Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
Banner Mobile
Banner Ancharia Desktop 1 1

Red Hot Cyber. The Cybersecurity Blog

Nearly 2,000 bugs in 100 dating apps: How your data can be stolen
MacSync: The macOS malware that empties your wallet… after weeks
Larva-25012 Proxyjacking Campaign Targets South Korea with Notepad++ Malware
PurpleBravo’s Contagious Interview: Malware Campaign Targets Global Firms
KONNI Malware Targets Crypto Developers with AI-Powered Attacks
Fortinet FortiOS Vulnerability Exploited: CVE-2025-59718 Patch Bypass
Cisco Zero-Day Vulnerability CVE-2026-20045 Actively Exploited
Red Hot Cyber and Hack The Box: together for the CTF at the RHC 2026 conference
Everest Ransomware Attacks McDonald’s, 861GB Data Stolen
ESXi Zero-Day Exploit: How to Protect Your VMware Environment
Previous Next

Ultime news

React Server Components Vulnerability: Update to Prevent DoS Attacks Cybercrime

React Server Components Vulnerability: Update to Prevent DoS Attacks

The React Server component security saga continues this week. Following the patching of a critical remote code execution (RCE) vulnerability...
Redazione RHC - 12 December 2025
Critical Windows PowerShell Vulnerability CVE-2025-54100: Update Now Cybercrime

Critical Windows PowerShell Vulnerability CVE-2025-54100: Update Now

An urgent security update has been released to address a critical vulnerability in Windows PowerShell that allows attackers to execute...
Redazione RHC - 12 December 2025
Telegram Losing Ground to Crackdown on Cybercrime Activities Cybercrime

Telegram Losing Ground to Crackdown on Cybercrime Activities

Telegram, which over the course of its history has become one of the most popular messaging apps in the world,...
Redazione RHC - 12 December 2025
Notepad++ Vulnerability Fixed: Update to 8.8.9 to Avoid Malware Cybercrime

Notepad++ Vulnerability Fixed: Update to 8.8.9 to Avoid Malware

Notepad++ is often targeted by attackers because the software is popular and widely used. A recently discovered vulnerability in the...
Redazione RHC - 11 December 2025
NetSupport RAT Malware Campaign Uncovered: Expert Analysis Cybercrime

NetSupport RAT Malware Campaign Uncovered: Expert Analysis

Securonix specialists have discovered a multi-layered malware campaign aimed at secretly installing the NetSupport RAT remote access tool . The...
Redazione RHC - 11 December 2025
Digital Stress: How to Achieve Balance in a Hyper-Connected World Cybercrime

Digital Stress: How to Achieve Balance in a Hyper-Connected World

We live in dissociation: we praise work-life balance, yet we find ourselves constantly online, like puppets on invisible strings. The...
Daniela Farina - 11 December 2025
« Precedente   Successivo »

TamperedChef: Malware via Fake App Installers

- November 21st, 2025

The large-scale TamperedChef campaign is once again attracting the attention of specialists, as attackers continue to distribute malware via fake installers of popular applications. This scam, disguised as legitimate software,...
Share on Facebook Share on LinkedIn Share on X

Whoever took down Cloudflare during the outage put their infrastructure at risk

- November 21st, 2025

A major outage in Cloudflare's infrastructure has unexpectedly tested the robustness of the cloud and its security systems for many businesses. On November 18, service outages caused websites around the...
Share on Facebook Share on LinkedIn Share on X

Critical Vulnerability in Azure Bastion Scores 10! When RDP and SSH in the Cloud Are Checkmated

- November 21st, 2025

An authentication bypass vulnerability has been discovered in Azure Bastion , Microsoft's managed service that enables secure RDP and SSH connections to virtual machines in Azure without directly exposing them...
Share on Facebook Share on LinkedIn Share on X

Risk averted for millions of Microsoft users! The critical vulnerability in Microsoft SharePoint 9.8

- November 21st, 2025

Microsoft has disclosed a critical vulnerability in SharePoint Online (discovered by RHC through our ongoing monitoring of critical CVEs on our portal), identified as CVE‑2025‑59245 , with a CVSS v3.1...
Share on Facebook Share on LinkedIn Share on X

Sturnus, the banking Trojan that intercepts WhatsApp, Telegram, and Signal messages

- November 21st, 2025

ThreatFabric specialists have discovered a new banking Trojan, Sturnus . The malware is capable of intercepting messages from end-to-end encrypted messaging apps (Signal, WhatsApp, Telegram) and gaining full control over...
Share on Facebook Share on LinkedIn Share on X

Disloyal Employees: Fired, Returns to Work, and Resets 2,500 Passwords Without the Company’s Knowledge

- November 21st, 2025

An employee has pleaded guilty to hacking into his former employer's network and causing nearly $1 million in damages after being fired. According to the indictment, 35-year-old Maxwell Schultz, who...
Share on Facebook Share on LinkedIn Share on X

MONOLOCK: The new “silent” ransomware group that rejects leak sites and affiliate panels.

- November 21st, 2025

The ransomware landscape is changing. The most exposed actors—LockBit, Hunters International, and Trigona—have paid the price for overexposure, including international operations, infiltrations, deliberate leaks, and operational collapses. After years dominated...
Share on Facebook Share on LinkedIn Share on X

Critical vulnerability in the WordPress plugin W3 Total Cache. 430,000 sites at risk!

- November 21st, 2025

A critical vulnerability, CVE-2025-9501, has been discovered in the popular WordPress plugin W3 Total Cache . This vulnerability allows the execution of arbitrary PHP commands on the server without authentication....
Share on Facebook Share on LinkedIn Share on X

Hundreds of robots on the march: China presents the new generation of humanoids

- November 21st, 2025

Shenzhen -based UBTECH Robotics has publicly demonstrated its new wave of humanoid robots, delivering several hundred of them in a single shipment. The announcement was accompanied by a video that...
Share on Facebook Share on LinkedIn Share on X

Veeam launches Data Platform v13, redefining the standard for cyber resilience and advanced data protection.

- November 20th, 2025

With new capabilities to stay ahead of threats and accelerate recovery with next-generation security, forensic insights and intelligent automation, Veeam also launches the Universal Hypervisor Integration API, a flexible integration...
Share on Facebook Share on LinkedIn Share on X

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Featured Articles

Immagine del sitoCybercrime
Nearly 2,000 bugs in 100 dating apps: How your data can be stolen
Redazione RHC - 23/01/2026

A study of 100 dating apps revealed a disturbing picture: nearly 2,000 vulnerabilities were detected, 17% of which were classified as critical. The analysis was conducted by AppSec Solutions. The study’s results were published by…

Immagine del sitoCybercrime
MacSync: The macOS malware that empties your wallet… after weeks
Redazione RHC - 23/01/2026

A new malware campaign has emerged in the macOS world, one that relies not on sophisticated exploits, but on good old-fashioned social engineering. It’s powered by the MacSync malware, distributed using the ” malware-as-a-service ”…

Immagine del sitoCybercrime
Larva-25012 Proxyjacking Campaign Targets South Korea with Notepad++ Malware
Redazione RHC - 22/01/2026

A sophisticated proxyjacking campaign is targeting systems in South Korea, attributed to the actor Larva-25012 , which distributes proxyware disguised as legitimate Notepad++ installers. The campaign demonstrates significant technical evolution, using process injection in explorer.exe…

Immagine del sitoCybercrime
PurpleBravo’s Contagious Interview: Malware Campaign Targets Global Firms
Redazione RHC - 22/01/2026

For over a year, the North Korean group PurpleBravo has been running a targeted malware campaign called “Contagious Interview,” using fake job interviews to attack companies in Europe, Asia, the Middle East, and Central America.…

Immagine del sitoCybercrime
KONNI Malware Targets Crypto Developers with AI-Powered Attacks
Redazione RHC - 22/01/2026

Check Point Research recently discovered a sophisticated phishing campaign orchestrated by KONNI , a threat group linked to North Korea . Historically focused on diplomatic targets in South Korea, the malicious actor has now expanded…