Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
TM RedHotCyber 320x100 042514
Crowdstriker 970×120

Red Hot Cyber. The Cybersecurity Blog

Cyber Criminals Recruit Insiders: Companies at Risk of Internal Threats
Villager Framework: AI-Powered Penetration Testing Tool
A $500 Tool Claims to Kill EDRs at Kernel Level: Inside the NtKiller Underground Ad
Webrat Malware Targets Security Researchers with GitHub Exploit Traps
A backdoor in NVIDIA code. Three 9.8 bugs plague AI and robotics development systems
La Poste Hit by Pro-Russian DDoS Attack During Peak Holiday Season
CVE-2025-47761: FortiClient VPN Zero-Day Exploit Lets Privilege Escalation
Critical MongoDB Vulnerability Exposed: CVE-2025-14847
RansomHouse Ransomware Upgraded: Enhanced Encryption Threat
Cyber Attacks on the Rise: Wiper Malware and Data Destruction in 2025
Previous Next

Ultime news

Sturnus, the banking Trojan that intercepts WhatsApp, Telegram, and Signal messages Cybercrime

Sturnus, the banking Trojan that intercepts WhatsApp, Telegram, and Signal messages

ThreatFabric specialists have discovered a new banking Trojan, Sturnus . The malware is capable of intercepting messages from end-to-end encrypted...
Redazione RHC - 21 November 2025
Disloyal Employees: Fired, Returns to Work, and Resets 2,500 Passwords Without the Company’s Knowledge Cybercrime

Disloyal Employees: Fired, Returns to Work, and Resets 2,500 Passwords Without the Company’s Knowledge

An employee has pleaded guilty to hacking into his former employer's network and causing nearly $1 million in damages after...
Redazione RHC - 21 November 2025
MONOLOCK: The new “silent” ransomware group that rejects leak sites and affiliate panels. Cybercrime

MONOLOCK: The new “silent” ransomware group that rejects leak sites and affiliate panels.

The ransomware landscape is changing. The most exposed actors—LockBit, Hunters International, and Trigona—have paid the price for overexposure, including international...
Luca Stivali - 21 November 2025
Critical vulnerability in the WordPress plugin W3 Total Cache. 430,000 sites at risk! Cybercrime

Critical vulnerability in the WordPress plugin W3 Total Cache. 430,000 sites at risk!

A critical vulnerability, CVE-2025-9501, has been discovered in the popular WordPress plugin W3 Total Cache . This vulnerability allows the...
Redazione RHC - 21 November 2025
Hundreds of robots on the march: China presents the new generation of humanoids Cybercrime

Hundreds of robots on the march: China presents the new generation of humanoids

Shenzhen -based UBTECH Robotics has publicly demonstrated its new wave of humanoid robots, delivering several hundred of them in a...
Redazione RHC - 21 November 2025
Veeam launches Data Platform v13, redefining the standard for cyber resilience and advanced data protection. innovation

Veeam launches Data Platform v13, redefining the standard for cyber resilience and advanced data protection.

With new capabilities to stay ahead of threats and accelerate recovery with next-generation security, forensic insights and intelligent automation, Veeam...
Redazione RHC - 20 November 2025
« Precedente   Successivo »

Notepad++ under attack! How a fake DLL opens the door to criminal hackers

- November 6th, 2025

A new vulnerability affecting Notepad++ was released in September. The vulnerability has been identified as CVE-2025-56383, and details can be found on the NIST website. CVE-2025-56383 is a DLL hijacking...
Share on Facebook Share on LinkedIn Share on X

Microsoft warns: Security updates cause problems with BitLocker

- November 5th, 2025

Microsoft has issued an urgent warning to Windows operating system users regarding a potential issue that, starting with security updates distributed on October 14, 2025, could cause some devices to...
Share on Facebook Share on LinkedIn Share on X

A dangerous zero-day zero-click exploit threatens billions of Android devices

- November 5th, 2025

Google has issued an urgent advisory regarding a critical vulnerability in Android that allows attackers to execute arbitrary code on the device without any user interaction. The Zero Click vulnerability...
Share on Facebook Share on LinkedIn Share on X

Is the era of paywalls over? Smart browsers circumvent them, and controlling them is very difficult

- November 5th, 2025

How can publishers protect themselves from AI-powered "smart" browsers if they look like ordinary users? The emergence of new AI-powered "smart" browsers is challenging traditional methods of protecting online content....
Share on Facebook Share on LinkedIn Share on X

Danger for OneDrive users: Infected DLLs hide in shared files

- November 5th, 2025

Attackers are using an advanced technique involving sideloading DLLs via the Microsoft OneDrive application. This allows them to execute malicious code undetected by security mechanisms. The attack uses a modified...
Share on Facebook Share on LinkedIn Share on X

ArXiv blocks articles generated by AI

- November 5th, 2025

arXiv, one of the most important repositories of scientific preprints , has revealed some disturbing facts following growing concerns in the scientific community regarding the uncontrolled use of generative artificial...
Share on Facebook Share on LinkedIn Share on X

CISA Warns! New Bugs in Gladinet, Control Web Panel, and WordPress Expose Systems

- November 5th, 2025

Two vulnerabilities related to Gladinet and Control Web Panel (CWP) have been added to the U.S. Cybersecurity and Infrastructure Security Agency (CISA) catalog of known exploited vulnerabilities (KEVs), due to...
Share on Facebook Share on LinkedIn Share on X

New bugs in Teams open the door to data theft and social engineering

- November 5th, 2025

Cybersecurity experts have disclosed four vulnerabilities in Microsoft Teams that could have allowed attackers to conduct dangerous social engineering and impersonation attacks against users. Simply put, these loopholes allow you...
Share on Facebook Share on LinkedIn Share on X

OpenAI releases Sora Mobile App on Android, available in multiple countries

- November 5th, 2025

OpenAI has released the Sora mobile app on Android devices. CNBC reported that OpenAI's Sora app is now available for download through the Google Play app store and that the...
Share on Facebook Share on LinkedIn Share on X

Drones at Brussels Airport and Military Bases: Security at Risk

- November 4th, 2025

On Tuesday evening, due to the presence of a drone in the airspace, air traffic controller Skeyes ordered the temporary suspension of flights departing and arriving at Brussels Airport from...
Share on Facebook Share on LinkedIn Share on X

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Featured Articles

Immagine del sitoCybercrime
Cyber Criminals Recruit Insiders: Companies at Risk of Internal Threats
Redazione RHC - 27/12/2025

The cybercriminal community is rapidly increasing its interest in recruiting personnel from within companies . Instead of sophisticated external attacks, criminals are increasingly relying on internal sources— people willing to provide access to company systems…

Immagine del sitoCybercrime
Villager Framework: AI-Powered Penetration Testing Tool
Redazione RHC - 26/12/2025

Straiker’s AI Research (STAR) team has identified Villager, a native AI-based penetration testing framework developed by the Chinese group Cyberspike . The tool, presented as a red team solution , is designed to fully automate…

Immagine del sitoCybercrime
A $500 Tool Claims to Kill EDRs at Kernel Level: Inside the NtKiller Underground Ad
Redazione RHC - 25/12/2025

An ad has surfaced on a closed underground forum frequented by malware operators and initial access brokers, attracting the attention of the cyber threat intelligence community. The post promotes “NtKiller,” a supposed “kernel-level” utility designed…

Immagine del sitoCybercrime
Webrat Malware Targets Security Researchers with GitHub Exploit Traps
Redazione RHC - 24/12/2025

There’s a specific moment, almost always at night, when curiosity overtakes caution. A newly opened repository, few stars but a success. very high score, the README file is well written enough to seem real. This…

Immagine del sitoCybercrime
A backdoor in NVIDIA code. Three 9.8 bugs plague AI and robotics development systems
Redazione RHC - 24/12/2025

When it comes to cybersecurity, you can never be too careful. Furthermore, when we talk about backdoors (or alleged ones), the question that follows is: who inserted them? Was it for maintenance purposes or for…