Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
TM RedHotCyber 320x100 042514
HackTheBox 970x120 1

Red Hot Cyber. The Cybersecurity Blog

Larva-25012 Proxyjacking Campaign Targets South Korea with Notepad++ Malware
PurpleBravo’s Contagious Interview: Malware Campaign Targets Global Firms
KONNI Malware Targets Crypto Developers with AI-Powered Attacks
Fortinet FortiOS Vulnerability Exploited: CVE-2025-59718 Patch Bypass
Cisco Zero-Day Vulnerability CVE-2026-20045 Actively Exploited
Red Hot Cyber and Hack The Box: together for the CTF at the RHC 2026 conference
Everest Ransomware Attacks McDonald’s, 861GB Data Stolen
ESXi Zero-Day Exploit: How to Protect Your VMware Environment
Google Fast Pair Vulnerability: WhisperPair Exposes Millions of Devices
Elon Musk Sues OpenAI for $134 Billion Over AI Betrayal
Previous Next

Ultime news

TikTok Accused of Illegally Tracking Users’ Data Across Apps Cybercrime

TikTok Accused of Illegally Tracking Users’ Data Across Apps

The popular video app TikTok has found itself at the center of a new scandal over violations of European data...
Redazione RHC - 21 December 2025
Naftali Bennett Telegram Account Hacked in Israel Politics Cybercrime

Naftali Bennett Telegram Account Hacked in Israel Politics

Former Israeli Prime Minister Naftali Bennett has admitted that his Telegram account was hacked, although his device was not compromised....
Redazione RHC - 21 December 2025
Cisco Secure Email Gateway Vulnerability Exploited: Act Now Cybercrime

Cisco Secure Email Gateway Vulnerability Exploited: Act Now

A critical zero-day flaw in Cisco Secure Email Gateway and Cisco Secure Email and Web Manager devices is causing concern...
Redazione RHC - 21 December 2025
Airbus Eyes Sovereign Cloud to Mitigate US Data Risks Cybercrime

Airbus Eyes Sovereign Cloud to Mitigate US Data Risks

In recent months, a question has been emerging with increasing insistence on European corporate boards: is the US cloud really...
Redazione RHC - 21 December 2025
North Korean Hackers Steal $2 Billion in Crypto, Targeting DeFi Sector Cybercrime

North Korean Hackers Steal $2 Billion in Crypto, Targeting DeFi Sector

In 2025, North Korean hackers stole a record $2 billion in cryptocurrency , 51% more than the previous year. However,...
Redazione RHC - 21 December 2025
Kimwolf Botnet: The Rising Threat of DDoS Attacks on IoT Devices Cybercrime

Kimwolf Botnet: The Rising Threat of DDoS Attacks on IoT Devices

A new and formidable enemy has emerged in the cyber threat landscape: Kimwolf, a fearsome DDoS botnet, is having a...
Redazione RHC - 20 December 2025
« Precedente   Successivo »

Splunk Enterprise Vulnerability: CVE-2025-20386 and CVE-2025-20387

- December 5th, 2025

Security researchers have discovered two high-risk vulnerabilities (CVE-2025-20386 and CVE-2025-20387, with CVSS severity 8.0) affecting the Splunk Enterprise platform and Universal Forwarder components. These vulnerabilities result from incorrect permissions on...
Share on Facebook Share on LinkedIn Share on X

Apache HTTP Server Update Fixes Critical Security Vulnerabilities

- December 5th, 2025

The Apache Software Foundation has released a significant update for its popular Apache HTTP Server , addressing a total of five separate security vulnerabilities. Administrators are recommended to apply this...
Share on Facebook Share on LinkedIn Share on X

Cyber Insurance: Why Basic Hygiene Matters

- December 5th, 2025

Cyber insurance has become a topic of discussion on management committees. It's no longer an add-on, but rather an essential consideration in corporate risk management. Yet many companies rely on...
Share on Facebook Share on LinkedIn Share on X

Meta AI WhatsApp Investigation

- December 5th, 2025

Nine months after its implementation in Europe, Meta’s conversational artificial intelligence (AI) tool, integrated directly into WhatsApp, will be investigated by the European Commission . Two officials from the Brussels...
Share on Facebook Share on LinkedIn Share on X

Gulf States’ Digital Transformation: A New Era of Innovation and Security

- December 5th, 2025

It is a time of great geopolitical changes in the Gulf. It has been evident for some time that the dynamics between the major Middle Eastern players are indeed undergoing...
Share on Facebook Share on LinkedIn Share on X

Neurodivergence in Cybersecurity: A Hidden Competitive Advantage

- December 5th, 2025

Personal growth manuals sell hyperfocus as the secret to success. Routines as the key to productivity. Stepping out of your comfort zone as a universal panacea. But Jeff Bezos (...
Share on Facebook Share on LinkedIn Share on X

Leroy Merlin Cyberattack Exposes Personal Data of French Customers

- December 4th, 2025

A cyberattack has affected Leroy Merlin, involving the personal data of numerous customers in France, impacting hundreds of thousands of individuals. Leroy Merlin assures that "additional security measures have been...
Share on Facebook Share on LinkedIn Share on X

Anonymity for Sale: Russian SIM Card Market Thrives Amid Regulations

- December 4th, 2025

Efforts by legislators and law enforcement to combat money laundering and more complex SIM card verification procedures have not significantly weakened the position of anonymous number dealers. This conclusion emerges...
Share on Facebook Share on LinkedIn Share on X

Hackers Compromise 120k IP Cameras for Pornographic Videos

- December 4th, 2025

South Korean police have reported the arrest of four individuals who, presumably independently, compromised over 120,000 IP cameras. According to investigators, at least two of them did so to steal...
Share on Facebook Share on LinkedIn Share on X

Microsoft Fixes Old Windows LNK Vulnerability Exploited in Attacks

- December 4th, 2025

Microsoft has quietly patched a long-standing Windows vulnerability that has been exploited in real-world attacks for several years. The update was released on November's Patch Tuesday, despite the company having...
Share on Facebook Share on LinkedIn Share on X

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Featured Articles

Immagine del sitoCybercrime
Larva-25012 Proxyjacking Campaign Targets South Korea with Notepad++ Malware
Redazione RHC - 22/01/2026

A sophisticated proxyjacking campaign is targeting systems in South Korea, attributed to the actor Larva-25012 , which distributes proxyware disguised as legitimate Notepad++ installers. The campaign demonstrates significant technical evolution, using process injection in explorer.exe…

Immagine del sitoCybercrime
PurpleBravo’s Contagious Interview: Malware Campaign Targets Global Firms
Redazione RHC - 22/01/2026

For over a year, the North Korean group PurpleBravo has been running a targeted malware campaign called “Contagious Interview,” using fake job interviews to attack companies in Europe, Asia, the Middle East, and Central America.…

Immagine del sitoCybercrime
KONNI Malware Targets Crypto Developers with AI-Powered Attacks
Redazione RHC - 22/01/2026

Check Point Research recently discovered a sophisticated phishing campaign orchestrated by KONNI , a threat group linked to North Korea . Historically focused on diplomatic targets in South Korea, the malicious actor has now expanded…

Immagine del sitoCybercrime
Fortinet FortiOS Vulnerability Exploited: CVE-2025-59718 Patch Bypass
Redazione RHC - 22/01/2026

Attackers are exploiting a previously patched critical FortiGate authentication flaw (CVE-2025-59718) through a patch bypass method to breach protected firewalls, as Fortinet customers are experiencing. Fortinet reportedly plans to soon release FortiOS versions 7.4.11, 7.6.6,…

Immagine del sitoCybercrime
Cisco Zero-Day Vulnerability CVE-2026-20045 Actively Exploited
Redazione RHC - 22/01/2026

A critical zero-day remote code execution (RCE) vulnerability, identified as CVE-2026-20045, has been discovered by Cisco and is being actively exploited in active attacks. Cisco has urged immediate patching, and its Product Security Incident Response…