Red Hot Cyber. The Cybersecurity Blog
Xehook Stealer: The Rise and Sale of a Formidable Stealer Malware
Introduction Xehook Stealer is a sophisticated malware targeting Windows operating systems, first discovered in January 2024. Within a year, Xehook has rapidly gained notoriety for its advanced data collection capabilities and support for over 110 cryptocurrencies and 2FA extensions. Starting
DataLeak Microsoft: 4GB of Microsoft PlayReady Code Made Public!
On June 11, a Microsoft engineer inadvertently made 4GB of internal code related to Microsoft PlayReady public. The information leak occurred on the Microsoft Developer Community, a forum dedicated to developers. Details of the Information Leak The leaked material included:
Linux Kernel UAF 0-day Vulnerability on sale in the Dark Web
Recently, a security alert shaked the infosec environment: A malicious actor has announced the sale of Use After Free (UAF) 0-day vulnerability affecting the Linux Kernel on the well-known darknet forum BreachForum. The vulnerabilit permits high privileges code execution to
WordPress: Five Plugins Found with Malicious Code
On June 24, 2024, Wordfence revealed a supply chain attack on WordPress plugins, leading to the compromise of five plugins with malicious code. The affected plugins are: The malicious code aimed to create a new admin user and inject SEO
Julian Assange Free! Freedom Reclaimed After Five Years of Detention
London, June 25, 2024 – Julian Assange, the founder of WikiLeaks, was released yesterday from the maximum-security Belmarsh prison after spending 1901 days in detention. The news was announced by WikiLeaks on the social media platform X, confirming that Assange
BlackByte: The Return of the Gang after a few months of inactivity
In recent years, the cybersecurity landscape has been marked by ongoing ransomware attacks , with criminal groups constantly evolving to evade defenses. One such group, known as BlackByte, recently returned to action after months of inactivity, reviving its double extortion strategy and
Sale of a 0Day RCE Exploit for GLPI HelpDesk
Pietro Melillo - July 18th, 2024
Recently, a user on the Breachforums known as "cisc0" posted an announcement regarding the sale of a 0Day exploit for GLPI HelpDesk. According to the user, this exploit works on...
Play Ransomware Claims Attack on MIPS Technologies
Pietro Melillo - July 18th, 2024
In the last few hours, the Data Leak site of the ransomware gang Play Ransomware has published a new claim: the giant MIPS Technologies (www.mips.com) has been the victim of...
Data Breach: Personal Information of 6K NATO Employees for Sale
Pietro Melillo - July 18th, 2024
On July 17, 2024, user Vadimblyaa posted on a well-known cybercriminal forum, claiming to possess personal information of 6,000 NATO employees, acquired through a data breach that occurred on July...
Alleged Cyber Attack on Sheba Medical Center: Israel’s Largest Hospital
Pietro Melillo - July 16th, 2024
The Sheba Medical Center, the largest hospital in Israel and ranked ninth in the world, has recently fallen victim to an alleged data breach. A pro-Palestinian hacker group known as...
Sign up for the newsletter