Welcome to Red Hot Cyber | Cybersecurity News
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Search
Banner Mobile
Banner Ransomfeed 970x120 1

Red Hot Cyber. The Cybersecurity Blog

Previous Next

Featured Articles

Immagine del sito
Kali Linux 2025.4: Discover the Power of Wayland and Enhanced Security Tools
Di Redazione RHC - 12/12/2025

The recent 2025.4 release of Kali Linux has been made available to the public, introducing significant improvements to the GNOME, KDE, and Xfce desktop environments . From now on, Wayland will be the ...

Immagine del sito
IRS.GOV: alleged data breach affects the accounts of 18 million citizens
Di Redazione RHC - 12/12/2025

An alleged database containing sensitive information on 18 million U.S. citizens over 65 has appeared for sale on a popular dark web forum. The advertiser, who uses the pseudonym “Frenshyny,” clai...

Immagine del sito
Microsoft 365 Okta Phishing Attack: Experts Warn of New Threat
Di Redazione RHC - 12/12/2025

A recent study by Datadog Security Labs reveals an ongoing operation targeting organizations using Microsoft 365 and Okta for single sign-on (SSO) authentication. This operation uses sophisticated tec...

Immagine del sito
React Server Components Vulnerability: Update to Prevent DoS Attacks
Di Redazione RHC - 12/12/2025

The React Server component security saga continues this week. Following the patching of a critical remote code execution (RCE) vulnerability that led to React2shell, researchers have discovered two ne...

Immagine del sito
DeadLock Ransomware Exploits Baidu Antivirus Vulnerability for EDR Bypass
Di Redazione RHC - 11/12/2025

Cisco Talos has identified a new ransomware campaign called DeadLock : attackers are exploiting a vulnerable Baidu antivirus driver (CVE-2024-51324) to disable EDR systems using the Bring Your Own Vul...

Sneaky2FA: The phishing scam that steals credentials with browser-in-the-browser attacks

Push Security specialists have noticed that the Sneaky2FA phishing platform now supports browser-in-the-browser attacks, which allow the creation of f...
Redazione RHC - 22/11/2025 - 08:39

TamperedChef: Malware via Fake App Installers

The large-scale TamperedChef campaign is once again attracting the attention of specialists, as attackers continue to distribute malware via fake inst...
Redazione RHC - 21/11/2025 - 19:20

Whoever took down Cloudflare during the outage put their infrastructure at risk

A major outage in Cloudflare's infrastructure has unexpectedly tested the robustness of the cloud and its security systems for many businesses. On Nov...
Redazione RHC - 21/11/2025 - 17:20

Critical Vulnerability in Azure Bastion Scores 10! When RDP and SSH in the Cloud Are Checkmated

An authentication bypass vulnerability has been discovered in Azure Bastion , Microsoft's managed service that enables secure RDP and SSH connections ...
Redazione RHC - 21/11/2025 - 17:11

Risk averted for millions of Microsoft users! The critical vulnerability in Microsoft SharePoint 9.8

Microsoft has disclosed a critical vulnerability in SharePoint Online (discovered by RHC through our ongoing monitoring of critical CVEs on our portal...
Redazione RHC - 21/11/2025 - 16:44

Sturnus, the banking Trojan that intercepts WhatsApp, Telegram, and Signal messages

ThreatFabric specialists have discovered a new banking Trojan, Sturnus . The malware is capable of intercepting messages from end-to-end encrypted mes...
Redazione RHC - 21/11/2025 - 10:23
1 27 28 29 30 31 278

Sneaky2FA: The phishing scam that steals credentials with browser-in-the-browser attacks

- November 21st, 2025

Push Security specialists have noticed that the Sneaky2FA phishing platform now supports browser-in-the-browser attacks, which allow the creation of fake login windows and the theft of credentials and sessions. Sneaky2FA...

Facebook Linkedin X

TamperedChef: Malware via Fake App Installers

- November 20th, 2025

The large-scale TamperedChef campaign is once again attracting the attention of specialists, as attackers continue to distribute malware via fake installers of popular applications. This scam, disguised as legitimate software,...

Facebook Linkedin X

Whoever took down Cloudflare during the outage put their infrastructure at risk

- November 20th, 2025

A major outage in Cloudflare's infrastructure has unexpectedly tested the robustness of the cloud and its security systems for many businesses. On November 18, service outages caused websites around the...

Facebook Linkedin X

Critical Vulnerability in Azure Bastion Scores 10! When RDP and SSH in the Cloud Are Checkmated

- November 20th, 2025

An authentication bypass vulnerability has been discovered in Azure Bastion , Microsoft's managed service that enables secure RDP and SSH connections to virtual machines in Azure without directly exposing them...

Facebook Linkedin X

Risk averted for millions of Microsoft users! The critical vulnerability in Microsoft SharePoint 9.8

- November 20th, 2025

Microsoft has disclosed a critical vulnerability in SharePoint Online (discovered by RHC through our ongoing monitoring of critical CVEs on our portal), identified as CVE‑2025‑59245 , with a CVSS v3.1...

Facebook Linkedin X

Sturnus, the banking Trojan that intercepts WhatsApp, Telegram, and Signal messages

- November 20th, 2025

ThreatFabric specialists have discovered a new banking Trojan, Sturnus . The malware is capable of intercepting messages from end-to-end encrypted messaging apps (Signal, WhatsApp, Telegram) and gaining full control over...

Facebook Linkedin X

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE