Red Hot Cyber. The Cybersecurity Blog
Featured Articles
The recent 2025.4 release of Kali Linux has been made available to the public, introducing significant improvements to the GNOME, KDE, and Xfce desktop environments . From now on, Wayland will be the ...
An alleged database containing sensitive information on 18 million U.S. citizens over 65 has appeared for sale on a popular dark web forum. The advertiser, who uses the pseudonym “Frenshyny,” clai...
A recent study by Datadog Security Labs reveals an ongoing operation targeting organizations using Microsoft 365 and Okta for single sign-on (SSO) authentication. This operation uses sophisticated tec...
The React Server component security saga continues this week. Following the patching of a critical remote code execution (RCE) vulnerability that led to React2shell, researchers have discovered two ne...
Cisco Talos has identified a new ransomware campaign called DeadLock : attackers are exploiting a vulnerable Baidu antivirus driver (CVE-2024-51324) to disable EDR systems using the Bring Your Own Vul...
Sturnus, the banking Trojan that intercepts WhatsApp, Telegram, and Signal messages
Disloyal Employees: Fired, Returns to Work, and Resets 2,500 Passwords Without the Company’s Knowledge
MONOLOCK: The new “silent” ransomware group that rejects leak sites and affiliate panels.
Critical vulnerability in the WordPress plugin W3 Total Cache. 430,000 sites at risk!
Hundreds of robots on the march: China presents the new generation of humanoids
Veeam launches Data Platform v13, redefining the standard for cyber resilience and advanced data protection.
Sturnus, the banking Trojan that intercepts WhatsApp, Telegram, and Signal messages
Redazione RHC - November 20th, 2025
ThreatFabric specialists have discovered a new banking Trojan, Sturnus . The malware is capable of intercepting messages from end-to-end encrypted messaging apps (Signal, WhatsApp, Telegram) and gaining full control over...
Disloyal Employees: Fired, Returns to Work, and Resets 2,500 Passwords Without the Company’s Knowledge
Redazione RHC - November 20th, 2025
An employee has pleaded guilty to hacking into his former employer's network and causing nearly $1 million in damages after being fired. According to the indictment, 35-year-old Maxwell Schultz, who...
MONOLOCK: The new “silent” ransomware group that rejects leak sites and affiliate panels.
Luca Stivali - November 20th, 2025
The ransomware landscape is changing. The most exposed actors—LockBit, Hunters International, and Trigona—have paid the price for overexposure, including international operations, infiltrations, deliberate leaks, and operational collapses. After years dominated...
Critical vulnerability in the WordPress plugin W3 Total Cache. 430,000 sites at risk!
Redazione RHC - November 20th, 2025
A critical vulnerability, CVE-2025-9501, has been discovered in the popular WordPress plugin W3 Total Cache . This vulnerability allows the execution of arbitrary PHP commands on the server without authentication....
Hundreds of robots on the march: China presents the new generation of humanoids
Redazione RHC - November 20th, 2025
Shenzhen -based UBTECH Robotics has publicly demonstrated its new wave of humanoid robots, delivering several hundred of them in a single shipment. The announcement was accompanied by a video that...
Veeam launches Data Platform v13, redefining the standard for cyber resilience and advanced data protection.
Redazione RHC - November 19th, 2025
With new capabilities to stay ahead of threats and accelerate recovery with next-generation security, forensic insights and intelligent automation, Veeam also launches the Universal Hypervisor Integration API, a flexible integration...
Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE