Red Hot Cyber

Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Search
Red Hot Cyber Academy

Red Hot Cyber. The Cybersecurity Blog

- July 11th, 2025 - (Posted in Cybercrime and Darknet)
A critical double-free vulnerability has been discovered in the pipapo set module of the NFT subsystem of the Linux kernel. An unprivileged attacker can exploit this vulnerability by sending a specially crafted netlink message, triggering a double-free with high stability fault. An attacker can leverage kernel exploit techniques to achieve...

KillSec Announces New Ransomware-as-a-Service (RaaS) Platform

June 25, 2024 – KillSec, a well-known hacktivist group, has announced the launch of their latest offering on their Telegram channel: KillSec RaaS (Ransomware-as-a-Service). This new platform promises to enhance the capabilities of aspiring cybercriminals by providing advanced tools and

UNZIPPED DATA – LEVI STRAUSS COMPROMISED ACCOUNTS

The legendary Jeans retailer Levi Strauss & Co. identified a significant data breach that affected over 72,000 customers. The incident was discovered on June 13th, 2024 and it was the result of a credential stuffing attack, where attackers used combination

lockbit

LockBit: The Bluff of Double Extortion Against the Federal Reserve

In recent years, the cybersecurity landscape has been dominated by the growing threat posed by ransomware groups. Among these, LockBit has emerged as one of the most notorious and feared. However, a recent event has called their credibility into question:

Xehook Stealer: The Rise and Sale of a Formidable Stealer Malware

Introduction Xehook Stealer is a sophisticated malware targeting Windows operating systems, first discovered in January 2024. Within a year, Xehook has rapidly gained notoriety for its advanced data collection capabilities and support for over 110 cryptocurrencies and 2FA extensions. Starting

DataLeak Microsoft: 4GB of Microsoft PlayReady Code Made Public!

On June 11, a Microsoft engineer inadvertently made 4GB of internal code related to Microsoft PlayReady public. The information leak occurred on the Microsoft Developer Community, a forum dedicated to developers. Details of the Information Leak The leaked material included:

Linux Kernel UAF 0-day Vulnerability on sale in the Dark Web 

Recently, a security alert shaked the infosec environment: A malicious actor has announced the sale of Use After Free (UAF) 0-day vulnerability affecting the Linux Kernel on the well-known darknet forum BreachForum. The vulnerabilit permits high privileges code execution to

The Ransomware Group Ransomexx Claims Attack on Liteon

- July 26th, 2024

On July 26, 2024, the ransomware group Ransomexx publicly claimed responsibility for an attack against Liteon, a giant in the electronic components sector. This attack is further evidence of the...

  

A Threat Actors Posts Update on Luxottica’s 2021 Data Breach

- July 25th, 2024

Recently, a threat actor in a clandestine forum posted an update on the 2021 data breach concerning the giant Luxottica, one of the world's largest eyewear companies. According to the...

  

The dark side of the Windows Command Prompt: how malicious commands can replace legitimate ones

- July 25th, 2024

If you choose to read this article, please note that it will not discuss a vulnerability or a bug, but rather an intended behavior of Windows Command Prompt which, in...

  

RHC interviews RADAR and DISPOSSESSOR: “When it comes to security, the best defense is a good offense.”

- July 25th, 2024

In our usual underground analysis activities, we came into contact with the cyber gang DISPOSSESSOR, which came to attention in February 2024 in the cyber threat landscape. Accessing their Data...

  

Sign up for the newsletter