Red Hot Cyber. The Cybersecurity Blog
Featured Articles
MITRE has released its ranking of the 25 most dangerous software vulnerabilities predicted for 2025, based on data collected through the National Vulnerability Database. These vulnerabilities were ide...
The prospect of a four-day workweek, with a resulting three-day long weekend, may not be far off. This is according to Christopher A. Pissarides , a British-Cypriot economist and Nobel Prize winner, w...
The recent 2025.4 release of Kali Linux has been made available to the public, introducing significant improvements to the GNOME, KDE, and Xfce desktop environments . From now on, Wayland will be the ...
An alleged database containing sensitive information on 18 million U.S. citizens over 65 has appeared for sale on a popular dark web forum. The advertiser, who uses the pseudonym “Frenshyny,” clai...
A recent study by Datadog Security Labs reveals an ongoing operation targeting organizations using Microsoft 365 and Okta for single sign-on (SSO) authentication. This operation uses sophisticated tec...
Google Gemini Improves AI-Generated Image Verification
“We Want to Hack You Again!” NSO Group Rejects WhatsApp’s Pegasus Lawsuit
Oracle under attack: Pre-auth RCE vulnerability discovered that compromises entire systems
CrowdStrike Insider Fired for Providing Sensitive Data to Criminal Hackers
Sysmon will finally be integrated into Windows 11 and Windows Server 2025 in 2026
Sneaky2FA: The phishing scam that steals credentials with browser-in-the-browser attacks
Google Gemini Improves AI-Generated Image Verification
Redazione RHC - November 22nd, 2025
Google has expanded the capabilities of its Gemini artificial intelligence service by adding a tool to the app and web version to check images for signs of automatic generation ....
“We Want to Hack You Again!” NSO Group Rejects WhatsApp’s Pegasus Lawsuit
Redazione RHC - November 21st, 2025
Israeli company NSO Group has appealed a California federal court ruling that bars it from using WhatsApp's infrastructure to distribute its Pegasus surveillance software. The case, which has been ongoing...
Oracle under attack: Pre-auth RCE vulnerability discovered that compromises entire systems
Redazione RHC - November 21st, 2025
A vulnerability, designated CVE-2025-61757, was made public by Searchlight Cyber last Thursday. Company researchers discovered the issue and notified Oracle, which led to its disclosure. Oracle fixed CVE-2025-61757 with the...
CrowdStrike Insider Fired for Providing Sensitive Data to Criminal Hackers
Redazione RHC - November 21st, 2025
In recent months, the insider problem has become increasingly important for large companies , and one recent episode involved CrowdStrike. The cybersecurity firm has in fact removed an employee believed...
Sysmon will finally be integrated into Windows 11 and Windows Server 2025 in 2026
Redazione RHC - November 21st, 2025
Microsoft has announced that it will integrate the popular Sysmon tool directly into Windows 11 and Windows Server 2025 in 2026. The announcement was made by Sysinternals creator Mark Russinovich....
Sneaky2FA: The phishing scam that steals credentials with browser-in-the-browser attacks
Redazione RHC - November 21st, 2025
Push Security specialists have noticed that the Sneaky2FA phishing platform now supports browser-in-the-browser attacks, which allow the creation of fake login windows and the theft of credentials and sessions. Sneaky2FA...
Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE