Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
TM RedHotCyber 320x100 042514
UtiliaCS 970x120

Red Hot Cyber. The Cybersecurity Blog

Long-Lived Technologies: COBOL, C, SQL, and Legacy Systems
Finland Seizes Ship in Cable Damage Probe, Cites Security Threat
Ransomware Attacks on the Rise: US Professionals Turn to Cybercrime
The Dark Side of Cybercrime: Human Costs and Consequences
OpenAI Hiring Chief Security Officer to Mitigate AI Risks
Apple Supply Chain Hit by Cyberattack: Sensitive Data at Risk
Browser-in-the-Browser Phishing Attack: How to Protect Yourself
Critical WebKit Vulnerability Exposes iOS Devices to Code Execution
Xspeeder Devices Hit by AI-Discovered Zero-Day Vulnerability CVE-2025-54322
Job Scams on Social Media: How to Avoid Fake Remote Job Offers
Previous Next

Ultime news

AI-Generated Scams: New Threats with Deepfake Photos and Videos Cybercrime

AI-Generated Scams: New Threats with Deepfake Photos and Videos

Criminals are increasingly using photos and videos from public sources to pass them off as evidence of an alleged kidnapping....
Redazione RHC - 7 December 2025
Microsoft Windows LNK Vulnerability Exploited by Hackers Cybercrime

Microsoft Windows LNK Vulnerability Exploited by Hackers

Experts have discovered that in the summer of 2025, Microsoft patched a dangerous vulnerability in Windows that had been actively...
Redazione RHC - 6 December 2025
Apache Tika Vulnerability CVE-2025-66516: Critical XXE Attack Risk Cybercrime

Apache Tika Vulnerability CVE-2025-66516: Critical XXE Attack Risk

A critical vulnerability has been published in Apache Tika that could allow an XML external entity injection attack, known as...
Redazione RHC - 6 December 2025
China Accuses US of Cyber Attacks, Denies Involvement in Brickstorm Malware Cybercrime

China Accuses US of Cyber Attacks, Denies Involvement in Brickstorm Malware

A spokesperson for the Chinese Embassy in Canada responded to a reporter's question about the outcry in Canada over so-called...
Redazione RHC - 6 December 2025
AI Browser Attack: Google Drive Wiper Threat Exposed Cybercrime

AI Browser Attack: Google Drive Wiper Threat Exposed

Researchers at Striker STAR Labs have described a new agent-based browser attack that can turn a regular email into a...
Redazione RHC - 6 December 2025
NATO Cyber Coalition Exercise: Enhancing Cyber Defense with 1,300 Experts Cybercrime

NATO Cyber Coalition Exercise: Enhancing Cyber Defense with 1,300 Experts

NATO held its largest-ever cyber defense exercise, Cyber Coalition, in Estonia, involving approximately 1,300 specialists . The goal was to...
Redazione RHC - 6 December 2025
« Precedente   Successivo »

“We Want to Hack You Again!” NSO Group Rejects WhatsApp’s Pegasus Lawsuit

- November 22nd, 2025

Israeli company NSO Group has appealed a California federal court ruling that bars it from using WhatsApp's infrastructure to distribute its Pegasus surveillance software. The case, which has been ongoing...
Share on Facebook Share on LinkedIn Share on X

Oracle under attack: Pre-auth RCE vulnerability discovered that compromises entire systems

- November 22nd, 2025

A vulnerability, designated CVE-2025-61757, was made public by Searchlight Cyber last Thursday. Company researchers discovered the issue and notified Oracle, which led to its disclosure. Oracle fixed CVE-2025-61757 with the...
Share on Facebook Share on LinkedIn Share on X

CrowdStrike Insider Fired for Providing Sensitive Data to Criminal Hackers

- November 22nd, 2025

In recent months, the insider problem has become increasingly important for large companies , and one recent episode involved CrowdStrike. The cybersecurity firm has in fact removed an employee believed...
Share on Facebook Share on LinkedIn Share on X

Sysmon will finally be integrated into Windows 11 and Windows Server 2025 in 2026

- November 22nd, 2025

Microsoft has announced that it will integrate the popular Sysmon tool directly into Windows 11 and Windows Server 2025 in 2026. The announcement was made by Sysinternals creator Mark Russinovich....
Share on Facebook Share on LinkedIn Share on X

Sneaky2FA: The phishing scam that steals credentials with browser-in-the-browser attacks

- November 22nd, 2025

Push Security specialists have noticed that the Sneaky2FA phishing platform now supports browser-in-the-browser attacks, which allow the creation of fake login windows and the theft of credentials and sessions. Sneaky2FA...
Share on Facebook Share on LinkedIn Share on X

TamperedChef: Malware via Fake App Installers

- November 21st, 2025

The large-scale TamperedChef campaign is once again attracting the attention of specialists, as attackers continue to distribute malware via fake installers of popular applications. This scam, disguised as legitimate software,...
Share on Facebook Share on LinkedIn Share on X

Whoever took down Cloudflare during the outage put their infrastructure at risk

- November 21st, 2025

A major outage in Cloudflare's infrastructure has unexpectedly tested the robustness of the cloud and its security systems for many businesses. On November 18, service outages caused websites around the...
Share on Facebook Share on LinkedIn Share on X

Critical Vulnerability in Azure Bastion Scores 10! When RDP and SSH in the Cloud Are Checkmated

- November 21st, 2025

An authentication bypass vulnerability has been discovered in Azure Bastion , Microsoft's managed service that enables secure RDP and SSH connections to virtual machines in Azure without directly exposing them...
Share on Facebook Share on LinkedIn Share on X

Risk averted for millions of Microsoft users! The critical vulnerability in Microsoft SharePoint 9.8

- November 21st, 2025

Microsoft has disclosed a critical vulnerability in SharePoint Online (discovered by RHC through our ongoing monitoring of critical CVEs on our portal), identified as CVE‑2025‑59245 , with a CVSS v3.1...
Share on Facebook Share on LinkedIn Share on X

Sturnus, the banking Trojan that intercepts WhatsApp, Telegram, and Signal messages

- November 21st, 2025

ThreatFabric specialists have discovered a new banking Trojan, Sturnus . The malware is capable of intercepting messages from end-to-end encrypted messaging apps (Signal, WhatsApp, Telegram) and gaining full control over...
Share on Facebook Share on LinkedIn Share on X

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Featured Articles

Immagine del sitoCulture
Long-Lived Technologies: COBOL, C, SQL, and Legacy Systems
Redazione RHC - 02/01/2026

While the industry debates which neural network is the “smartest” and which framework is the “most modern,” decades-old technologies continue to quietly swirl beneath the surface of the banking industry . This year, COBOL turned…

Immagine del sitoCybercrime
Finland Seizes Ship in Cable Damage Probe, Cites Security Threat
Redazione RHC - 31/12/2025

On Wednesday, December 31, Finnish authorities seized a cargo ship believed to be involved in the damage to an undersea telecommunications cable connecting Helsinki to Tallinn, Estonia. The action was triggered after a technical anomaly…

Immagine del sitoCybercrime
Ransomware Attacks on the Rise: US Professionals Turn to Cybercrime
Redazione RHC - 31/12/2025

In the landscape of cybercrime investigations, some cases take on particular significance not only because of the extent of the financial damage, but also because of the profile of the individuals involved . Ransomware investigations,…

Immagine del sitoCybercrime
The Dark Side of Cybercrime: Human Costs and Consequences
Redazione RHC - 31/12/2025

By 2025, cybercrime will increasingly go beyond “just money”: attacks aren’t just about downtime bills and ransom payments , but also about real human consequences, from healthcare disruptions and victim harassment to kidnappings, torture, and…

Immagine del sitoCybercrime
OpenAI Hiring Chief Security Officer to Mitigate AI Risks
Redazione RHC - 30/12/2025

OpenAI, the developer of ChatGPT, has announced the search for a new Chief Security Officer . The position, with an annual salary of $555,000, will be directly responsible for mitigating risks associated with artificial intelligence…