Red Hot Cyber. The Cybersecurity Blog
Featured Articles
Israeli company NSO Group has appealed a California federal court ruling that bars it from using WhatsApp’s infrastructure to distribute its Pegasus surveillance software. The case, which has been o...
A vulnerability, designated CVE-2025-61757, was made public by Searchlight Cyber last Thursday. Company researchers discovered the issue and notified Oracle, which led to its disclosure. Oracle fixed ...
Microsoft has disclosed a critical vulnerability in SharePoint Online (discovered by RHC through our ongoing monitoring of critical CVEs on our portal), identified as CVE‑2025‑59245 , with a CVSS ...
The ransomware landscape is changing. The most exposed actors—LockBit, Hunters International, and Trigona—have paid the price for overexposure, including international operations, infiltrations, d...
A critical vulnerability, CVE-2025-9501, has been discovered in the popular WordPress plugin W3 Total Cache . This vulnerability allows the execution of arbitrary PHP commands on the server without au...
Louvre Theft: Windows 2000 and Windows XP on Networks, as Well as Simple Passwords
SesameOp: The Malware That Uses OpenAI Assistants for Command and Control
Chinese hackers target European diplomatic agencies (including Italy)
Eight 0-days worth $35 million sold to Russia by US insiders
Trump refuses to export Nvidia chips. China responds: “Don’t worry, we’ll do it ourselves.”
Goodbye, malware! In 2025, criminal hackers will use legitimate accounts to remain invisible.
Louvre Theft: Windows 2000 and Windows XP on Networks, as Well as Simple Passwords
Redazione RHC - November 4th, 2025
As we know, the thieves in the "theft of the century" entered through a second-floor window of the Louvre Museum, but the museum had other problems besides unprotected windows. Although...
SesameOp: The Malware That Uses OpenAI Assistants for Command and Control
Redazione RHC - November 4th, 2025
Microsoft has discovered a new malware, dubbed SesameOp , and published details of how it works . This backdoor was unusual: its creators used the OpenAI Assistants API as a...
Chinese hackers target European diplomatic agencies (including Italy)
Redazione RHC - November 4th, 2025
The China-linked hacker group UNC6384 ( also known as Mustang Panda ) is conducting a large-scale cyberespionage campaign targeting European diplomatic and government agencies. According to Arctic Wolf and StrikeReady...
Eight 0-days worth $35 million sold to Russia by US insiders
Redazione RHC - November 4th, 2025
Former US defense contractor CEO Peter Williams has pleaded guilty to selling " eight sensitive, protected cyber exploits" to Russian zero-day broker Operation Zero. Court documents and a TechCrunch investigation...
Trump refuses to export Nvidia chips. China responds: “Don’t worry, we’ll do it ourselves.”
Redazione RHC - November 4th, 2025
Reuters reported that Trump told reporters during a pre-recorded interview on CBS's "60 Minutes" and on Air Force One during the return flight: "We're not going to let any country...
Goodbye, malware! In 2025, criminal hackers will use legitimate accounts to remain invisible.
Redazione RHC - November 4th, 2025
A FortiGuard report for the first half of 2025 shows that financially motivated attackers are increasingly eschewing sophisticated exploits and malware. Instead , they are using valid accounts and legitimate...
Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE