Red Hot Cyber. The Cybersecurity Blog
Featured Articles
A recent study by SentinelLabs sheds new light on the roots of the hacker group known as “Salt Typhoon ,” which carried out one of the most audacious espionage operations of the past decade. First...
Shannon acts as a penetration tester who doesn’t just report vulnerabilities, but launches actual exploits. Shannon’s goal is to breach your web application’s security before anyone with malicio...
The scene is always the same: monitors lit, dashboards full of alerts, logs scrolling too quickly, an anxious customer on the other end of the call. You sit down, look around, and realize that, once a...
A well-known initial access broker (IAB) called ” Storm-0249 ” has changed its operational strategies, using phishing campaigns as well as highly targeted attacks, which exploit the very security ...
A tool has been released that allows for the discreet monitoring of WhatsApp and Signal user activity using just a phone number. The tracking mechanism covers over three billion accounts and allows fo...
CrowdStrike Insider Fired for Providing Sensitive Data to Criminal Hackers
Sysmon will finally be integrated into Windows 11 and Windows Server 2025 in 2026
Sneaky2FA: The phishing scam that steals credentials with browser-in-the-browser attacks
TamperedChef: Malware via Fake App Installers
Whoever took down Cloudflare during the outage put their infrastructure at risk
Critical Vulnerability in Azure Bastion Scores 10! When RDP and SSH in the Cloud Are Checkmated
CrowdStrike Insider Fired for Providing Sensitive Data to Criminal Hackers
Redazione RHC - November 21st, 2025
In recent months, the insider problem has become increasingly important for large companies , and one recent episode involved CrowdStrike. The cybersecurity firm has in fact removed an employee believed...
Sysmon will finally be integrated into Windows 11 and Windows Server 2025 in 2026
Redazione RHC - November 21st, 2025
Microsoft has announced that it will integrate the popular Sysmon tool directly into Windows 11 and Windows Server 2025 in 2026. The announcement was made by Sysinternals creator Mark Russinovich....
Sneaky2FA: The phishing scam that steals credentials with browser-in-the-browser attacks
Redazione RHC - November 21st, 2025
Push Security specialists have noticed that the Sneaky2FA phishing platform now supports browser-in-the-browser attacks, which allow the creation of fake login windows and the theft of credentials and sessions. Sneaky2FA...
TamperedChef: Malware via Fake App Installers
Redazione RHC - November 20th, 2025
The large-scale TamperedChef campaign is once again attracting the attention of specialists, as attackers continue to distribute malware via fake installers of popular applications. This scam, disguised as legitimate software,...
Whoever took down Cloudflare during the outage put their infrastructure at risk
Redazione RHC - November 20th, 2025
A major outage in Cloudflare's infrastructure has unexpectedly tested the robustness of the cloud and its security systems for many businesses. On November 18, service outages caused websites around the...
Critical Vulnerability in Azure Bastion Scores 10! When RDP and SSH in the Cloud Are Checkmated
Redazione RHC - November 20th, 2025
An authentication bypass vulnerability has been discovered in Azure Bastion , Microsoft's managed service that enables secure RDP and SSH connections to virtual machines in Azure without directly exposing them...
Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE