Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
Home
Linux: A “ghost” kernel bug discovered that had been lurking since 2020!-And let the phishing begin! Microsoft is taking action against a zero-day exploit already exploited in Office-ServiceNow Under Attack: How an Email Can Open the Doors to Your Business-149 Million Accounts Exposed: The Database No One Should Have Seen-Shocking Discovery on Instagram: Private Posts Accessible Without Login!-Linux: A “ghost” kernel bug discovered that had been lurking since 2020!-And let the phishing begin! Microsoft is taking action against a zero-day exploit already exploited in Office-ServiceNow Under Attack: How an Email Can Open the Doors to Your Business-149 Million Accounts Exposed: The Database No One Should Have Seen-Shocking Discovery on Instagram: Private Posts Accessible Without Login!
Redhotcyber Banner Sito 320x100px Uscita 101125
UtiliaCS 970x120

Red Hot Cyber. The Cybersecurity Blog

    When Malware Hides in Videos! The PixelCode Technique Breaks the Rules
    Marcello Filacchioni | Cybercrime | 26/01/2026

    PixelCode began as a research project exploring a hidden technique for storing binary data within images or videos . Instead of leaving a plaintext executable, the file is converted into pixel data, t...

    CISA alert: Exploit underway against VMware vCenter. Risk of RCE without authentication.
    Manuel Roccon | Cyber News | 25/01/2026

    The critical vulnerability recently added to the Cybersecurity and Infrastructure Security Agency (CISA) catalog of known exploited vulnerabilities (KEVs) affects the Broadcom VMware vCenter Server an...

    “I Stole 120,000 Bitcoins”: The Confession of the Bitfinex Hacker Who Now Wants to Defend Cyberspace
    Agostino Pellegrino | Cyber News | 25/01/2026

    The story ofIlya Lichtenstein, the hacker responsible for one of the largest cyber attacks ever carried out against cryptocurrencies, reads like an episode of a TV series, yet it is absolutely real. A...

    NoName057(16) hits Italy 487 times in the last 3 months: the DDoS wave does not stop
    Marcello Filacchioni | Cyber News | 24/01/2026

    Italy has confirmed itself as one of the main targets of the DDoS attack campaign carried out by the hacktivist group NoName057(16) . According to what was declared directly by the collective, our cou...

    Nearly 2,000 bugs in 100 dating apps: How your data can be stolen
    Agostino Pellegrino | Cyber News | 23/01/2026

    A study of 100 dating apps revealed a disturbing picture: nearly 2,000 vulnerabilities were detected, 17% of which were classified as critical. The analysis was conducted by AppSec Solutions. The stud...

    MacSync: The macOS malware that empties your wallet… after weeks
    Massimiliano Brolli | Cyber News | 23/01/2026

    A new malware campaign has emerged in the macOS world, one that relies not on sophisticated exploits, but on good old-fashioned social engineering. It’s powered by the MacSync malware, distributed usi...

    PurpleBravo’s Contagious Interview: Malware Campaign Targets Global Firms
    Sandro Sana | Cyber News | 22/01/2026

    For over a year, the North Korean group PurpleBravo has been running a targeted malware campaign called “Contagious Interview,” using fake job interviews to attack companies in Europe, Asia, the Middl...

    KONNI Malware Targets Crypto Developers with AI-Powered Attacks
    Stefano Gazzella | Cyber News | 22/01/2026

    Check Point Research recently discovered a sophisticated phishing campaign orchestrated by KONNI , a threat group linked to North Korea . Historically focused on diplomatic targets in South Korea, the...

    Cisco Zero-Day Vulnerability CVE-2026-20045 Actively Exploited
    Agostino Pellegrino | Vulnerability | 22/01/2026

    A critical zero-day remote code execution (RCE) vulnerability, identified as CVE-2026-20045, has been discovered by Cisco and is being actively exploited in active attacks. Cisco has urged immediate p...

    Red Hot Cyber and Hack The Box: together for the CTF at the RHC 2026 conference
    Agostino Pellegrino | Cyber News | 21/01/2026

    In the Italian and European cybersecurity landscape, few collaborations manage to combine educational vision, technical realism, and community impact as effectively as the partnership announced betwee...

    Precedente Successivo

    Ultime news

    Job Scams on Social Media: How to Avoid Fake Remote Job Offers Cyber News

    Job Scams on Social Media: How to Avoid Fake Remote Job Offers

    Fraudulent job ads promising easy money and remote work continue to flood social media, particularly in the Middle East and...
    Redazione RHC - 29 December 2025
    MongoDB Vulnerability CVE-2025-14847: Critical Memory Disclosure Bug Cyber News

    MongoDB Vulnerability CVE-2025-14847: Critical Memory Disclosure Bug

    As previously reported, a serious vulnerability has been discovered in MongoDB that allows a remote attacker, without authentication, to access...
    Manuel Roccon - 28 December 2025
    UK Boosts Subsea Cable Protection with Autonomous Vessels Cyber News

    UK Boosts Subsea Cable Protection with Autonomous Vessels

    The UK government has announced plans to strengthen the protection of undersea cables using autonomous vessels. Military ships and aircraft...
    Sandro Sana - 28 December 2025
    China’s Humanoid Robot Industry Booms with UBtech’s Walker S2 Cyber News

    China’s Humanoid Robot Industry Booms with UBtech’s Walker S2

    A video, hundreds of humanoid robots, and a reaction that went viral. When UBtech demonstrated its S2 Walkers moving in...
    Redazione RHC - 28 December 2025
    Cyber Criminals Recruit Insiders: Companies at Risk of Internal Threats Cyber News

    Cyber Criminals Recruit Insiders: Companies at Risk of Internal Threats

    The cybercriminal community is rapidly increasing its interest in recruiting personnel from within companies . Instead of sophisticated external attacks,...
    Agostino Pellegrino - 27 December 2025
    US Data Center Battery Dependency: A Growing Concern for AI and Defense Cyber News

    US Data Center Battery Dependency: A Growing Concern for AI and Defense

    In Northern Virginia, along what has come to be called the “data center corridor,” stand massive, windowless facilities that form...
    Redazione RHC - 27 December 2025
    « Precedente   Successivo »

    Malicious VSCode Extensions Steal Crypto Wallets and Browser Sessions

    Two malicious extensions have been discovered that infect developers' computers with stealer programs on Microsoft's Visual Studio Code marketplace. The malware can take screenshots, steal passwords and cryptocurrency wallets, and...

    - December 10th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Windows Cloud Files Mini Filter Vulnerability Under Active Exploitation

    A zero-day vulnerability in the Windows Cloud Files Mini Filter driver (cldflt.sys) is currently being actively exploited. Microsoft has released urgent security updates to address this vulnerability. The vulnerability is...

    - December 10th, 2025

    Share on Facebook Share on LinkedIn Share on X

    The Dark Side of AI: How Technology is Being Used to Control Humans

    Cory Doctorow says it with the clarity of someone who has studied the consequences of digital capitalism for years: AI, as it's sold today, isn't about enhancing humans. It's about...

    - December 10th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Gartner Warns: AI-Powered Browsers Pose Significant Security Risks to Businesses

    Gartner analysts have urged businesses to temporarily stop using browsers with built-in artificial intelligence (AI) capabilities . In a recent advisory, the company emphasizes that such tools pose unnecessary risks...

    - December 10th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Asus Hacked: Everest Ransomware Group Claims Data Breach

    Asus announced that one of its suppliers had been hacked. Meanwhile, the Everest ransomware group claimed to have stolen a terabyte of data from three companies: Asus, Qualcomm, and ArcSoft....

    - December 10th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Fortinet Vulnerability: Critical FortiOS, FortiWeb, FortiProxy, FortiSwitchManager Update

    A critical vulnerability affecting the FortiOS, FortiWeb, FortiProxy , and FortiSwitchManager product lines has been reported by Fortinet via an urgent security advisory. This advisory was issued in connection with...

    - December 10th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Cybersecurity Certifications: Boost Your Career with CompTIA Security+

    The cybersecurity landscape in Europe and Italy is rapidly evolving: increasing digitalization, regulations such as GDPR and NIS2, and the exponential increase in cyberattacks make it essential to invest in...

    - December 10th, 2025

    Share on Facebook Share on LinkedIn Share on X

    US Allows Nvidia to Sell Advanced AI Chips to China, Easing Export Restrictions

    It seems the White House isn't entirely clear ... at least judging by yet another change of heart regarding the sale of Nvidia's advanced chips to China, with the Trump...

    - December 9th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Taiwan Cracks Down on Submarine Cable Sabotage with New Laws

    In recent years, Taiwan's underwater infrastructure—electricity cables, gas pipelines, and water systems—has been damaged on several occasions, particularly communications cables. On December 9, the Legislative Yuan passed a third reading...

    - December 9th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Ransomware Attacks Decline in 2024, But Threat Remains High with $734M in Ransom

    According to a recently released report by the Financial Crimes Enforcement Network (FinCEN) , global ransomware activity peaked in 2023, only to plummet in 2024. This decline is attributed to...

    - December 9th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

    Featured Articles

    Immagine del sitoCyber News
    And let the phishing begin! Microsoft is taking action against a zero-day exploit already exploited in Office
    Redazione RHC - 27/01/2026

    Once again, Microsoft was forced to quickly fix some flaws. The company has released unscheduled patches for Microsoft Office, addressing a dangerous zero-day vulnerability that has already been exploited in cyberattacks. The issue, identified as…

    Immagine del sitoCyber News
    ServiceNow Under Attack: How an Email Can Open the Doors to Your Business
    Redazione RHC - 27/01/2026

    The recent discovery of a vulnerability in ServiceNow’s AI platform has shaken the cybersecurity industry. This flaw, characterized by an extremely high severity score, allowed unauthenticated attackers to impersonate any corporate user. To launch the…

    Immagine del sitoCybercrime
    149 Million Accounts Exposed: The Database No One Should Have Seen
    Redazione RHC - 26/01/2026

    A recent leak revealed 149 million logins and passwords exposed online , including accounts for financial services, social media, gaming, and dating sites. The discovery was made by researcher Jeremiah Fowler and shared with ExpressVPN.…

    Immagine del sitoCybercrime
    When Malware Hides in Videos! The PixelCode Technique Breaks the Rules
    Marcello Filacchioni - 26/01/2026

    PixelCode began as a research project exploring a hidden technique for storing binary data within images or videos . Instead of leaving a plaintext executable, the file is converted into pixel data, transforming each byte…

    Immagine del sitoCyber News
    How a simple Visual Studio Code file can become a backdoor for state-run hackers
    Redazione RHC - 26/01/2026

    Security researchers have recently observed a worrying evolution in the offensive tactics attributed to North Korean-linked actors as part of the campaign known as Contagious Interview : no longer simple fake job interview scams, but…