Red Hot Cyber. The Cybersecurity Blog
Featured Articles
Developers and administrators around the world are urgently updating their servers following the discovery of a critical vulnerability in React Server, which allows attackers to remotely execute unaut...
During the registration process, a critical security flaw (CVE-2025-8489) in the King Addons WordPress Elementor plugin was exploited by attackers, allowing them to gain administrative privileges via ...
Since ChatGPT’s public release in November 2022, artificial intelligence (AI) has been integrated into many aspects of human society. For owners and operators of critical infrastructure, AI can be u...
A botnet service called Aisuru offers an army of compromised IoT devices and routers to launch high-traffic DDoS attacks. In just three months, the massive Aisuru botnet launched more than 1,300 DDoS ...
A joint investigation by BCA LTD, NorthScan, and ANY.RUN has exposed one of North Korea’s most secretive hacking schemes. Under the guise of routine recruitment, the team monitored how operators fro...
Microsoft Exchange Server Penetration Testing: Techniques, Tools, and Countermeasures
Notepad++ under attack! How a fake DLL opens the door to criminal hackers
Microsoft warns: Security updates cause problems with BitLocker
A dangerous zero-day zero-click exploit threatens billions of Android devices
Is the era of paywalls over? Smart browsers circumvent them, and controlling them is very difficult
Danger for OneDrive users: Infected DLLs hide in shared files
Microsoft Exchange Server Penetration Testing: Techniques, Tools, and Countermeasures
Alessandro Molinari - November 5th, 2025
Often, during penetration testing, we find ourselves with elevated access (Domain Admin) within an organization. Some companies stop there, thinking that obtaining Domain Admin is the ultimate goal. But it's...
Notepad++ under attack! How a fake DLL opens the door to criminal hackers
Manuel Roccon - November 5th, 2025
A new vulnerability affecting Notepad++ was released in September. The vulnerability has been identified as CVE-2025-56383, and details can be found on the NIST website. CVE-2025-56383 is a DLL hijacking...
Microsoft warns: Security updates cause problems with BitLocker
Redazione RHC - November 4th, 2025
Microsoft has issued an urgent warning to Windows operating system users regarding a potential issue that, starting with security updates distributed on October 14, 2025, could cause some devices to...
A dangerous zero-day zero-click exploit threatens billions of Android devices
Redazione RHC - November 4th, 2025
Google has issued an urgent advisory regarding a critical vulnerability in Android that allows attackers to execute arbitrary code on the device without any user interaction. The Zero Click vulnerability...
Is the era of paywalls over? Smart browsers circumvent them, and controlling them is very difficult
Redazione RHC - November 4th, 2025
How can publishers protect themselves from AI-powered "smart" browsers if they look like ordinary users? The emergence of new AI-powered "smart" browsers is challenging traditional methods of protecting online content....
Danger for OneDrive users: Infected DLLs hide in shared files
Redazione RHC - November 4th, 2025
Attackers are using an advanced technique involving sideloading DLLs via the Microsoft OneDrive application. This allows them to execute malicious code undetected by security mechanisms. The attack uses a modified...
Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE