Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
2nd Edition GlitchZone RHC 320x100 2
TM RedHotCyber 970x120 042543

Red Hot Cyber. The Cybersecurity Blog

Critical MongoDB Vulnerability Exposed: CVE-2025-14847
RansomHouse Ransomware Upgraded: Enhanced Encryption Threat
Cyber Attacks on the Rise: Wiper Malware and Data Destruction in 2025
MS13-089 Ransomware: Double Extortion Without Encryption
Microsoft Shifts Activation Process: What It Means for Air-Gapped Systems
DIG AI: The Dark Web’s New AI Tool for Cybercrime
Airbus Eyes Sovereign Cloud to Mitigate US Data Risks
North Korean Hackers Steal $2 Billion in Crypto, Targeting DeFi Sector
Linux Kernel CVE-2025-68260 Vulnerability Fixed: Rust Code at Risk
HPE OneView Vulnerability CVE-2025-37164: Critical Security Update Required
Previous Next

Ultime news

SonicWall SMA1000 Vulnerability: Critical Security Patch Released

SonicWall SMA1000 Vulnerability: Critical Security Patch Released

Researchers have discovered a vulnerability, identified as CVE-2025-40602, affecting SonicWall's SMA1000 series of secure access gateways. This flaw is particularly...
Redazione RHC - 18 December 2025
HPE OneView Vulnerability CVE-2025-37164: Critical Security Update Required

HPE OneView Vulnerability CVE-2025-37164: Critical Security Update Required

Cybersecurity is a serious issue, especially when it comes to vulnerabilities that can compromise an entire system. Well, Hewlett Packard...
Redazione RHC - 18 December 2025
CISA Warns of Critical Vulnerabilities in Cisco, SonicWall, and ASUS Devices

CISA Warns of Critical Vulnerabilities in Cisco, SonicWall, and ASUS Devices

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert including three new vulnerabilities in its catalog of...
Redazione RHC - 18 December 2025
Critical Windows Admin Center Flaw CVE-2025-64669 Exposes Servers to Attack

Critical Windows Admin Center Flaw CVE-2025-64669 Exposes Servers to Attack

A security flaw has been discovered in Microsoft's Windows Admin Center (WAC) . Essentially, a permissions error could allow any...
Redazione RHC - 18 December 2025
Ink Dragon Hackers Uncovered: Sophisticated Cyber Espionage Operation

Ink Dragon Hackers Uncovered: Sophisticated Cyber Espionage Operation

It was only a matter of time. Governments around the world have now put their security systems on high alert....
Redazione RHC - 18 December 2025
Google Discontinues Dark Web Report, Shifts to Active Protection

Google Discontinues Dark Web Report, Shifts to Active Protection

No more useless alerts. No more passive monitoring. Less than two years after its launch, Google has decided to shut...
Luca Galuppi - 17 December 2025
« Precedente   Successivo »

Women in Cybersecurity: Breaking Down Barriers and Stereotypes

- December 15th, 2025

The scene is always the same: monitors lit, dashboards full of alerts, logs scrolling too quickly, an anxious customer on the other end of the call. You sit down, look...
Share on Facebook Share on LinkedIn Share on X

Storm-0249 Uses DLL Sideloading in Highly Targeted Attacks

- December 15th, 2025

A well-known initial access broker (IAB) called " Storm-0249 " has changed its operational strategies, using phishing campaigns as well as highly targeted attacks, which exploit the very security tools...
Share on Facebook Share on LinkedIn Share on X

VS Code Extensions Infected with Sophisticated Malware via Typosquatting

- December 15th, 2025

A sophisticated malware campaign has been detected within the Visual Studio Code (VS Code) marketplace. Researchers at ReversingLabs (RL) have identified 19 malicious extensions that successfully evaded standard detection methods...
Share on Facebook Share on LinkedIn Share on X

NVIDIA Merlin Security Update: Fixing High-Severity Vulnerabilities

- December 15th, 2025

NVIDIA has released a significant security update for its Merlin framework, addressing several high-severity vulnerabilities. These vulnerabilities could allow attackers to execute malicious code or alter sensitive data within AI...
Share on Facebook Share on LinkedIn Share on X

How Profanity Varies Across Social Media and Cultures

- December 15th, 2025

Americans are the most likely to swear on social media, but Australians are more creative in their use of the infamous "f" swear word. This is the conclusion reached by...
Share on Facebook Share on LinkedIn Share on X

GhostFrame Phishing Kit: New Stealthy PhaaS Threat Emerges

- December 14th, 2025

Barracuda has released details of a new stealthy, evasive phishing-as-a-service (PhaaS) kit that hides malicious content within web page iframes to evade detection and maximize resilience. This is the first...
Share on Facebook Share on LinkedIn Share on X

WhatsApp: all it takes is a phone number to know when you sleep, go out, or come home

- December 14th, 2025

A tool has been released that allows for the discreet monitoring of WhatsApp and Signal user activity using just a phone number. The tracking mechanism covers over three billion accounts...
Share on Facebook Share on LinkedIn Share on X

Cyber Geopolitics: How Tech Becomes a Global Battleground

- December 14th, 2025

Over the past two years, cyber has ceased to be a " technical " dimension of the conflict and has become a strategic infrastructure. The consequence is a domino effect:...
Share on Facebook Share on LinkedIn Share on X

SOAP Vulnerability in .NET Framework Allows Remote Code Execution

- December 14th, 2025

Security researchers have discovered a vulnerability in .NET that could affect several enterprise products and lead to remote code execution. The issue stems from the way Microsoft .NET-based applications handle...
Share on Facebook Share on LinkedIn Share on X

CVE-2025-55182 React Server Components Vulnerability Exploited

- December 13th, 2025

A recent report from the Google Threat Intelligence Group (GTIG) illustrates the chaotic results of this information dissemination, highlighting how savvy adversaries have already gained a foothold within targeted networks....
Share on Facebook Share on LinkedIn Share on X

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Featured Articles

Immagine del sito
Critical MongoDB Vulnerability Exposed: CVE-2025-14847
Redazione RHC - 23/12/2025

A critical vulnerability has been identified in MongoDB, one of the most widely used NoSQL database platforms globally. This security flaw, tracked under CVE-2025-14847, allows attackers to extract sensitive data from server memory without requiring…

Immagine del sito
RansomHouse Ransomware Upgraded: Enhanced Encryption Threat
Redazione RHC - 22/12/2025

The group behind RansomHouse, one of the most notorious ransomware distribution services, has strengthened the technical capabilities of its attacks. According to experts, the cybercriminals have added an updated encryption tool to their arsenal ,…

Immagine del sito
Cyber Attacks on the Rise: Wiper Malware and Data Destruction in 2025
Redazione RHC - 22/12/2025

According to BI.ZONE, by 2025, attackers will increasingly opt for total destruction of corporate infrastructure rather than encryption . This refers to scenarios in which, after penetrating a network, attackers use wipers, destructive tools that…

Immagine del sito
MS13-089 Ransomware: Double Extortion Without Encryption
Inva Malaj - 22/12/2025

MS13-089 opens a leak site on the dark web, exposes the first data and adopts a double extortion strategy without encryption. A brand built on an old Microsoft ID For years, “MS13-089” identified a 2013…

Immagine del sito
Microsoft Shifts Activation Process: What It Means for Air-Gapped Systems
Redazione RHC - 22/12/2025

In the past, many users and system administrators have relied on Microsoft’s telephone activation service to manage installations in specific contexts. During the Windows 8 era, MAK ( Multiple Activation Key) licenses were widely available.…