Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
Home
Beware of WhatsApp groups: An image can compromise your smartphone.-ServiceNow Under Attack: How an Email Can Open the Doors to Your Business-149 Million Accounts Exposed: The Database No One Should Have Seen-Shocking Discovery on Instagram: Private Posts Accessible Without Login!-Email Security Under Pressure: Phishing Kits to Double in 2025-Beware of WhatsApp groups: An image can compromise your smartphone.-ServiceNow Under Attack: How an Email Can Open the Doors to Your Business-149 Million Accounts Exposed: The Database No One Should Have Seen-Shocking Discovery on Instagram: Private Posts Accessible Without Login!-Email Security Under Pressure: Phishing Kits to Double in 2025
Cyber Offensive Fundamentals 320x200 V0.1
TM RedHotCyber 970x120 042543

Red Hot Cyber. The Cybersecurity Blog

    And let the phishing begin! Microsoft is taking action against a zero-day exploit already exploited in Office
    Pietro Melillo | Cyber News | 27/01/2026

    Once again, Microsoft was forced to quickly fix some flaws. The company has released unscheduled patches for Microsoft Office, addressing a dangerous zero-day vulnerability that has already been explo...

    When Malware Hides in Videos! The PixelCode Technique Breaks the Rules
    Marcello Filacchioni | Cybercrime | 26/01/2026

    PixelCode began as a research project exploring a hidden technique for storing binary data within images or videos . Instead of leaving a plaintext executable, the file is converted into pixel data, t...

    CISA alert: Exploit underway against VMware vCenter. Risk of RCE without authentication.
    Manuel Roccon | Cyber News | 25/01/2026

    The critical vulnerability recently added to the Cybersecurity and Infrastructure Security Agency (CISA) catalog of known exploited vulnerabilities (KEVs) affects the Broadcom VMware vCenter Server an...

    “I Stole 120,000 Bitcoins”: The Confession of the Bitfinex Hacker Who Now Wants to Defend Cyberspace
    Agostino Pellegrino | Cyber News | 25/01/2026

    The story ofIlya Lichtenstein, the hacker responsible for one of the largest cyber attacks ever carried out against cryptocurrencies, reads like an episode of a TV series, yet it is absolutely real. A...

    NoName057(16) hits Italy 487 times in the last 3 months: the DDoS wave does not stop
    Marcello Filacchioni | Cyber News | 24/01/2026

    Italy has confirmed itself as one of the main targets of the DDoS attack campaign carried out by the hacktivist group NoName057(16) . According to what was declared directly by the collective, our cou...

    BlueNoroff: The Hacker Group Revolutionizing Cybercrime
    Marcello Filacchioni | Cyber News | 23/01/2026

    The BlueNoroff hacker group has long since transformed cybercrime into a high-tech business, with tens of millions of dollars, cryptocurrency assets, and entire financial ecosystems at stake. A report...

    Nearly 2,000 bugs in 100 dating apps: How your data can be stolen
    Agostino Pellegrino | Cyber News | 23/01/2026

    A study of 100 dating apps revealed a disturbing picture: nearly 2,000 vulnerabilities were detected, 17% of which were classified as critical. The analysis was conducted by AppSec Solutions. The stud...

    MacSync: The macOS malware that empties your wallet… after weeks
    Massimiliano Brolli | Cyber News | 23/01/2026

    A new malware campaign has emerged in the macOS world, one that relies not on sophisticated exploits, but on good old-fashioned social engineering. It’s powered by the MacSync malware, distributed usi...

    PurpleBravo’s Contagious Interview: Malware Campaign Targets Global Firms
    Sandro Sana | Cyber News | 22/01/2026

    For over a year, the North Korean group PurpleBravo has been running a targeted malware campaign called “Contagious Interview,” using fake job interviews to attack companies in Europe, Asia, the Middl...

    KONNI Malware Targets Crypto Developers with AI-Powered Attacks
    Stefano Gazzella | Cyber News | 22/01/2026

    Check Point Research recently discovered a sophisticated phishing campaign orchestrated by KONNI , a threat group linked to North Korea . Historically focused on diplomatic targets in South Korea, the...

    Precedente Successivo

    Ultime news

    Phishing Campaigns Exploit File Sharing Services Cyber News

    Phishing Campaigns Exploit File Sharing Services

    Researchers at Check Point, a pioneer and global leader in cybersecurity solutions, have discovered a phishing campaign in which attackers...
    Redazione RHC - 23 December 2025
    RansomHouse Ransomware Upgraded: Enhanced Encryption Threat Cyber News

    RansomHouse Ransomware Upgraded: Enhanced Encryption Threat

    The group behind RansomHouse, one of the most notorious ransomware distribution services, has strengthened the technical capabilities of its attacks....
    Redazione RHC - 22 December 2025
    Cyber Attacks on the Rise: Wiper Malware and Data Destruction in 2025 Cyber News

    Cyber Attacks on the Rise: Wiper Malware and Data Destruction in 2025

    According to BI.ZONE, by 2025, attackers will increasingly opt for total destruction of corporate infrastructure rather than encryption . This...
    Redazione RHC - 22 December 2025
    MS13-089 Ransomware: Double Extortion Without Encryption Cybercrime

    MS13-089 Ransomware: Double Extortion Without Encryption

    MS13-089 opens a leak site on the dark web, exposes the first data and adopts a double extortion strategy without...
    Inva Malaj - 22 December 2025
    San Francisco Power Outage Exposes Waymo Self-Driving Car Vulnerabilities Cyber News

    San Francisco Power Outage Exposes Waymo Self-Driving Car Vulnerabilities

    A massive power outage in San Francisco has disrupted self-driving vehicle traffic. Waymo self-driving vehicles have been spotted on city...
    Redazione RHC - 22 December 2025
    Microsoft Shifts Activation Process: What It Means for Air-Gapped Systems Cyber News

    Microsoft Shifts Activation Process: What It Means for Air-Gapped Systems

    In the past, many users and system administrators have relied on Microsoft's telephone activation service to manage installations in specific...
    Redazione RHC - 22 December 2025
    « Precedente   Successivo »

    Anonymity for Sale: Russian SIM Card Market Thrives Amid Regulations

    Efforts by legislators and law enforcement to combat money laundering and more complex SIM card verification procedures have not significantly weakened the position of anonymous number dealers. This conclusion emerges...

    - December 4th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Hackers Compromise 120k IP Cameras for Pornographic Videos

    South Korean police have reported the arrest of four individuals who, presumably independently, compromised over 120,000 IP cameras. According to investigators, at least two of them did so to steal...

    - December 4th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Microsoft Fixes Old Windows LNK Vulnerability Exploited in Attacks

    Microsoft has quietly patched a long-standing Windows vulnerability that has been exploited in real-world attacks for several years. The update was released on November's Patch Tuesday, despite the company having...

    - December 4th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Critical React Server Vulnerability: Update Now to Prevent RCE Attacks

    Developers and administrators around the world are urgently updating their servers following the discovery of a critical vulnerability in React Server, which allows attackers to remotely execute unauthenticated code with...

    - December 4th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Critical Vulnerability in King Addons for Elementor Exploited

    During the registration process, a critical security flaw (CVE-2025-8489) in the King Addons WordPress Elementor plugin was exploited by attackers, allowing them to gain administrative privileges via a privilege escalation...

    - December 4th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Google Discover AI Headlines: Revolutionizing News Feed or Clickbait Nightmare?

    Google is testing AI-generated headlines in its Discover feed, replacing original news headlines with original ones. Sean Hollister, editor-in-chief of The Verge, reported this , noting that short and often...

    - December 4th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Storm-0900 Phishing Campaign Spreads XWorm Malware

    Over the holiday season, a coordinated attack was detected and blocked by Microsoft Threat Intelligence security analysts, involving tens of thousands of emails crafted to deceive recipients. The cybercriminal group...

    - December 4th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Windows 10 Still Running on 1 Billion PCs, Upgrade to Windows 11 Urged

    Windows 10 has been officially retired, but it still runs on approximately one billion personal computers worldwide. A significant number of devices are technically ready to upgrade to Windows 11,...

    - December 4th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Secure AI Integration in OT Systems: Key Principles and Best Practices

    Since ChatGPT's public release in November 2022, artificial intelligence (AI) has been integrated into many aspects of human society. For owners and operators of critical infrastructure, AI can be used...

    - December 4th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Aisuru Botnet Unleashes 29.7 Tbps DDoS Attack, Cloudflare Mitigates

    A botnet service called Aisuru offers an army of compromised IoT devices and routers to launch high-traffic DDoS attacks. In just three months, the massive Aisuru botnet launched more than...

    - December 3rd, 2025

    Share on Facebook Share on LinkedIn Share on X

    Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

    Featured Articles

    Immagine del sitoCyber News
    And let the phishing begin! Microsoft is taking action against a zero-day exploit already exploited in Office
    Pietro Melillo - 27/01/2026

    Once again, Microsoft was forced to quickly fix some flaws. The company has released unscheduled patches for Microsoft Office, addressing a dangerous zero-day vulnerability that has already been exploited in cyberattacks. The issue, identified as…

    Immagine del sitoCyber News
    ServiceNow Under Attack: How an Email Can Open the Doors to Your Business
    Redazione RHC - 27/01/2026

    The recent discovery of a vulnerability in ServiceNow’s AI platform has shaken the cybersecurity industry. This flaw, characterized by an extremely high severity score, allowed unauthenticated attackers to impersonate any corporate user. To launch the…

    Immagine del sitoCybercrime
    149 Million Accounts Exposed: The Database No One Should Have Seen
    Redazione RHC - 26/01/2026

    A recent leak revealed 149 million logins and passwords exposed online , including accounts for financial services, social media, gaming, and dating sites. The discovery was made by researcher Jeremiah Fowler and shared with ExpressVPN.…

    Immagine del sitoCybercrime
    When Malware Hides in Videos! The PixelCode Technique Breaks the Rules
    Marcello Filacchioni - 26/01/2026

    PixelCode began as a research project exploring a hidden technique for storing binary data within images or videos . Instead of leaving a plaintext executable, the file is converted into pixel data, transforming each byte…

    Immagine del sitoCyber News
    How a simple Visual Studio Code file can become a backdoor for state-run hackers
    Redazione RHC - 26/01/2026

    Security researchers have recently observed a worrying evolution in the offensive tactics attributed to North Korean-linked actors as part of the campaign known as Contagious Interview : no longer simple fake job interview scams, but…