Red Hot Cyber. The Cybersecurity Blog
Featured Articles

Israeli company NSO Group has appealed a California federal court ruling that bars it from using WhatsApp’s infrastructure to distribute its Pegasus surveillance software. The case, which has been o...

A vulnerability, designated CVE-2025-61757, was made public by Searchlight Cyber last Thursday. Company researchers discovered the issue and notified Oracle, which led to its disclosure. Oracle fixed ...

Microsoft has disclosed a critical vulnerability in SharePoint Online (discovered by RHC through our ongoing monitoring of critical CVEs on our portal), identified as CVE‑2025‑59245 , with a CVSS ...

The ransomware landscape is changing. The most exposed actors—LockBit, Hunters International, and Trigona—have paid the price for overexposure, including international operations, infiltrations, d...

A critical vulnerability, CVE-2025-9501, has been discovered in the popular WordPress plugin W3 Total Cache . This vulnerability allows the execution of arbitrary PHP commands on the server without au...
$2.8 billion in cryptocurrency stolen! Here’s how North Korea circumvents UN sanctions.
CoPhish is coming! Microsoft Copilot Studio used to steal accounts
Anatomy of a Data Theft: Technical Analysis of the “Formbook” Infostealer
OpenAI is working on a neural network for music creation
Oracle VirtualBox Vulnerability: Risk of Virtual Machine Escape
YouTube Ghost Network: The phantom network that infected millions of users

$2.8 billion in cryptocurrency stolen! Here’s how North Korea circumvents UN sanctions.
Redazione RHC - October 27th, 2025
Member countries of the international monitoring group MSMT have concluded that North Korea is increasing its use of cybercrime and the remote work of its citizens abroad to circumvent international...

CoPhish is coming! Microsoft Copilot Studio used to steal accounts
Redazione RHC - October 27th, 2025
Attackers are using an advanced phishing technique, known as CoPhish, that leverages Microsoft Copilot Studio to trick users into granting unauthorized access to their Microsoft Sign In ID accounts. A...

Anatomy of a Data Theft: Technical Analysis of the “Formbook” Infostealer
Redazione RHC - October 27th, 2025
In the cyber threat landscape, few malware programs are as persistent and widespread as Formbook . What began as a simple keylogger and form grabber has evolved into a powerful...

OpenAI is working on a neural network for music creation
Redazione RHC - October 26th, 2025
According to The Information, OpenAI is actively working on its own neural network for music creation , which will compete with projects like Suno and Udio. The publication's sources report...

Oracle VirtualBox Vulnerability: Risk of Virtual Machine Escape
Redazione RHC - October 26th, 2025
BI.ZONE specialists have identified two vulnerabilities (CVE-2025-62592 and CVE-2025-61760) in Oracle VirtualBox. When combined, they allowed an attacker to exit a virtual machine and reach the ARM-based macOS host system....

YouTube Ghost Network: The phantom network that infected millions of users
Redazione RHC - October 26th, 2025
Google specialists removed over 3,000 videos from YouTube that spread hidden information disguised as hacked software and video game cheats. Check Point researchers dubbed this campaign " YouTube Ghost Network"...
Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

