Vulnerability Exposes iOS Devices to Code Execution

A new report details a critical vulnerability discovered by security researcher Joseph Goydish in Apple's WebKit engine. This security flaw,...
Agostino Pellegrino - 29 December 2025
Xspeeder Devices Hit by AI-Discovered Zero-Day Vulnerability CVE-2025-54322 Vulnerability

Xspeeder Devices Hit by AI-Discovered Zero-Day Vulnerability CVE-2025-54322

When it comes to cybersecurity, it's easy to fall into the trap of thinking that problems are always far away,...
Agostino Pellegrino - 29 December 2025
TurboDiffusion: AI Video Generation Accelerated Up to 200 Times Cyber News

TurboDiffusion: AI Video Generation Accelerated Up to 200 Times

Automatic video generation using artificial intelligence took a significant leap on December 25, 2025, when Tsinghua University announced the open...
Redazione RHC - 29 December 2025

Notepad++ Vulnerability Fixed: Update to 8.8.9 to Avoid Malware

Notepad++ is often targeted by attackers because the software is popular and widely used. A recently discovered vulnerability in the open-source text and code editor Notepad++ could allow attackers to...

NetSupport RAT Malware Campaign Uncovered: Expert Analysis

Securonix specialists have discovered a multi-layered malware campaign aimed at secretly installing the NetSupport RAT remote access tool . The attack involves a series of carefully hidden stages, each designed...

Digital Stress: How to Achieve Balance in a Hyper-Connected World

We live in dissociation: we praise work-life balance, yet we find ourselves constantly online, like puppets on invisible strings. The real problem is not technology, but how we, humans, respond...

DeadLock Ransomware Exploits Baidu Antivirus Vulnerability for EDR Bypass

Cisco Talos has identified a new ransomware campaign called DeadLock : attackers are exploiting a vulnerable Baidu antivirus driver (CVE-2024-51324) to disable EDR systems using the Bring Your Own Vulnerable...

VPN Credentials on the Dark Web: A Growing Cybersecurity Threat

In the darkest corners of the internet, the trafficking of stolen data and unauthorized access continues to thrive. A recent post on a closed underground forum shows 896 FortiSSL VPN...

Uncovering Russia’s Cyber Operations: CISM’s Role in DDoS Attacks

What we wrote in the article " Patriotic Code: from DDoSia and NoName057(16) to CISM, the algorithm that shapes youth for Putin " on Red Hot Cyber on July 23rd...

Microsoft Outlook RCE Vulnerability: Update Now to Prevent Attacks

A critical remote code execution (RCE) vulnerability in Outlook has been patched by Microsoft, potentially allowing attackers to run malicious code on vulnerable systems. The vulnerability, tracked under CVE-2025-62562, stems...

Google Chrome Urgent Update Fixes Zero-Day Vulnerability

An urgent update has been released by Google for the stable version of the Desktop browser, in order to address an extremely serious vulnerability that is currently being exploited. This...

EtherRAT Malware Exploits React2Shell Vulnerability with Ethereum C2

Just two days after the critical React2Shell vulnerability was discovered, Sysdig researchers discovered a new malware, EtherRAT, in a compromised Next.js application. The malware uses Ethereum smart contracts for communication...

Is QDay approaching? QuantWare presents its 10,000-qubit quantum processor

The world of quantum technology has made an impressive leap forward: QuantWare has unveiled the world's first 10,000-qubit processor, 100 times more than any existing device . Furthermore, the new...

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Featured Articles

Immagine del sitoCyber News
And let the phishing begin! Microsoft is taking action against a zero-day exploit already exploited in Office
Redazione RHC - 27/01/2026

Once again, Microsoft was forced to quickly fix some flaws. The company has released unscheduled patches for Microsoft Office, addressing a dangerous zero-day vulnerability that has already been exploited in cyberattacks. The issue, identified as…

Immagine del sitoCyber News
ServiceNow Under Attack: How an Email Can Open the Doors to Your Business
Redazione RHC - 27/01/2026

The recent discovery of a vulnerability in ServiceNow’s AI platform has shaken the cybersecurity industry. This flaw, characterized by an extremely high severity score, allowed unauthenticated attackers to impersonate any corporate user. To launch the…

Immagine del sitoCybercrime
149 Million Accounts Exposed: The Database No One Should Have Seen
Redazione RHC - 26/01/2026

A recent leak revealed 149 million logins and passwords exposed online , including accounts for financial services, social media, gaming, and dating sites. The discovery was made by researcher Jeremiah Fowler and shared with ExpressVPN.…

Immagine del sitoCybercrime
When Malware Hides in Videos! The PixelCode Technique Breaks the Rules
Marcello Filacchioni - 26/01/2026

PixelCode began as a research project exploring a hidden technique for storing binary data within images or videos . Instead of leaving a plaintext executable, the file is converted into pixel data, transforming each byte…

Immagine del sitoCyber News
How a simple Visual Studio Code file can become a backdoor for state-run hackers
Redazione RHC - 26/01/2026

Security researchers have recently observed a worrying evolution in the offensive tactics attributed to North Korean-linked actors as part of the campaign known as Contagious Interview : no longer simple fake job interview scams, but…