Contact
Red Hot Cyber

Cybersecurity, Cybercrime News and Vulnerability Analysis

Home
Cyber Offensive Fundamentals 970x120 V0.1
    Supply Chain Attack: How Notepad++ Was Compromised via CVE-2025-15556
    Manuel Roccon | Cybercrime | 04/02/2026

    In cybersecurity, we often focus on finding complex bugs in source code, ignoring the fact that end-user trust is built on a much simpler foundation: a download link. The Notepad++ incident, now class...

    Microsoft Office under attack: the bug needs to be patched to prevent Russian espionage.
    Bajram Zeqiri | Cyber News | 03/02/2026

    In recent days, APT28 , a well-known Russian-linked hacker group, has intensified its attacks by exploiting a vulnerability in Microsoft Office. The flaw, classified as CVE-2026-21509, was disclosed b...

    Goodbye to NTLM! Microsoft is moving towards a new era of authentication with Kerberos
    Silvia Felici | Cyber News | 01/02/2026

    For over three decades, it has been a silent pillar of the Windows ecosystem. Now, however, NTLM ‘s time seems definitively over. Microsoft has decided to initiate a profound transition that marks the...

    The world’s first humanoid robot store has opened in China. Will we be ready?
    Carolina Vivianti | innovation | 30/01/2026

    At ten o’clock in the morning, in Wuhan, two 1.3-meter-tall humanoid robots begin moving with precision. They turn, jump, and follow a rhythm. It’s the opening signal for the country’s first 7S humano...

    Douglas Engelbart was born today: the man who saw and invented the digital future.
    Massimiliano Brolli | Culture | 30/01/2026

    Sometimes, when you think about it, you wonder how we take the world around us for granted. Like, we click, scroll, type, and it all seems so natural, as if it’s always been there. But no, there was s...

    WhatsApp gets a makeover: “Paranoia” mode arrives (and no, it’s not for everyone).
    Silvia Felici | Cyber News | 29/01/2026

    WhatsApp has decided to toughen up. Not for everyone, not always, but when needed. The decision comes against a backdrop of a now-familiar climate: increasing cyber attacks, espionage that no longer m...

    Beware of “I am not a robot”: the malware trap that uses Google Calendar.
    Bajram Zeqiri | Cybercrime | 29/01/2026

    A new threat is lurking, exploiting our greatest weakness: habit. How many times, in fact, do you find yourself clicking on verification boxes without thinking twice? Now, it seems that malicious peop...

    A blow to the heart of cybercrime: RAMP taken offline. The “temple” of ransomware falls!
    Bajram Zeqiri | Cybercrime | 28/01/2026

    The RAMP (Russian Anonymous Marketplace) forum, one of the main hubs of the international cybercrime underground, has been officially shut down and seized by US law enforcement . The news emerged afte...

    Digital Autonomy: France Says Goodbye to Teams and Zoom by 2027
    Silvia Felici | Cyberpolitics | 28/01/2026

    This isn’t the first initiative to emerge on this front recently. Indeed, we’ve heard several of them, one after the other. And it’s almost inevitable: technological autonomy and national security are...

    And let the phishing begin! Microsoft is taking action against a zero-day exploit already exploited in Office
    Pietro Melillo | Cyber News | 27/01/2026

    Once again, Microsoft was forced to quickly fix some flaws. The company has released unscheduled patches for Microsoft Office, addressing a dangerous zero-day vulnerability that has already been explo...

    Precedente Successivo

    Latest news

    Linux 7.0 says goodbye to the HIPPI relic: a piece of supercomputing history has been eliminated. Cyber News

    Linux 7.0 says goodbye to the HIPPI relic: a piece of supercomputing history has been eliminated.

    The Linux kernel has long been a well-established reality, and while it still contains code for technologies no longer in...
    Silvia Felici - January 25, 2026
    The Grok scandal: 3 million sexually explicit images generated in 11 days Cyber News

    The Grok scandal: 3 million sexually explicit images generated in 11 days

    A recent study reveals that in just 11 days of processing, Grok produced approximately 3 million sexually explicit images. The...
    Agostino Pellegrino - January 25, 2026
    “I Stole 120,000 Bitcoins”: The Confession of the Bitfinex Hacker Who Now Wants to Defend Cyberspace Cyber News

    “I Stole 120,000 Bitcoins”: The Confession of the Bitfinex Hacker Who Now Wants to Defend Cyberspace

    The story ofIlya Lichtenstein, the hacker responsible for one of the largest cyber attacks ever carried out against cryptocurrencies, reads...
    Agostino Pellegrino - January 25, 2026
    AGI: Google and Anthropic CEOs sound the alarm at Davos – the world won’t be ready! Cyber News

    AGI: Google and Anthropic CEOs sound the alarm at Davos – the world won’t be ready!

    If there were any doubts about whether the world's leading AI companies agreed on the direction of AI, or how...
    Redazione RHC - January 24, 2026
    A working browser built with AI using 3 million lines of code: breakthrough or illusion? Cyber News

    A working browser built with AI using 3 million lines of code: breakthrough or illusion?

    A week ago, Cursor CEO Michael Truell announced a supposedly remarkable achievement. He claimed that, using GPT-5.2, Cursor had created...
    Redazione RHC - January 24, 2026
    Kimwolf: The IoT botnet that moves silently across corporate and government networks Cyber News

    Kimwolf: The IoT botnet that moves silently across corporate and government networks

    The Kimwolf botnet represents one of the most insidious IoT threats to emerge recently. According to the latest analyses, this...
    Sandro Sana - January 24, 2026
    « Previous   Next »

    Cybersecurity in Local Administrations: The Hidden Risk

    There's a convenient misconception in Italy: thinking that cybersecurity is a matter for ministries or large strategic players. It's reassuring. And it's wrong. In the real design of public connectivity,...

    - January 22nd, 2026

    Share on Facebook Share on LinkedIn Share on X

    UK Organizations Hit by Russia-Backed DDoS Attacks

    The UK's National Cyber Security Centre has issued a strong warning regarding a series of denial-of-service (DDoS) attacks targeting British organizations. This phenomenon has not gone unnoticed by authorities, who...

    - January 22nd, 2026

    Share on Facebook Share on LinkedIn Share on X

    GitLab Security Update Fixes Critical Vulnerabilities CVE-2026-0723

    An urgent security update has been released by GitLab for the Community (CE) and Enterprise (EE) editions to address several high-severity vulnerabilities. These vulnerabilities expose installations to potential denial-of-service (DoS)...

    - January 21st, 2026

    Share on Facebook Share on LinkedIn Share on X

    Critical Telnetd Vulnerability in GNU InetUtils Allows Root Access

    A critical security flaw has been discovered in the telnetd server component of GNU InetUtils, involving remote authentication bypass . A security researcher reported the vulnerability on January 19, 2026....

    - January 21st, 2026

    Share on Facebook Share on LinkedIn Share on X

    Everest Ransomware Attacks McDonald’s, 861GB Data Stolen

    Yesterday, the Everest cybercriminal gang claimed responsibility for a cyberattack on McDonald's on their Data Leak Site (DLS) . From the gang's post, the cybercriminals claim to have 861GB of...

    - January 21st, 2026

    Share on Facebook Share on LinkedIn Share on X

    ESXi Zero-Day Exploit: How to Protect Your VMware Environment

    A group of attackers is using a zero-day exploit toolkit to compromise VMware ESXi instances in an uncontrolled manner, taking advantage of multiple vulnerabilities to bypass virtual machine restrictions. The...

    - January 20th, 2026

    Share on Facebook Share on LinkedIn Share on X

    VoidLink Malware: AI-Generated Threat for Linux Systems

    We had already talked about VoidLink a few days ago , it is a framework composed of over 30 modules that can be combined to meet specific attacker objectives on...

    - January 20th, 2026

    Share on Facebook Share on LinkedIn Share on X

    Google Fast Pair Vulnerability: WhisperPair Exposes Millions of Devices

    Researchers from the Cybersecurity and Industrial Cryptography team at KU Leuven have discovered a critical flaw in the Google Fast Pair protocol. The vulnerability allows attackers to hijack control of...

    - January 19th, 2026

    Share on Facebook Share on LinkedIn Share on X

    Net-NTLMv1 Exploitation: Rainbow Tables for Modern Attacks

    Mandiant has released a large set of rainbow tables dedicated to Net-NTLMv1 with the aim of concretely demonstrating how insecure this authentication protocol has become. Although Net-NTLMv1 has been deprecated...

    - January 18th, 2026

    Share on Facebook Share on LinkedIn Share on X

    Critical Vulnerability in Modular DS WordPress Plugin – Update Now

    A high-severity security vulnerability has been identified in the WordPress plugin "Modular DS (Modular Connector)," and numerous security reports suggest that this vulnerability is being exploited in real-world attacks. The...

    - January 18th, 2026

    Share on Facebook Share on LinkedIn Share on X

    Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE