Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
Home
And let the phishing begin! Microsoft is taking action against a zero-day exploit already exploited in Office-ServiceNow Under Attack: How an Email Can Open the Doors to Your Business-Shocking Discovery on Instagram: Private Posts Accessible Without Login!-Email Security Under Pressure: Phishing Kits to Double in 2025-How a simple Visual Studio Code file can become a backdoor for state-run hackers-And let the phishing begin! Microsoft is taking action against a zero-day exploit already exploited in Office-ServiceNow Under Attack: How an Email Can Open the Doors to Your Business-Shocking Discovery on Instagram: Private Posts Accessible Without Login!-Email Security Under Pressure: Phishing Kits to Double in 2025-How a simple Visual Studio Code file can become a backdoor for state-run hackers
HackTheBox 320x100 1
Fortinet 970x120px

Red Hot Cyber. The Cybersecurity Blog

    149 Million Accounts Exposed: The Database No One Should Have Seen
    Massimiliano Brolli | Cybercrime | 26/01/2026

    A recent leak revealed 149 million logins and passwords exposed online , including accounts for financial services, social media, gaming, and dating sites. The discovery was made by researcher Jeremia...

    When Malware Hides in Videos! The PixelCode Technique Breaks the Rules
    Marcello Filacchioni | Cybercrime | 26/01/2026

    PixelCode began as a research project exploring a hidden technique for storing binary data within images or videos . Instead of leaving a plaintext executable, the file is converted into pixel data, t...

    CISA alert: Exploit underway against VMware vCenter. Risk of RCE without authentication.
    Manuel Roccon | Cyber News | 25/01/2026

    The critical vulnerability recently added to the Cybersecurity and Infrastructure Security Agency (CISA) catalog of known exploited vulnerabilities (KEVs) affects the Broadcom VMware vCenter Server an...

    “I Stole 120,000 Bitcoins”: The Confession of the Bitfinex Hacker Who Now Wants to Defend Cyberspace
    Agostino Pellegrino | Cyber News | 25/01/2026

    The story ofIlya Lichtenstein, the hacker responsible for one of the largest cyber attacks ever carried out against cryptocurrencies, reads like an episode of a TV series, yet it is absolutely real. A...

    NoName057(16) hits Italy 487 times in the last 3 months: the DDoS wave does not stop
    Marcello Filacchioni | Cyber News | 24/01/2026

    Italy has confirmed itself as one of the main targets of the DDoS attack campaign carried out by the hacktivist group NoName057(16) . According to what was declared directly by the collective, our cou...

    Nearly 2,000 bugs in 100 dating apps: How your data can be stolen
    Agostino Pellegrino | Cyber News | 23/01/2026

    A study of 100 dating apps revealed a disturbing picture: nearly 2,000 vulnerabilities were detected, 17% of which were classified as critical. The analysis was conducted by AppSec Solutions. The stud...

    MacSync: The macOS malware that empties your wallet… after weeks
    Massimiliano Brolli | Cyber News | 23/01/2026

    A new malware campaign has emerged in the macOS world, one that relies not on sophisticated exploits, but on good old-fashioned social engineering. It’s powered by the MacSync malware, distributed usi...

    PurpleBravo’s Contagious Interview: Malware Campaign Targets Global Firms
    Sandro Sana | Cyber News | 22/01/2026

    For over a year, the North Korean group PurpleBravo has been running a targeted malware campaign called “Contagious Interview,” using fake job interviews to attack companies in Europe, Asia, the Middl...

    KONNI Malware Targets Crypto Developers with AI-Powered Attacks
    Stefano Gazzella | Cyber News | 22/01/2026

    Check Point Research recently discovered a sophisticated phishing campaign orchestrated by KONNI , a threat group linked to North Korea . Historically focused on diplomatic targets in South Korea, the...

    Cisco Zero-Day Vulnerability CVE-2026-20045 Actively Exploited
    Agostino Pellegrino | Vulnerability | 22/01/2026

    A critical zero-day remote code execution (RCE) vulnerability, identified as CVE-2026-20045, has been discovered by Cisco and is being actively exploited in active attacks. Cisco has urged immediate p...

    Precedente Successivo

    Ultime news

    DeadLock Ransomware Exploits Baidu Antivirus Vulnerability for EDR Bypass Cyber News

    DeadLock Ransomware Exploits Baidu Antivirus Vulnerability for EDR Bypass

    Cisco Talos has identified a new ransomware campaign called DeadLock : attackers are exploiting a vulnerable Baidu antivirus driver (CVE-2024-51324)...
    Redazione RHC - 11 December 2025
    VPN Credentials on the Dark Web: A Growing Cybersecurity Threat Cyber News

    VPN Credentials on the Dark Web: A Growing Cybersecurity Threat

    In the darkest corners of the internet, the trafficking of stolen data and unauthorized access continues to thrive. A recent...
    Redazione RHC - 11 December 2025
    Uncovering Russia’s Cyber Operations: CISM’s Role in DDoS Attacks Cyber News

    Uncovering Russia’s Cyber Operations: CISM’s Role in DDoS Attacks

    What we wrote in the article " Patriotic Code: from DDoSia and NoName057(16) to CISM, the algorithm that shapes youth...
    Marcello Filacchioni - 11 December 2025
    Microsoft Outlook RCE Vulnerability: Update Now to Prevent Attacks Vulnerability

    Microsoft Outlook RCE Vulnerability: Update Now to Prevent Attacks

    A critical remote code execution (RCE) vulnerability in Outlook has been patched by Microsoft, potentially allowing attackers to run malicious...
    Agostino Pellegrino - 11 December 2025
    Google Chrome Urgent Update Fixes Zero-Day Vulnerability Cyber News

    Google Chrome Urgent Update Fixes Zero-Day Vulnerability

    An urgent update has been released by Google for the stable version of the Desktop browser, in order to address...
    Silvia Felici - 11 December 2025
    EtherRAT Malware Exploits React2Shell Vulnerability with Ethereum C2 Vulnerability

    EtherRAT Malware Exploits React2Shell Vulnerability with Ethereum C2

    Just two days after the critical React2Shell vulnerability was discovered, Sysdig researchers discovered a new malware, EtherRAT, in a compromised...
    Agostino Pellegrino - 11 December 2025
    « Precedente   Successivo »

    Apple ordered to pay $634 million to Masimo for patent infringement

    Masimo, an American company that develops medical monitoring technologies, has won another round of litigation with Apple . A federal jury awarded it $634 million for infringing a patent on...

    - November 18th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Microsoft Azure blocks a 15.72 terabit per second DDoS attack

    A massive DDoS attack was neutralized by Microsoft Azure on October 24. A single endpoint located in Australia was targeted by the attack, which reached a maximum speed of 15.72...

    - November 18th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Real World and Fictional World: A Psychological and Philosophical Analysis of the 1999 Film The Matrix by Lana and Lilly Wachowski

    We've said too many times that nowadays, social networks have become an integral part of our daily lives: it's now natural to contact an acquaintance with a WhatsApp message, post...

    - November 17th, 2025

    Share on Facebook Share on LinkedIn Share on X

    The phenomenon of polarization on the internet: Hikikomori

    Many still maintain that hikikomori is an exclusively Japanese phenomenon. Yet, scientifically, numerous studies now confirm the existence of cases similar in characteristics to Japanese hikikomori in Spain, France, Italy,...

    - November 17th, 2025

    Share on Facebook Share on LinkedIn Share on X

    From Likes to Depression: How Social Media Can Affect Our Mental Health

    Questioning changes as they occur is always a difficult, if not downright foolhardy, undertaking. Certainly, when the object of the investigation concerns the changes social media has wrought on individuals,...

    - November 17th, 2025

    Share on Facebook Share on LinkedIn Share on X

    The US and Global Surveillance: Uncovering Section 702 of the Foreign Intelligence Surveillance Act

    Privacy in the United States is a constant topic of debate, especially in the digital age. The Supreme Court has played a central role in interpreting the Fourth Amendment, which...

    - November 17th, 2025

    Share on Facebook Share on LinkedIn Share on X

    What is Cross-Site Scripting? An article to help you understand it in a simple way.

    Author : Davide Cavallini Today I will try to use the same dialectic ( as previously done in the article on SQL injection ), and explain in a simple way...

    - November 17th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Spy Apps: How Spyware Works and Why It’s a Privacy Risk

    Spyware (also known as spy apps) represent one of the most insidious and dangerous threats of the digital age. These are malicious programs designed to infiltrate a user's device, collecting...

    - November 17th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Asus releases emergency firmware update for vulnerable DSL routers.

    Asus has released an emergency firmware update for several DSL router models. The patch addresses a critical vulnerability that allows attackers to take complete control of devices without authentication. The...

    - November 17th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Nuclear power entirely in the hands of AI! And what if there’s an accident?

    In the technological field, the idea that the future development of generating systems depends inexorably on the expansion of nuclear capacity is taking root, pushing the sector's players to identify...

    - November 17th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

    Featured Articles

    Immagine del sitoCyber News
    And let the phishing begin! Microsoft is taking action against a zero-day exploit already exploited in Office
    Redazione RHC - 27/01/2026

    Once again, Microsoft was forced to quickly fix some flaws. The company has released unscheduled patches for Microsoft Office, addressing a dangerous zero-day vulnerability that has already been exploited in cyberattacks. The issue, identified as…

    Immagine del sitoCyber News
    ServiceNow Under Attack: How an Email Can Open the Doors to Your Business
    Redazione RHC - 27/01/2026

    The recent discovery of a vulnerability in ServiceNow’s AI platform has shaken the cybersecurity industry. This flaw, characterized by an extremely high severity score, allowed unauthenticated attackers to impersonate any corporate user. To launch the…

    Immagine del sitoCybercrime
    149 Million Accounts Exposed: The Database No One Should Have Seen
    Massimiliano Brolli - 26/01/2026

    A recent leak revealed 149 million logins and passwords exposed online , including accounts for financial services, social media, gaming, and dating sites. The discovery was made by researcher Jeremiah Fowler and shared with ExpressVPN.…

    Immagine del sitoCybercrime
    When Malware Hides in Videos! The PixelCode Technique Breaks the Rules
    Marcello Filacchioni - 26/01/2026

    PixelCode began as a research project exploring a hidden technique for storing binary data within images or videos . Instead of leaving a plaintext executable, the file is converted into pixel data, transforming each byte…

    Immagine del sitoCyber News
    How a simple Visual Studio Code file can become a backdoor for state-run hackers
    Redazione RHC - 26/01/2026

    Security researchers have recently observed a worrying evolution in the offensive tactics attributed to North Korean-linked actors as part of the campaign known as Contagious Interview : no longer simple fake job interview scams, but…