Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
Home
LECS 320x100 1
LECS 970x120 1

Red Hot Cyber. The Cybersecurity Blog

    Digital Autonomy: France Says Goodbye to Teams and Zoom by 2027
    Silvia Felici | Cyberpolitics | 28/01/2026

    This isn’t the first initiative to emerge on this front recently. Indeed, we’ve heard several of them, one after the other. And it’s almost inevitable: technological autonomy and national security are...

    And let the phishing begin! Microsoft is taking action against a zero-day exploit already exploited in Office
    Pietro Melillo | Cyber News | 27/01/2026

    Once again, Microsoft was forced to quickly fix some flaws. The company has released unscheduled patches for Microsoft Office, addressing a dangerous zero-day vulnerability that has already been explo...

    When Malware Hides in Videos! The PixelCode Technique Breaks the Rules
    Marcello Filacchioni | Cybercrime | 26/01/2026

    PixelCode began as a research project exploring a hidden technique for storing binary data within images or videos . Instead of leaving a plaintext executable, the file is converted into pixel data, t...

    CISA alert: Exploit underway against VMware vCenter. Risk of RCE without authentication.
    Manuel Roccon | Cyber News | 25/01/2026

    The critical vulnerability recently added to the Cybersecurity and Infrastructure Security Agency (CISA) catalog of known exploited vulnerabilities (KEVs) affects the Broadcom VMware vCenter Server an...

    “I Stole 120,000 Bitcoins”: The Confession of the Bitfinex Hacker Who Now Wants to Defend Cyberspace
    Agostino Pellegrino | Cyber News | 25/01/2026

    The story ofIlya Lichtenstein, the hacker responsible for one of the largest cyber attacks ever carried out against cryptocurrencies, reads like an episode of a TV series, yet it is absolutely real. A...

    NoName057(16) hits Italy 487 times in the last 3 months: the DDoS wave does not stop
    Marcello Filacchioni | Cyber News | 24/01/2026

    Italy has confirmed itself as one of the main targets of the DDoS attack campaign carried out by the hacktivist group NoName057(16) . According to what was declared directly by the collective, our cou...

    BlueNoroff: The Hacker Group Revolutionizing Cybercrime
    Marcello Filacchioni | Cyber News | 23/01/2026

    The BlueNoroff hacker group has long since transformed cybercrime into a high-tech business, with tens of millions of dollars, cryptocurrency assets, and entire financial ecosystems at stake. A report...

    Nearly 2,000 bugs in 100 dating apps: How your data can be stolen
    Agostino Pellegrino | Cyber News | 23/01/2026

    A study of 100 dating apps revealed a disturbing picture: nearly 2,000 vulnerabilities were detected, 17% of which were classified as critical. The analysis was conducted by AppSec Solutions. The stud...

    MacSync: The macOS malware that empties your wallet… after weeks
    Massimiliano Brolli | Cyber News | 23/01/2026

    A new malware campaign has emerged in the macOS world, one that relies not on sophisticated exploits, but on good old-fashioned social engineering. It’s powered by the MacSync malware, distributed usi...

    PurpleBravo’s Contagious Interview: Malware Campaign Targets Global Firms
    Sandro Sana | Cyber News | 22/01/2026

    For over a year, the North Korean group PurpleBravo has been running a targeted malware campaign called “Contagious Interview,” using fake job interviews to attack companies in Europe, Asia, the Middl...

    Precedente Successivo

    Ultime news

    Petlibro Vulnerabilities Exposed: Control Your Pet’s Safety Now Cyber News

    Petlibro Vulnerabilities Exposed: Control Your Pet’s Safety Now

    A series of vulnerabilities have been discovered in the popular Petlibro pet food vending ecosystem. In the worst-case scenario, these...
    Agostino Pellegrino - 30 December 2025
    MongoBleed Vulnerability Exploited: Update MongoDB Now to Prevent Data Breach Cyber News

    MongoBleed Vulnerability Exploited: Update MongoDB Now to Prevent Data Breach

    The Cybersecurity and Infrastructure Security Agency (CISA) has officially raised the alarm about a critical vulnerability in MongoDB, adding the...
    Massimiliano Brolli - 30 December 2025
    Apple Supply Chain Hit by Cyberattack: Sensitive Data at Risk Cyber News

    Apple Supply Chain Hit by Cyberattack: Sensitive Data at Risk

    During the first half of December, a Chinese company assembling devices for Apple was hit by an advanced cyberattack that...
    Redazione RHC - 30 December 2025
    Browser-in-the-Browser Phishing Attack: How to Protect Yourself Cybercrime

    Browser-in-the-Browser Phishing Attack: How to Protect Yourself

    This article analyzes a recent and sophisticated phishing campaign that uses the Browser-in-the-Browser (BitB) technique to steal credentials, particularly those...
    Manuel Roccon - 29 December 2025
    Critical WebKit Vulnerability Exposes iOS Devices to Code Execution Vulnerability

    Critical WebKit Vulnerability Exposes iOS Devices to Code Execution

    A new report details a critical vulnerability discovered by security researcher Joseph Goydish in Apple's WebKit engine. This security flaw,...
    Agostino Pellegrino - 29 December 2025
    Xspeeder Devices Hit by AI-Discovered Zero-Day Vulnerability CVE-2025-54322 Vulnerability

    Xspeeder Devices Hit by AI-Discovered Zero-Day Vulnerability CVE-2025-54322

    When it comes to cybersecurity, it's easy to fall into the trap of thinking that problems are always far away,...
    Agostino Pellegrino - 29 December 2025
    « Precedente   Successivo »

    DeadLock Ransomware Exploits Baidu Antivirus Vulnerability for EDR Bypass

    Cisco Talos has identified a new ransomware campaign called DeadLock : attackers are exploiting a vulnerable Baidu antivirus driver (CVE-2024-51324) to disable EDR systems using the Bring Your Own Vulnerable...

    - December 11th, 2025

    Share on Facebook Share on LinkedIn Share on X

    VPN Credentials on the Dark Web: A Growing Cybersecurity Threat

    In the darkest corners of the internet, the trafficking of stolen data and unauthorized access continues to thrive. A recent post on a closed underground forum shows 896 FortiSSL VPN...

    - December 11th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Uncovering Russia’s Cyber Operations: CISM’s Role in DDoS Attacks

    What we wrote in the article " Patriotic Code: from DDoSia and NoName057(16) to CISM, the algorithm that shapes youth for Putin " on Red Hot Cyber on July 23rd...

    - December 11th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Microsoft Outlook RCE Vulnerability: Update Now to Prevent Attacks

    A critical remote code execution (RCE) vulnerability in Outlook has been patched by Microsoft, potentially allowing attackers to run malicious code on vulnerable systems. The vulnerability, tracked under CVE-2025-62562, stems...

    - December 11th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Google Chrome Urgent Update Fixes Zero-Day Vulnerability

    An urgent update has been released by Google for the stable version of the Desktop browser, in order to address an extremely serious vulnerability that is currently being exploited. This...

    - December 11th, 2025

    Share on Facebook Share on LinkedIn Share on X

    EtherRAT Malware Exploits React2Shell Vulnerability with Ethereum C2

    Just two days after the critical React2Shell vulnerability was discovered, Sysdig researchers discovered a new malware, EtherRAT, in a compromised Next.js application. The malware uses Ethereum smart contracts for communication...

    - December 11th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Is QDay approaching? QuantWare presents its 10,000-qubit quantum processor

    The world of quantum technology has made an impressive leap forward: QuantWare has unveiled the world's first 10,000-qubit processor, 100 times more than any existing device . Furthermore, the new...

    - December 10th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Ivanti Endpoint Manager Vulnerabilities: Update Now to Prevent RCE

    Ivanti has released an urgent update for its Endpoint Manager (EPM) platform, addressing a set of significant vulnerabilities that could allow attackers to execute code of their choosing or hijack...

    - December 10th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Malicious VSCode Extensions Steal Crypto Wallets and Browser Sessions

    Two malicious extensions have been discovered that infect developers' computers with stealer programs on Microsoft's Visual Studio Code marketplace. The malware can take screenshots, steal passwords and cryptocurrency wallets, and...

    - December 10th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Windows Cloud Files Mini Filter Vulnerability Under Active Exploitation

    A zero-day vulnerability in the Windows Cloud Files Mini Filter driver (cldflt.sys) is currently being actively exploited. Microsoft has released urgent security updates to address this vulnerability. The vulnerability is...

    - December 10th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

    Featured Articles

    Immagine del sitoCyberpolitics
    Digital Autonomy: France Says Goodbye to Teams and Zoom by 2027
    Silvia Felici - 28/01/2026

    This isn’t the first initiative to emerge on this front recently. Indeed, we’ve heard several of them, one after the other. And it’s almost inevitable: technological autonomy and national security are becoming an increasingly popular…

    Immagine del sitoCyber News
    And let the phishing begin! Microsoft is taking action against a zero-day exploit already exploited in Office
    Pietro Melillo - 27/01/2026

    Once again, Microsoft was forced to quickly fix some flaws. The company has released unscheduled patches for Microsoft Office, addressing a dangerous zero-day vulnerability that has already been exploited in cyberattacks. The issue, identified as…

    Immagine del sitoCyber News
    ServiceNow Under Attack: How an Email Can Open the Doors to Your Business
    Redazione RHC - 27/01/2026

    The recent discovery of a vulnerability in ServiceNow’s AI platform has shaken the cybersecurity industry. This flaw, characterized by an extremely high severity score, allowed unauthenticated attackers to impersonate any corporate user. To launch the…

    Immagine del sitoCybercrime
    149 Million Accounts Exposed: The Database No One Should Have Seen
    Redazione RHC - 26/01/2026

    A recent leak revealed 149 million logins and passwords exposed online , including accounts for financial services, social media, gaming, and dating sites. The discovery was made by researcher Jeremiah Fowler and shared with ExpressVPN.…

    Immagine del sitoCybercrime
    When Malware Hides in Videos! The PixelCode Technique Breaks the Rules
    Marcello Filacchioni - 26/01/2026

    PixelCode began as a research project exploring a hidden technique for storing binary data within images or videos . Instead of leaving a plaintext executable, the file is converted into pixel data, transforming each byte…