Contact
Red Hot Cyber

Cybersecurity, Cybercrime News and Vulnerability Analysis

Home
Heliaca 970x120 1
    Supply Chain Attack: How Notepad++ Was Compromised via CVE-2025-15556
    Manuel Roccon | Cybercrime | 04/02/2026

    In cybersecurity, we often focus on finding complex bugs in source code, ignoring the fact that end-user trust is built on a much simpler foundation: a download link. The Notepad++ incident, now class...

    Microsoft Office under attack: the bug needs to be patched to prevent Russian espionage.
    Bajram Zeqiri | Cyber News | 03/02/2026

    In recent days, APT28 , a well-known Russian-linked hacker group, has intensified its attacks by exploiting a vulnerability in Microsoft Office. The flaw, classified as CVE-2026-21509, was disclosed b...

    Goodbye to NTLM! Microsoft is moving towards a new era of authentication with Kerberos
    Silvia Felici | Cyber News | 01/02/2026

    For over three decades, it has been a silent pillar of the Windows ecosystem. Now, however, NTLM ‘s time seems definitively over. Microsoft has decided to initiate a profound transition that marks the...

    The world’s first humanoid robot store has opened in China. Will we be ready?
    Carolina Vivianti | innovation | 30/01/2026

    At ten o’clock in the morning, in Wuhan, two 1.3-meter-tall humanoid robots begin moving with precision. They turn, jump, and follow a rhythm. It’s the opening signal for the country’s first 7S humano...

    Douglas Engelbart was born today: the man who saw and invented the digital future.
    Massimiliano Brolli | Culture | 30/01/2026

    Sometimes, when you think about it, you wonder how we take the world around us for granted. Like, we click, scroll, type, and it all seems so natural, as if it’s always been there. But no, there was s...

    WhatsApp gets a makeover: “Paranoia” mode arrives (and no, it’s not for everyone).
    Silvia Felici | Cyber News | 29/01/2026

    WhatsApp has decided to toughen up. Not for everyone, not always, but when needed. The decision comes against a backdrop of a now-familiar climate: increasing cyber attacks, espionage that no longer m...

    Beware of “I am not a robot”: the malware trap that uses Google Calendar.
    Bajram Zeqiri | Cybercrime | 29/01/2026

    A new threat is lurking, exploiting our greatest weakness: habit. How many times, in fact, do you find yourself clicking on verification boxes without thinking twice? Now, it seems that malicious peop...

    A blow to the heart of cybercrime: RAMP taken offline. The “temple” of ransomware falls!
    Bajram Zeqiri | Cybercrime | 28/01/2026

    The RAMP (Russian Anonymous Marketplace) forum, one of the main hubs of the international cybercrime underground, has been officially shut down and seized by US law enforcement . The news emerged afte...

    Digital Autonomy: France Says Goodbye to Teams and Zoom by 2027
    Silvia Felici | Cyberpolitics | 28/01/2026

    This isn’t the first initiative to emerge on this front recently. Indeed, we’ve heard several of them, one after the other. And it’s almost inevitable: technological autonomy and national security are...

    And let the phishing begin! Microsoft is taking action against a zero-day exploit already exploited in Office
    Pietro Melillo | Cyber News | 27/01/2026

    Once again, Microsoft was forced to quickly fix some flaws. The company has released unscheduled patches for Microsoft Office, addressing a dangerous zero-day vulnerability that has already been explo...

    Precedente Successivo

    Latest news

    Disney Invests $1 Billion in OpenAI for Sora Video Deal Cyber News

    Disney Invests $1 Billion in OpenAI for Sora Video Deal

    Disney will invest $1 billion in OpenAI and officially license its characters for use in its Sora video generator. The...
    Silvia Felici - December 12, 2025
    React Server Components Vulnerability: Update to Prevent DoS Attacks Vulnerability

    React Server Components Vulnerability: Update to Prevent DoS Attacks

    The React Server component security saga continues this week. Following the patching of a critical remote code execution (RCE) vulnerability...
    Agostino Pellegrino - December 12, 2025
    Critical Windows PowerShell Vulnerability CVE-2025-54100: Update Now Vulnerability

    Critical Windows PowerShell Vulnerability CVE-2025-54100: Update Now

    An urgent security update has been released to address a critical vulnerability in Windows PowerShell that allows attackers to execute...
    Agostino Pellegrino - December 12, 2025
    Notepad++ Vulnerability Fixed: Update to 8.8.9 to Avoid Malware Cyber News

    Notepad++ Vulnerability Fixed: Update to 8.8.9 to Avoid Malware

    Notepad++ is often targeted by attackers because the software is popular and widely used. A recently discovered vulnerability in the...
    Redazione RHC - December 11, 2025
    Digital Stress: How to Achieve Balance in a Hyper-Connected World Cybercrime

    Digital Stress: How to Achieve Balance in a Hyper-Connected World

    We live in dissociation: we praise work-life balance, yet we find ourselves constantly online, like puppets on invisible strings. The...
    Daniela Farina - December 11, 2025
    Uncovering Russia’s Cyber Operations: CISM’s Role in DDoS Attacks Cyber News

    Uncovering Russia’s Cyber Operations: CISM’s Role in DDoS Attacks

    What we wrote in the article " Patriotic Code: from DDoSia and NoName057(16) to CISM, the algorithm that shapes youth...
    Marcello Filacchioni - December 11, 2025
    « Previous   Next »

    The AI market is in crisis: NVIDIA and other tech giants are declining.

    Artificial intelligence has been the biggest trend in recent years, as the stock prices of AI-related tech giants have skyrocketed. NVIDIA has surpassed the $5 trillion market cap, becoming a...

    - November 14th, 2025

    Share on Facebook Share on LinkedIn Share on X

    A bug in ImunifyAV antivirus leads to RCE. 56 million sites at risk.

    A vulnerability has been discovered in the Linux hosting ecosystem : the ImunifyAV malware scanner has been found to be vulnerable to remote code execution (RCE). The issue affects the...

    - November 14th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Discovering Remote Code Execution (RCE). The most feared security bug!

    Of all the vulnerabilities, the most feared by victims and the most sought after by attackers is remote code execution, or RCE. This vulnerability allows arbitrary commands to be executed...

    - November 14th, 2025

    Share on Facebook Share on LinkedIn Share on X

    An “autonomous” spy campaign was orchestrated by artificial intelligence

    An analysis conducted in recent months had highlighted how the evolution of artificial intelligence systems was reaching a critical point for cybersecurity, with capabilities doubling in just six months ....

    - November 14th, 2025

    Share on Facebook Share on LinkedIn Share on X

    What is Misevolution: The Autonomous Evolution of AI Agents, and It’s Not Always Good

    Shanghai, November 11, 2025 – A new study conducted by the Shanghai Artificial Intelligence Laboratory , in collaboration with Shanghai Jiao Tong University , Renmin University of China , and...

    - November 13th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Tanks are no longer needed: new wars are fought from a laptop

    Author: Roberto Villani, Tanslate: Vincenzo Marcovecchio Why will the cyberg wars, indeed the cyber-guerrillas, be more and more present and involve us more and more? The short century, the 1900s...

    - November 13th, 2025

    Share on Facebook Share on LinkedIn Share on X

    A 0Day bug for a WordPress plugin sold for 6000 euros in the underground

    On one of Russia's most popular forums for buying and selling vulnerabilities and attack tools, the thread appeared as a standard commercial ad, but the content is anything but trivial....

    - November 13th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Triofox Antivirus Exploited to Install Remote Access Components

    Google researchers warn that hackers are exploiting a critical vulnerability in Gladinet Triofox to remotely execute code with SYSTEM privileges, bypassing authentication and gaining complete control of the system. The...

    - November 13th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Two 0-day attacks, one attack: the perfect strike against Citrix and Cisco. Amazon’s discovery

    Amazon ha segnalato un complesso attacco informatico in cui gli aggressori hanno sfruttato simultaneamente due vulnerabilità zero-day, presenti nei prodotti Citrix e Cisco. Secondo il responsabile della sicurezza informatica dell'azienda,...

    - November 13th, 2025

    Share on Facebook Share on LinkedIn Share on X

    The Queen of Cryptocurrency Has Been Captured! She Stole $7 Billion in Bitcoin

    A London court has sentenced 47-year-old Chinese woman Zhimin Qian , also known as Yadi Zhang, to 11 years and eight months in prison for laundering bitcoin obtained through the...

    - November 13th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE