Red Hot Cyber. The Cybersecurity Blog
Cambridge University Press & Assessment Ends Up in the DLS of INC Ransomware
In a recent cyberattack, the cybercriminal group known as “INC Ransomware” declared that they had breached the systems of Cambridge University Press & Assessment, employing a double extortion strategy. This tactic, increasingly common among ransomware groups, involves the theft and
Identified a POC for the CVE-2024-34102 Vulnerability in Magento / Adobe Commerce
Recently, a Proof of Concept (POC) for a vulnerability identified as CVE-2024-34102, which affects the Magento and Adobe Commerce e-commerce platforms, has been found online. This vulnerability, detected by security experts from Assetnote, represents a significant threat as it allows
Cyberpunk 2077: Source Code Stolen?
A malicious actor has claimed to have obtained access to the complete source code of Cyberpunk 2077, the famous role-playing game developed by CD Projekt Red. If confirmed, this claim could have devastating consequences for the company and the entire
Natohub claims attack on NATO’s COI. Potential data loss of 362 members
A malicious actor released sensitive data (presumably) belonging to COI Cooperation Portal, a sharing and collaborative environmente for non classified NATO documents. This comprehensive portal is dedicated to supporting NATO organizations, nations, and partners, along with public administrations and industries
Potential Data Breach Hits Traderie: Roblox Trading Platform
In a concerning turn of events for the online trading community, a threat actor under the pseudonym “victim” has claimed responsibility for leaking a substantial database from Traderie, a popular trading platform for Roblox. The announcement was made on the
Alleged Leak of the 2020 Israeli Voter Database
In a significant and concerning development, an individual using the alias “mrwan” has allegedly leaked the 2020 Israeli voter database. The personal data of all 6.5 million Israeli voters has been exposed, causing serious privacy and security concerns. Details of
PoC Released for SQL Injection Without Authentication on WordPress WZone Plugin
Pietro Melillo - July 19th, 2024
A proof of concept (PoC) for a critical vulnerability identified as CVE-2024-33544 has recently been released. This vulnerability involves an unauthenticated SQL injection, which poses a serious threat to the...
Threat Actor IntelBroker Exposes Rapid4Cloud Data on Breach Forums
Pietro Melillo - July 18th, 2024
In the world of cybersecurity, news of data breaches is commonplace. Recently, a new alleged breach has made waves: the moderator of BreachForums, known as IntelBroker, has claimed to have...
Sale of a 0Day RCE Exploit for GLPI HelpDesk
Pietro Melillo - July 18th, 2024
Recently, a user on the Breachforums known as "cisc0" posted an announcement regarding the sale of a 0Day exploit for GLPI HelpDesk. According to the user, this exploit works on...
Play Ransomware Claims Attack on MIPS Technologies
Pietro Melillo - July 18th, 2024
In the last few hours, the Data Leak site of the ransomware gang Play Ransomware has published a new claim: the giant MIPS Technologies (www.mips.com) has been the victim of...
Sign up for the newsletter