Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
UtiliaCS 320x100
Banner Desktop

Red Hot Cyber. The Cybersecurity Blog

ESXi Zero-Day Exploit: How to Protect Your VMware Environment
Google Fast Pair Vulnerability: WhisperPair Exposes Millions of Devices
Elon Musk Sues OpenAI for $134 Billion Over AI Betrayal
Net-NTLMv1 Exploitation: Rainbow Tables for Modern Attacks
Your paycheck is zero! Congratulations, someone answered the phone wrong
Two Ukrainians Suspected in Black Basta Ransomware Attacks
Gootloader Malware Returns with Enhanced Evasion Techniques
VoidLink Malware: Advanced Linux Framework Targets Cloud Infrastructures
Microsoft Copilot Vulnerability Exposes User Data to Hackers
Progress Software Patches LoadMaster, MOVEit WAF Vulnerabilities
Previous Next

Ultime news

React2Shell Vulnerability: 8.7M Servers at Risk – CVE-2025-55182 Cybercrime

React2Shell Vulnerability: 8.7M Servers at Risk – CVE-2025-55182

In 2025, the IT and security communities are buzzing with excitement over a single name: " React2Shell ." With the...
Redazione RHC - 5 December 2025
Cloudflare Just Broke the Internet… Again. Centralization Risks Exposed Cybercrime

Cloudflare Just Broke the Internet… Again. Centralization Risks Exposed

Cloudflare is back in the spotlight after a new wave of outages that, on December 5, 2025, is affecting several...
Redazione RHC - 5 December 2025
Chinese Cyber Spies Use Brickstorm Malware to Infiltrate Critical Networks Cybercrime

Chinese Cyber Spies Use Brickstorm Malware to Infiltrate Critical Networks

Chinese cyber spies have been lurking in the networks of critical organizations for years, infecting infrastructure with sophisticated malware and...
Redazione RHC - 5 December 2025
Splunk Enterprise Vulnerability: CVE-2025-20386 and CVE-2025-20387 Cybercrime

Splunk Enterprise Vulnerability: CVE-2025-20386 and CVE-2025-20387

Security researchers have discovered two high-risk vulnerabilities (CVE-2025-20386 and CVE-2025-20387, with CVSS severity 8.0) affecting the Splunk Enterprise platform and...
Redazione RHC - 5 December 2025
Apache HTTP Server Update Fixes Critical Security Vulnerabilities Cybercrime

Apache HTTP Server Update Fixes Critical Security Vulnerabilities

The Apache Software Foundation has released a significant update for its popular Apache HTTP Server , addressing a total of...
Redazione RHC - 5 December 2025
Cyber Insurance: Why Basic Hygiene Matters Cybercrime

Cyber Insurance: Why Basic Hygiene Matters

Cyber insurance has become a topic of discussion on management committees. It's no longer an add-on, but rather an essential...
Redazione RHC - 5 December 2025
« Precedente   Successivo »

A 0-day exploit on FortiWeb WAF is actively exploited! And remove the Admin interfaces from the Internet

- November 14th, 2025

Attackers are actively exploiting a critical flaw in Fortinet’s FortiWeb web application protection (WAF) system, which could be used as a means to conduct zero-day attacks without prior detection. As...
Share on Facebook Share on LinkedIn Share on X

VLC and its creator receive award for choosing freedom over millions of dollars

- November 13th, 2025

Whenever you come across an unknown media file or a strange link that won't open with any standard application, there's always one program that comes to the rescue: VLC ....
Share on Facebook Share on LinkedIn Share on X

What is Misevolution: The Autonomous Evolution of AI Agents, and It’s Not Always Good

- November 13th, 2025

Shanghai, November 11, 2025 – A new study conducted by the Shanghai Artificial Intelligence Laboratory , in collaboration with Shanghai Jiao Tong University , Renmin University of China , and...
Share on Facebook Share on LinkedIn Share on X

Tanks are no longer needed: new wars are fought from a laptop

- November 13th, 2025

Author: Roberto Villani, Tanslate: Vincenzo Marcovecchio Why will the cyberg wars, indeed the cyber-guerrillas, be more and more present and involve us more and more? The short century, the 1900s...
Share on Facebook Share on LinkedIn Share on X

A 0Day bug for a WordPress plugin sold for 6000 euros in the underground

- November 13th, 2025

On one of Russia's most popular forums for buying and selling vulnerabilities and attack tools, the thread appeared as a standard commercial ad, but the content is anything but trivial....
Share on Facebook Share on LinkedIn Share on X

Can a cyber attack reduce a country’s GDP? In the UK, it seems so!

- November 13th, 2025

The British economy contracted further in September, largely due to the cyber attack on car manufacturer Jaguar Land Rover (JLR) and its forced closure. A new report from the Office...
Share on Facebook Share on LinkedIn Share on X

Triofox Antivirus Exploited to Install Remote Access Components

- November 13th, 2025

Google researchers warn that hackers are exploiting a critical vulnerability in Gladinet Triofox to remotely execute code with SYSTEM privileges, bypassing authentication and gaining complete control of the system. The...
Share on Facebook Share on LinkedIn Share on X

BazarLoader: The precursor malware used by RaaS gangs

- November 13th, 2025

BazarLoader (sometimes referred to as BazaLoader ) is a " precursor malware " that provides initial backdoor access to an infected Windows host. Once a client is infected, criminals use...
Share on Facebook Share on LinkedIn Share on X

Emotet: The horse returns to a gallop more dangerous than ever

- November 13th, 2025

Emotet is a malware of the Trojan Horse category, which began its first spread in 2014 which brought it to the podium among the main cyber threats of the decade...
Share on Facebook Share on LinkedIn Share on X

Two 0-day attacks, one attack: the perfect strike against Citrix and Cisco. Amazon’s discovery

- November 13th, 2025

Amazon ha segnalato un complesso attacco informatico in cui gli aggressori hanno sfruttato simultaneamente due vulnerabilità zero-day, presenti nei prodotti Citrix e Cisco. Secondo il responsabile della sicurezza informatica dell'azienda,...
Share on Facebook Share on LinkedIn Share on X

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Featured Articles

Immagine del sitoCybercrime
ESXi Zero-Day Exploit: How to Protect Your VMware Environment
Redazione RHC - 20/01/2026

A group of attackers is using a zero-day exploit toolkit to compromise VMware ESXi instances in an uncontrolled manner, taking advantage of multiple vulnerabilities to bypass virtual machine restrictions. The current incident highlights the ongoing…

Immagine del sitoCybercrime
Google Fast Pair Vulnerability: WhisperPair Exposes Millions of Devices
Redazione RHC - 19/01/2026

Researchers from the Cybersecurity and Industrial Cryptography team at KU Leuven have discovered a critical flaw in the Google Fast Pair protocol. The vulnerability allows attackers to hijack control of millions of Bluetooth devices, track…

Immagine del sitoCybercrime
Elon Musk Sues OpenAI for $134 Billion Over AI Betrayal
Redazione RHC - 19/01/2026

Elon Musk has filed a staggering $134 billion in damages in a malicious lawsuit against OpenAI and Microsoft. According to Bloomberg , the latest lawsuit accuses OpenAI of betraying its core mission as a nonprofit…

Immagine del sitoCulture
Net-NTLMv1 Exploitation: Rainbow Tables for Modern Attacks
Redazione RHC - 18/01/2026

Mandiant has released a large set of rainbow tables dedicated to Net-NTLMv1 with the aim of concretely demonstrating how insecure this authentication protocol has become. Although Net-NTLMv1 has been deprecated for years and its weaknesses…

Immagine del sitoCybercrime
Your paycheck is zero! Congratulations, someone answered the phone wrong
Redazione RHC - 18/01/2026

No worker would accept their paycheck disappearing without explanation. It was precisely from a series of internal reports of this nature that an organization began investigating an apparently administrative anomaly, discovering instead a targeted cyber…