Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
Banner Ransomfeed 320x100 1
Crowdstriker 970×120

Red Hot Cyber. The Cybersecurity Blog

NoName057(16) hits Italy 487 times in the last 3 months: the DDoS wave does not stop
NexPhone: Three operating systems in your pocket! The phone that challenges the very concept of a PC.
BlueNoroff: The Hacker Group Revolutionizing Cybercrime
Nearly 2,000 bugs in 100 dating apps: How your data can be stolen
MacSync: The macOS malware that empties your wallet… after weeks
Larva-25012 Proxyjacking Campaign Targets South Korea with Notepad++ Malware
PurpleBravo’s Contagious Interview: Malware Campaign Targets Global Firms
KONNI Malware Targets Crypto Developers with AI-Powered Attacks
Fortinet FortiOS Vulnerability Exploited: CVE-2025-59718 Patch Bypass
Cisco Zero-Day Vulnerability CVE-2026-20045 Actively Exploited
Previous Next

Ultime news

IRS.GOV: alleged data breach affects the accounts of 18 million citizens Cybercrime

IRS.GOV: alleged data breach affects the accounts of 18 million citizens

An alleged database containing sensitive information on 18 million U.S. citizens over 65 has appeared for sale on a popular...
Redazione RHC - 12 December 2025
Amnesty International Launches .onion Site for Secure Access to Human Rights Info Cybercrime

Amnesty International Launches .onion Site for Secure Access to Human Rights Info

Amnesty International has launched its own website, accessible via the .onion domain on the Tor network, offering a new secure...
Redazione RHC - 12 December 2025
NANOREMOTE Trojan Uses Google Drive for Command and Control Cybercrime

NANOREMOTE Trojan Uses Google Drive for Command and Control

A new multifunctional Windows Trojan called NANOREMOTE uses a cloud file storage service as its command center , making the...
Redazione RHC - 12 December 2025
Microsoft Azure OAuth Attack: ConsentFix Malware Steals Accounts Cybercrime

Microsoft Azure OAuth Attack: ConsentFix Malware Steals Accounts

A new scheme called " ConsentFix " expands the capabilities of the already known ClickFix social media attack and allows...
Redazione RHC - 12 December 2025
Linux Foundation Launches Agentic AI Foundation with Key Tech Players Cybercrime

Linux Foundation Launches Agentic AI Foundation with Key Tech Players

The establishment of the Agentic AI Foundation (AAIF), a dedicated fund under the auspices of the Linux Foundation , was...
Redazione RHC - 12 December 2025
Disney Invests $1 Billion in OpenAI for Sora Video Deal Cybercrime

Disney Invests $1 Billion in OpenAI for Sora Video Deal

Disney will invest $1 billion in OpenAI and officially license its characters for use in its Sora video generator. The...
Redazione RHC - 12 December 2025
« Precedente   Successivo »

ATMs targeted! Cybersecurity experts reveal an attack campaign targeting ATMs.

- November 23rd, 2025

Group-IB experts presented a detailed analysis of the long-running UNC2891 campaign, which demonstrated the continuing sophistication of ATM attack schemes. Attention focused on the Raspberry Pi, which the attackers used...
Share on Facebook Share on LinkedIn Share on X

Google Gemini Improves AI-Generated Image Verification

- November 23rd, 2025

Google has expanded the capabilities of its Gemini artificial intelligence service by adding a tool to the app and web version to check images for signs of automatic generation ....
Share on Facebook Share on LinkedIn Share on X

“We Want to Hack You Again!” NSO Group Rejects WhatsApp’s Pegasus Lawsuit

- November 22nd, 2025

Israeli company NSO Group has appealed a California federal court ruling that bars it from using WhatsApp's infrastructure to distribute its Pegasus surveillance software. The case, which has been ongoing...
Share on Facebook Share on LinkedIn Share on X

Oracle under attack: Pre-auth RCE vulnerability discovered that compromises entire systems

- November 22nd, 2025

A vulnerability, designated CVE-2025-61757, was made public by Searchlight Cyber last Thursday. Company researchers discovered the issue and notified Oracle, which led to its disclosure. Oracle fixed CVE-2025-61757 with the...
Share on Facebook Share on LinkedIn Share on X

CrowdStrike Insider Fired for Providing Sensitive Data to Criminal Hackers

- November 22nd, 2025

In recent months, the insider problem has become increasingly important for large companies , and one recent episode involved CrowdStrike. The cybersecurity firm has in fact removed an employee believed...
Share on Facebook Share on LinkedIn Share on X

Sysmon will finally be integrated into Windows 11 and Windows Server 2025 in 2026

- November 22nd, 2025

Microsoft has announced that it will integrate the popular Sysmon tool directly into Windows 11 and Windows Server 2025 in 2026. The announcement was made by Sysinternals creator Mark Russinovich....
Share on Facebook Share on LinkedIn Share on X

Sneaky2FA: The phishing scam that steals credentials with browser-in-the-browser attacks

- November 22nd, 2025

Push Security specialists have noticed that the Sneaky2FA phishing platform now supports browser-in-the-browser attacks, which allow the creation of fake login windows and the theft of credentials and sessions. Sneaky2FA...
Share on Facebook Share on LinkedIn Share on X

TamperedChef: Malware via Fake App Installers

- November 21st, 2025

The large-scale TamperedChef campaign is once again attracting the attention of specialists, as attackers continue to distribute malware via fake installers of popular applications. This scam, disguised as legitimate software,...
Share on Facebook Share on LinkedIn Share on X

Whoever took down Cloudflare during the outage put their infrastructure at risk

- November 21st, 2025

A major outage in Cloudflare's infrastructure has unexpectedly tested the robustness of the cloud and its security systems for many businesses. On November 18, service outages caused websites around the...
Share on Facebook Share on LinkedIn Share on X

Critical Vulnerability in Azure Bastion Scores 10! When RDP and SSH in the Cloud Are Checkmated

- November 21st, 2025

An authentication bypass vulnerability has been discovered in Azure Bastion , Microsoft's managed service that enables secure RDP and SSH connections to virtual machines in Azure without directly exposing them...
Share on Facebook Share on LinkedIn Share on X

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Featured Articles

Immagine del sitoCyberpolitics
NoName057(16) hits Italy 487 times in the last 3 months: the DDoS wave does not stop
Redazione RHC - 24/01/2026

Italy has confirmed itself as one of the main targets of the DDoS attack campaign carried out by the hacktivist group NoName057(16) . According to what was declared directly by the collective, our country has…

Immagine del sitoinnovation
NexPhone: Three operating systems in your pocket! The phone that challenges the very concept of a PC.
Redazione RHC - 23/01/2026

The question has been circulating for over ten years: can a smartphone really replace a computer? Over time, the industry has repeatedly attempted to provide a concrete answer, without ever reaching a definitive solution. From…

Immagine del sitoCybercrime
BlueNoroff: The Hacker Group Revolutionizing Cybercrime
Redazione RHC - 23/01/2026

The BlueNoroff hacker group has long since transformed cybercrime into a high-tech business, with tens of millions of dollars, cryptocurrency assets, and entire financial ecosystems at stake. A report by Picus Security details the group’s…

Immagine del sitoCybercrime
Nearly 2,000 bugs in 100 dating apps: How your data can be stolen
Redazione RHC - 23/01/2026

A study of 100 dating apps revealed a disturbing picture: nearly 2,000 vulnerabilities were detected, 17% of which were classified as critical. The analysis was conducted by AppSec Solutions. The study’s results were published by…

Immagine del sitoCybercrime
MacSync: The macOS malware that empties your wallet… after weeks
Redazione RHC - 23/01/2026

A new malware campaign has emerged in the macOS world, one that relies not on sophisticated exploits, but on good old-fashioned social engineering. It’s powered by the MacSync malware, distributed using the ” malware-as-a-service ”…