Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
Crowdstrike 320×100
LECS 970x120 1

Red Hot Cyber. The Cybersecurity Blog

Fortinet FortiOS Vulnerability Exploited: CVE-2025-59718 Patch Bypass
Cisco Zero-Day Vulnerability CVE-2026-20045 Actively Exploited
Red Hot Cyber and Hack The Box: together for the CTF at the RHC 2026 conference
Everest Ransomware Attacks McDonald’s, 861GB Data Stolen
ESXi Zero-Day Exploit: How to Protect Your VMware Environment
Google Fast Pair Vulnerability: WhisperPair Exposes Millions of Devices
Elon Musk Sues OpenAI for $134 Billion Over AI Betrayal
Net-NTLMv1 Exploitation: Rainbow Tables for Modern Attacks
Your paycheck is zero! Congratulations, someone answered the phone wrong
Two Ukrainians Suspected in Black Basta Ransomware Attacks
Previous Next

Ultime news

Microsoft Shifts Activation Process: What It Means for Air-Gapped Systems Cybercrime

Microsoft Shifts Activation Process: What It Means for Air-Gapped Systems

In the past, many users and system administrators have relied on Microsoft's telephone activation service to manage installations in specific...
Redazione RHC - 22 December 2025
PuTTY Under Siege: Hackers Exploit Popular Client for SSH Attacks Cybercrime

PuTTY Under Siege: Hackers Exploit Popular Client for SSH Attacks

Hackers love to exploit the most innocuous tools to infiltrate their targets' networks, and we all know this. And in...
Redazione RHC - 22 December 2025
OAuth Device Code Phishing: New Attack Vector for Account Takeover Cybercrime

OAuth Device Code Phishing: New Attack Vector for Account Takeover

Cybercriminals are getting smarter and have found a new way to exploit corporate security protocols. It seems incredible, but it's...
Redazione RHC - 22 December 2025
DIG AI: The Dark Web’s New AI Tool for Cybercrime Cybercrime

DIG AI: The Dark Web’s New AI Tool for Cybercrime

A new AI tool has appeared on the dark web and quickly attracted the attention of security experts, and not...
Redazione RHC - 21 December 2025
TikTok Accused of Illegally Tracking Users’ Data Across Apps Cybercrime

TikTok Accused of Illegally Tracking Users’ Data Across Apps

The popular video app TikTok has found itself at the center of a new scandal over violations of European data...
Redazione RHC - 21 December 2025
Naftali Bennett Telegram Account Hacked in Israel Politics Cybercrime

Naftali Bennett Telegram Account Hacked in Israel Politics

Former Israeli Prime Minister Naftali Bennett has admitted that his Telegram account was hacked, although his device was not compromised....
Redazione RHC - 21 December 2025
« Precedente   Successivo »

Microsoft Windows LNK Vulnerability Exploited by Hackers

- December 6th, 2025

Experts have discovered that in the summer of 2025, Microsoft patched a dangerous vulnerability in Windows that had been actively exploited by at least 11 hacker groups, including North Korean...
Share on Facebook Share on LinkedIn Share on X

Apache Tika Vulnerability CVE-2025-66516: Critical XXE Attack Risk

- December 6th, 2025

A critical vulnerability has been published in Apache Tika that could allow an XML external entity injection attack, known as XXE . The vulnerability, classified as CVE-2025-66516, has a CVE...
Share on Facebook Share on LinkedIn Share on X

China Accuses US of Cyber Attacks, Denies Involvement in Brickstorm Malware

- December 6th, 2025

A spokesperson for the Chinese Embassy in Canada responded to a reporter's question about the outcry in Canada over so-called "Chinese cyber attacks." A reporter asked : Recently, the Canadian...
Share on Facebook Share on LinkedIn Share on X

AI Browser Attack: Google Drive Wiper Threat Exposed

- December 6th, 2025

Researchers at Striker STAR Labs have described a new agent-based browser attack that can turn a regular email into a near-complete wiper of your Google Drive inbox. The attack targets...
Share on Facebook Share on LinkedIn Share on X

NATO Cyber Coalition Exercise: Enhancing Cyber Defense with 1,300 Experts

- December 6th, 2025

NATO held its largest-ever cyber defense exercise, Cyber Coalition, in Estonia, involving approximately 1,300 specialists . The goal was to practice protecting critical infrastructure from large-scale cyber attacks, simulating scenarios...
Share on Facebook Share on LinkedIn Share on X

Microsoft 365 Price Hike: What You Need to Know About the 2026 Increase

- December 6th, 2025

Starting July 1, 2026, Microsoft 365 and Office 365 subscription prices for business and government customers will increase by 8% to 33% , depending on the plan. This price adjustment...
Share on Facebook Share on LinkedIn Share on X

React2Shell Vulnerability Exploited by China-Linked Hackers, Patch Now

- December 6th, 2025

We often discuss on this site that the window between the publication of an exploit and the launch of active attacks is drastically shrinking. For this reason, it's increasingly crucial...
Share on Facebook Share on LinkedIn Share on X

FreeBSD 15.0: Discover the Power of This Unix-like Operating System

- December 6th, 2025

Behind many of the digital applications and services we take for granted every day lies a silent giant: FreeBSD . Known primarily to insiders, this Unix-like operating system has become...
Share on Facebook Share on LinkedIn Share on X

Cloudflare Blocks AI Bots: The Future of Internet Economy at Stake

- December 5th, 2025

Since July 1st, Cloudflare has blocked 416 billion requests from artificial intelligence bots attempting to extract content from its customers' websites. According to Matthew Prince, co-founder and CEO of Cloudflare,...
Share on Facebook Share on LinkedIn Share on X

React2Shell Vulnerability: 8.7M Servers at Risk – CVE-2025-55182

- December 5th, 2025

In 2025, the IT and security communities are buzzing with excitement over a single name: " React2Shell ." With the disclosure of a new vulnerability, CVE-2025-55182, classified as CVSS 10.0,...
Share on Facebook Share on LinkedIn Share on X

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Featured Articles

Immagine del sitoCybercrime
Fortinet FortiOS Vulnerability Exploited: CVE-2025-59718 Patch Bypass
Redazione RHC - 22/01/2026

Attackers are exploiting a previously patched critical FortiGate authentication flaw (CVE-2025-59718) through a patch bypass method to breach protected firewalls, as Fortinet customers are experiencing. Fortinet reportedly plans to soon release FortiOS versions 7.4.11, 7.6.6,…

Immagine del sitoCybercrime
Cisco Zero-Day Vulnerability CVE-2026-20045 Actively Exploited
Redazione RHC - 22/01/2026

A critical zero-day remote code execution (RCE) vulnerability, identified as CVE-2026-20045, has been discovered by Cisco and is being actively exploited in active attacks. Cisco has urged immediate patching, and its Product Security Incident Response…

Immagine del sitoinnovation
Red Hot Cyber and Hack The Box: together for the CTF at the RHC 2026 conference
Redazione RHC - 21/01/2026

In the Italian and European cybersecurity landscape, few collaborations manage to combine educational vision, technical realism, and community impact as effectively as the partnership announced between Red Hot Cyber and Hack The Box (HTB) for…

Immagine del sitoCybercrime
Everest Ransomware Attacks McDonald’s, 861GB Data Stolen
Redazione RHC - 21/01/2026

Yesterday, the Everest cybercriminal gang claimed responsibility for a cyberattack on McDonald’s on their Data Leak Site (DLS) . From the gang’s post, the cybercriminals claim to have 861GB of data exfiltrated from the company’s…

Immagine del sitoCybercrime
ESXi Zero-Day Exploit: How to Protect Your VMware Environment
Redazione RHC - 20/01/2026

A group of attackers is using a zero-day exploit toolkit to compromise VMware ESXi instances in an uncontrolled manner, taking advantage of multiple vulnerabilities to bypass virtual machine restrictions. The current incident highlights the ongoing…