Red Hot Cyber. The Cybersecurity Blog
Featured Articles
A recent study by Datadog Security Labs reveals an ongoing operation targeting organizations using Microsoft 365 and Okta for single sign-on (SSO) authentication. This operation uses sophisticated tec...
The React Server component security saga continues this week. Following the patching of a critical remote code execution (RCE) vulnerability that led to React2shell, researchers have discovered two ne...
Cisco Talos has identified a new ransomware campaign called DeadLock : attackers are exploiting a vulnerable Baidu antivirus driver (CVE-2024-51324) to disable EDR systems using the Bring Your Own Vul...
What we wrote in the article ” Patriotic Code: from DDoSia and NoName057(16) to CISM, the algorithm that shapes youth for Putin ” on Red Hot Cyber on July 23rd is now fully consistent with the inf...
Gartner analysts have urged businesses to temporarily stop using browsers with built-in artificial intelligence (AI) capabilities . In a recent advisory, the company emphasizes that such tools pose un...
Triofox Antivirus Exploited to Install Remote Access Components
BazarLoader: The precursor malware used by RaaS gangs
Emotet: The horse returns to a gallop more dangerous than ever
Two 0-day attacks, one attack: the perfect strike against Citrix and Cisco. Amazon’s discovery
The Queen of Cryptocurrency Has Been Captured! She Stole $7 Billion in Bitcoin
Cyber Sabotage Alert: Volt Typhoon Prepares for Destructive Activities
Triofox Antivirus Exploited to Install Remote Access Components
Redazione RHC - November 12th, 2025
Google researchers warn that hackers are exploiting a critical vulnerability in Gladinet Triofox to remotely execute code with SYSTEM privileges, bypassing authentication and gaining complete control of the system. The...
BazarLoader: The precursor malware used by RaaS gangs
Redazione RHC - November 12th, 2025
BazarLoader (sometimes referred to as BazaLoader ) is a " precursor malware " that provides initial backdoor access to an infected Windows host. Once a client is infected, criminals use...
Emotet: The horse returns to a gallop more dangerous than ever
Redazione RHC - November 12th, 2025
Emotet is a malware of the Trojan Horse category, which began its first spread in 2014 which brought it to the podium among the main cyber threats of the decade...
Two 0-day attacks, one attack: the perfect strike against Citrix and Cisco. Amazon’s discovery
Redazione RHC - November 12th, 2025
Amazon ha segnalato un complesso attacco informatico in cui gli aggressori hanno sfruttato simultaneamente due vulnerabilità zero-day, presenti nei prodotti Citrix e Cisco. Secondo il responsabile della sicurezza informatica dell'azienda,...
The Queen of Cryptocurrency Has Been Captured! She Stole $7 Billion in Bitcoin
Redazione RHC - November 12th, 2025
A London court has sentenced 47-year-old Chinese woman Zhimin Qian , also known as Yadi Zhang, to 11 years and eight months in prison for laundering bitcoin obtained through the...
Cyber Sabotage Alert: Volt Typhoon Prepares for Destructive Activities
Redazione RHC - November 12th, 2025
The Australian Security Intelligence Organisation (ASIO) has raised the alarm about the readiness of authoritarian states to go beyond cyber espionage to directly sabotage critical infrastructure. Mike Burgess, head of...
Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE