Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
Enterprise BusinessLog 320x200 1
Banner Ransomfeed 970x120 1

Red Hot Cyber. The Cybersecurity Blog

Instagram Data Leak Exposes 17.5 Million Users on Dark Web
Undertow Vulnerability CVE-2025-12543 Exposes Java Ecosystem to Critical Security Risks
Iran Protests Escalate as Reza Pahlavi Calls for Action Against Government
Veeam Backup Vulnerability: Critical RCE Flaw Discovered – Update Now
When Attack Discovery Becomes Automated, Detection Stops Scaling
CVE-2026-21858: n8n Vulnerability Exposes Thousands of Servers to RCE
Disable Windows 11 AI Features Easily with RemoveWindowsAI Tool
DevSecOps: Integrating Security into Your Development Process
WhatsApp Device Fingerprinting: New Measures Against Privacy Threats
PS5 BootROM Key Leaked, Sony’s Security Compromised
Previous Next

Ultime news

Ransomware Attacks Decline in 2024, But Threat Remains High with $734M in Ransom Cybercrime

Ransomware Attacks Decline in 2024, But Threat Remains High with $734M in Ransom

According to a recently released report by the Financial Crimes Enforcement Network (FinCEN) , global ransomware activity peaked in 2023,...
Redazione RHC - 9 December 2025
Embracing Vulnerability for Authentic Leadership and Team Growth Cybercrime

Embracing Vulnerability for Authentic Leadership and Team Growth

We're connected, connected to everything, hyperconnected. Our professional and social lives are dictated by extremely tight deadlines and a constantly...
Daniela Linda - 9 December 2025
CISA Warns: Avoid Personal VPNs for Secure Mobile Communications Cybercrime

CISA Warns: Avoid Personal VPNs for Secure Mobile Communications

In new mobile communications advisories, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a stern warning to smartphone...
Redazione RHC - 9 December 2025
SAP Security Update Fixes Critical Code Injection Vulnerability in Solution Manager Cybercrime

SAP Security Update Fixes Critical Code Injection Vulnerability in Solution Manager

SAP has just released its latest annual security update, which contains 14 new security bug fixes. Among them is a...
Redazione RHC - 9 December 2025
Passwordless Authentication: The Future of Secure Online Access Cybercrime

Passwordless Authentication: The Future of Secure Online Access

Using passwords to access online accounts is no longer as secure as it once was. In fact, passwords are now...
Redazione RHC - 9 December 2025
Critical PromptPwnd Vulnerability Exposes AI-Powered GitLab, GitHub Pipelines Cybercrime

Critical PromptPwnd Vulnerability Exposes AI-Powered GitLab, GitHub Pipelines

A critical vulnerability, identified as "PromptPwnd," affects AI agents that are integrated into the GitLab CI/CD and GitHub Actions pipelines....
Redazione RHC - 9 December 2025
« Precedente   Successivo »

Microsoft Blocks KMS38 Activation Method for Windows 10 and 11

- November 23rd, 2025

Users noticed that last week Microsoft developers disabled the offline activation method for Windows 11 and 10 via KMS38, which has been used by hackers around the world for years....
Share on Facebook Share on LinkedIn Share on X

Future prospects for computer science and technology graduates

- November 23rd, 2025

Artificial intelligence is changing the way recent computer science graduates approach the world of work. It's not about sudden job disappearances , but rather a transformation of entry-level roles in...
Share on Facebook Share on LinkedIn Share on X

ATMs targeted! Cybersecurity experts reveal an attack campaign targeting ATMs.

- November 23rd, 2025

Group-IB experts presented a detailed analysis of the long-running UNC2891 campaign, which demonstrated the continuing sophistication of ATM attack schemes. Attention focused on the Raspberry Pi, which the attackers used...
Share on Facebook Share on LinkedIn Share on X

Google Gemini Improves AI-Generated Image Verification

- November 23rd, 2025

Google has expanded the capabilities of its Gemini artificial intelligence service by adding a tool to the app and web version to check images for signs of automatic generation ....
Share on Facebook Share on LinkedIn Share on X

“We Want to Hack You Again!” NSO Group Rejects WhatsApp’s Pegasus Lawsuit

- November 22nd, 2025

Israeli company NSO Group has appealed a California federal court ruling that bars it from using WhatsApp's infrastructure to distribute its Pegasus surveillance software. The case, which has been ongoing...
Share on Facebook Share on LinkedIn Share on X

Oracle under attack: Pre-auth RCE vulnerability discovered that compromises entire systems

- November 22nd, 2025

A vulnerability, designated CVE-2025-61757, was made public by Searchlight Cyber last Thursday. Company researchers discovered the issue and notified Oracle, which led to its disclosure. Oracle fixed CVE-2025-61757 with the...
Share on Facebook Share on LinkedIn Share on X

CrowdStrike Insider Fired for Providing Sensitive Data to Criminal Hackers

- November 22nd, 2025

In recent months, the insider problem has become increasingly important for large companies , and one recent episode involved CrowdStrike. The cybersecurity firm has in fact removed an employee believed...
Share on Facebook Share on LinkedIn Share on X

Sysmon will finally be integrated into Windows 11 and Windows Server 2025 in 2026

- November 22nd, 2025

Microsoft has announced that it will integrate the popular Sysmon tool directly into Windows 11 and Windows Server 2025 in 2026. The announcement was made by Sysinternals creator Mark Russinovich....
Share on Facebook Share on LinkedIn Share on X

Sneaky2FA: The phishing scam that steals credentials with browser-in-the-browser attacks

- November 22nd, 2025

Push Security specialists have noticed that the Sneaky2FA phishing platform now supports browser-in-the-browser attacks, which allow the creation of fake login windows and the theft of credentials and sessions. Sneaky2FA...
Share on Facebook Share on LinkedIn Share on X

TamperedChef: Malware via Fake App Installers

- November 21st, 2025

The large-scale TamperedChef campaign is once again attracting the attention of specialists, as attackers continue to distribute malware via fake installers of popular applications. This scam, disguised as legitimate software,...
Share on Facebook Share on LinkedIn Share on X

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Featured Articles

Immagine del sitoCybercrime
Instagram Data Leak Exposes 17.5 Million Users on Dark Web
Redazione RHC - 10/01/2026

A massive digital archive containing the private information of approximately 17.5 million Instagram users appears to have fallen into the hands of cybercriminals. A few hours ago, the alarm was raised after several Reddit users…

Immagine del sitoCybercrime
Undertow Vulnerability CVE-2025-12543 Exposes Java Ecosystem to Critical Security Risks
Redazione RHC - 09/01/2026

A flaw has been discovered in the foundation of the Java web ecosystem. Undertow , the high-performance web server that powers enterprise heavyweights like WildFly and JBoss EAP , has been hit by a critical…

Immagine del sitoCybercrime
Iran Protests Escalate as Reza Pahlavi Calls for Action Against Government
Redazione RHC - 09/01/2026

Iranian protesters chanted and marched through the streets until Friday morning, following a call from exiled former Prince Reza Pahlavi to demonstrate, despite the Iranian theocracy cutting off the country from the internet and international…

Immagine del sitoCybercrime
Veeam Backup Vulnerability: Critical RCE Flaw Discovered – Update Now
Redazione RHC - 08/01/2026

Backups are generally considered the last line of defense, but this week Veeam reminded us that backup systems themselves can become entry points for attacks. The company released security updates for Backup & Replication ,…

Immagine del sitoCybercrime
When Attack Discovery Becomes Automated, Detection Stops Scaling
Alexander Rogan - 08/01/2026

For much of the past two decades, cybersecurity has been built on a simple assumption: malicious activity can be detected, analysed, and responded to before meaningful damage occurs. This assumption shaped everything from SOC design…