Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
UtiliaCS 320x100
Cyber Offensive Fundamentals 970x120 V0.1

Red Hot Cyber. The Cybersecurity Blog

Larva-25012 Proxyjacking Campaign Targets South Korea with Notepad++ Malware
PurpleBravo’s Contagious Interview: Malware Campaign Targets Global Firms
KONNI Malware Targets Crypto Developers with AI-Powered Attacks
Fortinet FortiOS Vulnerability Exploited: CVE-2025-59718 Patch Bypass
Cisco Zero-Day Vulnerability CVE-2026-20045 Actively Exploited
Red Hot Cyber and Hack The Box: together for the CTF at the RHC 2026 conference
Everest Ransomware Attacks McDonald’s, 861GB Data Stolen
ESXi Zero-Day Exploit: How to Protect Your VMware Environment
Google Fast Pair Vulnerability: WhisperPair Exposes Millions of Devices
Elon Musk Sues OpenAI for $134 Billion Over AI Betrayal
Previous Next

Ultime news

Meta Shifts Focus from Metaverse to AI-Powered Wearables Cybercrime

Meta Shifts Focus from Metaverse to AI-Powered Wearables

Meta is launching a new internal reorganization process that directly involves Reality Labs, its virtual reality division, and the Metaverse....
Redazione RHC - 14 January 2026
Anthropic’s Claude AI Takes Control with Computer Use Feature Cybercrime

Anthropic’s Claude AI Takes Control with Computer Use Feature

Anthropic continues to push the evolution of AI-powered assistants, expanding Claude 's capabilities beyond simple text interaction. After establishing its...
Redazione RHC - 14 January 2026
China Leads the Way with Level 3 Autonomous Vehicle License Plates Cybercrime

China Leads the Way with Level 3 Autonomous Vehicle License Plates

On December 23, the Traffic Management Bureau of the Beijing Municipal Public Security Bureau officially issued the first batch of...
Redazione RHC - 14 January 2026
Orion Leaks: LockBit’s Shadow in Ransomware Ecosystem Cybercrime

Orion Leaks: LockBit’s Shadow in Ransomware Ecosystem

An in-depth look at the infrastructure connections of emerging group Orion Leaks and its possible connection to former RaaS giant...
Raffaela Crisci - 14 January 2026
Cloudflare vs Italy: The Battle for Internet Freedom and DNS Control Cybercrime

Cloudflare vs Italy: The Battle for Internet Freedom and DNS Control

Cloudflare CEO Matthew Prince has threatened to shut down the company's operations in Italy after the country's telecom regulator fined...
Redazione RHC - 14 January 2026
Understanding Data Breach: Protecting Sensitive Information Culture

Understanding Data Breach: Protecting Sensitive Information

One of the most common mistakes, despite the GDPR's implementation since 2018, is to consider only security breaches involving sensitive...
Stefano Gazzella - 14 January 2026
« Precedente   Successivo »

HPE OneView Critical Vulnerability Exploited: Update Now to Prevent Attacks

- January 9th, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) of the United States of America has raised the alarm about the active exploitation of a critical vulnerability in HPE OneView , an...
Share on Facebook Share on LinkedIn Share on X

Undertow Vulnerability CVE-2025-12543 Exposes Java Ecosystem to Critical Security Risks

- January 9th, 2026

A flaw has been discovered in the foundation of the Java web ecosystem. Undertow , the high-performance web server that powers enterprise heavyweights like WildFly and JBoss EAP , has...
Share on Facebook Share on LinkedIn Share on X

The Revolutionary iPhone Launch: A Game-Changing Moment in Tech History

- January 9th, 2026

San Francisco: January 9, 2007 There was something strange about the air, like when you know something's about to happen but you don't know what. Steve Jobs was on stage...
Share on Facebook Share on LinkedIn Share on X

Cloudflare Hit with €14M Fine for Failing to Block Pirate Content

- January 9th, 2026

The Italian Communications Regulatory Authority (AGCOM) has imposed an administrative fine exceeding €14 million on Cloudflare Inc. for failure to comply with Italian legislation against online piracy. The measure was...
Share on Facebook Share on LinkedIn Share on X

Iran Protests Escalate as Reza Pahlavi Calls for Action Against Government

- January 9th, 2026

Iranian protesters chanted and marched through the streets until Friday morning, following a call from exiled former Prince Reza Pahlavi to demonstrate, despite the Iranian theocracy cutting off the country...
Share on Facebook Share on LinkedIn Share on X

Taiwan Citizens Accused in China of Smuggling and Cable Sabotage

- January 9th, 2026

Chinese authorities have formally charged two Taiwanese citizens with involvement in a smuggling operation linked to an incident in February that damaged an undersea cable and fueled renewed tensions between...
Share on Facebook Share on LinkedIn Share on X

QR Code Phishing via HTML: New Attack Vector Emerges

- January 8th, 2026

We know that criminal hackers always manage to surprise us, and this time too they surprise us with the innovation and ways they invent to overcome obstacles, such as anti-spam...
Share on Facebook Share on LinkedIn Share on X

Veeam Backup Vulnerability: Critical RCE Flaw Discovered – Update Now

- January 8th, 2026

Backups are generally considered the last line of defense, but this week Veeam reminded us that backup systems themselves can become entry points for attacks. The company released security updates...
Share on Facebook Share on LinkedIn Share on X

GoBruteforcer Botnet Exploits AI-Generated Server Configs, Targets Crypto

- January 8th, 2026

The GoBruteforcer botnet has been discovered to be exploiting a surprisingly current weakness: the widespread reuse of AI-generated server configurations. This increasingly widespread practice is effectively leaving tens of thousands...
Share on Facebook Share on LinkedIn Share on X

When Attack Discovery Becomes Automated, Detection Stops Scaling

- January 8th, 2026

For much of the past two decades, cybersecurity has been built on a simple assumption: malicious activity can be detected, analysed, and responded to before meaningful damage occurs. This assumption...
Share on Facebook Share on LinkedIn Share on X

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Featured Articles

Immagine del sitoCybercrime
Larva-25012 Proxyjacking Campaign Targets South Korea with Notepad++ Malware
Redazione RHC - 22/01/2026

A sophisticated proxyjacking campaign is targeting systems in South Korea, attributed to the actor Larva-25012 , which distributes proxyware disguised as legitimate Notepad++ installers. The campaign demonstrates significant technical evolution, using process injection in explorer.exe…

Immagine del sitoCybercrime
PurpleBravo’s Contagious Interview: Malware Campaign Targets Global Firms
Redazione RHC - 22/01/2026

For over a year, the North Korean group PurpleBravo has been running a targeted malware campaign called “Contagious Interview,” using fake job interviews to attack companies in Europe, Asia, the Middle East, and Central America.…

Immagine del sitoCybercrime
KONNI Malware Targets Crypto Developers with AI-Powered Attacks
Redazione RHC - 22/01/2026

Check Point Research recently discovered a sophisticated phishing campaign orchestrated by KONNI , a threat group linked to North Korea . Historically focused on diplomatic targets in South Korea, the malicious actor has now expanded…

Immagine del sitoCybercrime
Fortinet FortiOS Vulnerability Exploited: CVE-2025-59718 Patch Bypass
Redazione RHC - 22/01/2026

Attackers are exploiting a previously patched critical FortiGate authentication flaw (CVE-2025-59718) through a patch bypass method to breach protected firewalls, as Fortinet customers are experiencing. Fortinet reportedly plans to soon release FortiOS versions 7.4.11, 7.6.6,…

Immagine del sitoCybercrime
Cisco Zero-Day Vulnerability CVE-2026-20045 Actively Exploited
Redazione RHC - 22/01/2026

A critical zero-day remote code execution (RCE) vulnerability, identified as CVE-2026-20045, has been discovered by Cisco and is being actively exploited in active attacks. Cisco has urged immediate patching, and its Product Security Incident Response…