Red Hot Cyber – News and insights on cybercrime and cybersecurity

The world’s first humanoid robot store has opened in China. Will we be ready?

Carolina Vivianti | innovation | 30/01/2026

At ten o’clock in the morning, in Wuhan, two 1.3-meter-tall humanoid robots begin moving with precision. They turn, jump, and follow a rhythm. It’s the opening signal for the country’s first 7S humano...

Douglas Engelbart was born today: the man who saw and invented the digital future.

Massimiliano Brolli | Culture | 30/01/2026

Sometimes, when you think about it, you wonder how we take the world around us for granted. Like, we click, scroll, type, and it all seems so natural, as if it’s always been there. But no, there was s...

WhatsApp gets a makeover: “Paranoia” mode arrives (and no, it’s not for everyone).

Silvia Felici | Cyber News | 29/01/2026

WhatsApp has decided to toughen up. Not for everyone, not always, but when needed. The decision comes against a backdrop of a now-familiar climate: increasing cyber attacks, espionage that no longer m...

Beware of “I am not a robot”: the malware trap that uses Google Calendar.

Bajram Zeqiri | Cybercrime | 29/01/2026

A new threat is lurking, exploiting our greatest weakness: habit. How many times, in fact, do you find yourself clicking on verification boxes without thinking twice? Now, it seems that malicious peop...

A blow to the heart of cybercrime: RAMP taken offline. The “temple” of ransomware falls!

Bajram Zeqiri | Cybercrime | 28/01/2026

The RAMP (Russian Anonymous Marketplace) forum, one of the main hubs of the international cybercrime underground, has been officially shut down and seized by US law enforcement . The news emerged afte...

Digital Autonomy: France Says Goodbye to Teams and Zoom by 2027

Silvia Felici | Cyberpolitics | 28/01/2026

This isn’t the first initiative to emerge on this front recently. Indeed, we’ve heard several of them, one after the other. And it’s almost inevitable: technological autonomy and national security are...

And let the phishing begin! Microsoft is taking action against a zero-day exploit already exploited in Office

Pietro Melillo | Cyber News | 27/01/2026

Once again, Microsoft was forced to quickly fix some flaws. The company has released unscheduled patches for Microsoft Office, addressing a dangerous zero-day vulnerability that has already been explo...

When Malware Hides in Videos! The PixelCode Technique Breaks the Rules

Marcello Filacchioni | Cybercrime | 26/01/2026

PixelCode began as a research project exploring a hidden technique for storing binary data within images or videos . Instead of leaving a plaintext executable, the file is converted into pixel data, t...

CISA alert: Exploit underway against VMware vCenter. Risk of RCE without authentication.

Manuel Roccon | Cyber News | 25/01/2026

The critical vulnerability recently added to the Cybersecurity and Infrastructure Security Agency (CISA) catalog of known exploited vulnerabilities (KEVs) affects the Broadcom VMware vCenter Server an...

“I Stole 120,000 Bitcoins”: The Confession of the Bitfinex Hacker Who Now Wants to Defend Cyberspace

Agostino Pellegrino | Cyber News | 25/01/2026

The story ofIlya Lichtenstein, the hacker responsible for one of the largest cyber attacks ever carried out against cryptocurrencies, reads like an episode of a TV series, yet it is absolutely real. A...

Latest news

Cybercrime

Women in Cybersecurity: Breaking Down Barriers and Stereotypes

The scene is always the same: monitors lit, dashboards full of alerts, logs scrolling too quickly, an anxious customer on...

Ada Spinelli - December 15, 2025

Cybercrime

Storm-0249 Uses DLL Sideloading in Highly Targeted Attacks

A well-known initial access broker (IAB) called " Storm-0249 " has changed its operational strategies, using phishing campaigns as well...

Pietro Melillo - December 15, 2025

Cyber News

VS Code Extensions Infected with Sophisticated Malware via Typosquatting

A sophisticated malware campaign has been detected within the Visual Studio Code (VS Code) marketplace. Researchers at ReversingLabs (RL) have...

Massimiliano Brolli - December 15, 2025

Vulnerability

NVIDIA Merlin Security Update: Fixing High-Severity Vulnerabilities

NVIDIA has released a significant security update for its Merlin framework, addressing several high-severity vulnerabilities. These vulnerabilities could allow attackers...

Agostino Pellegrino - December 15, 2025

Cyber News

How Profanity Varies Across Social Media and Cultures

Americans are the most likely to swear on social media, but Australians are more creative in their use of the...

Redazione RHC - December 15, 2025

Cyber News

GhostFrame Phishing Kit: New Stealthy PhaaS Threat Emerges

Barracuda has released details of a new stealthy, evasive phishing-as-a-service (PhaaS) kit that hides malicious content within web page iframes...

Silvia Felici - December 14, 2025

« Previous Next »

CrowdStrike Insider Fired for Providing Sensitive Data to Criminal Hackers

In recent months, the insider problem has become increasingly important for large companies , and one recent episode involved CrowdStrike. The cybersecurity firm has in fact removed an employee believed...

Sysmon will finally be integrated into Windows 11 and Windows Server 2025 in 2026

Microsoft has announced that it will integrate the popular Sysmon tool directly into Windows 11 and Windows Server 2025 in 2026. The announcement was made by Sysinternals creator Mark Russinovich....

Sneaky2FA: The phishing scam that steals credentials with browser-in-the-browser attacks

Push Security specialists have noticed that the Sneaky2FA phishing platform now supports browser-in-the-browser attacks, which allow the creation of fake login windows and the theft of credentials and sessions. Sneaky2FA...

TamperedChef: Malware via Fake App Installers

The large-scale TamperedChef campaign is once again attracting the attention of specialists, as attackers continue to distribute malware via fake installers of popular applications. This scam, disguised as legitimate software,...

Whoever took down Cloudflare during the outage put their infrastructure at risk

A major outage in Cloudflare's infrastructure has unexpectedly tested the robustness of the cloud and its security systems for many businesses. On November 18, service outages caused websites around the...

Critical Vulnerability in Azure Bastion Scores 10! When RDP and SSH in the Cloud Are Checkmated

An authentication bypass vulnerability has been discovered in Azure Bastion , Microsoft's managed service that enables secure RDP and SSH connections to virtual machines in Azure without directly exposing them...

Risk averted for millions of Microsoft users! The critical vulnerability in Microsoft SharePoint 9.8

Microsoft has disclosed a critical vulnerability in SharePoint Online (discovered by RHC through our ongoing monitoring of critical CVEs on our portal), identified as CVE‑2025‑59245 , with a CVSS v3.1...

Sturnus, the banking Trojan that intercepts WhatsApp, Telegram, and Signal messages

ThreatFabric specialists have discovered a new banking Trojan, Sturnus . The malware is capable of intercepting messages from end-to-end encrypted messaging apps (Signal, WhatsApp, Telegram) and gaining full control over...

Disloyal Employees: Fired, Returns to Work, and Resets 2,500 Passwords Without the Company’s Knowledge

An employee has pleaded guilty to hacking into his former employer's network and causing nearly $1 million in damages after being fired. According to the indictment, 35-year-old Maxwell Schultz, who...

MONOLOCK: The new “silent” ransomware group that rejects leak sites and affiliate panels.

The ransomware landscape is changing. The most exposed actors—LockBit, Hunters International, and Trigona—have paid the price for overexposure, including international operations, infiltrations, deliberate leaks, and operational collapses. After years dominated...

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE