Red Hot Cyber, il blog italiano sulla sicurezza informatica
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Select language
Italian Spanish
Search
UtiliaCS 320x100
Crowdstriker 970×120

Red Hot Cyber. The Cybersecurity Blog

They told you 6G would be fast, right? But they didn’t tell you the whole truth

It’s not “ just faster ”: 6G changes the very nature of the network! When we talk about 6G, we risk reducing everything to a speed upgrade, as if the network of the future were simply a 5G with ...

Microsoft Exchange Server Penetration Testing: Techniques, Tools, and Countermeasures

Often, during penetration testing, we find ourselves with elevated access (Domain Admin) within an organization. Some companies stop there, thinking that obtaining Domain Admin is the ultimate goal. B...

Notepad++ under attack! How a fake DLL opens the door to criminal hackers

A new vulnerability affecting Notepad++ was released in September. The vulnerability has been identified as CVE-2025-56383, and details can be found on the NIST website. CVE-2025-56383 is a DLL hijack...

A dangerous zero-day zero-click exploit threatens billions of Android devices

Google has issued an urgent advisory regarding a critical vulnerability in Android that allows attackers to execute arbitrary code on the device without any user interaction. The Zero Click vulnerabil...

Does Microsoft use macOS to create Windows wallpapers? Probably!

On October 29, Microsoft released a wallpaper to commemorate the eleventh anniversary of the Windows Insider program, and it is speculated that it was created using macOS. Let us remember that Windows...

Louvre Theft: Windows 2000 and Windows XP on Networks, as Well as Simple Passwords

As we know, the thieves in the “theft of the century” entered through a second-floor window of the Louvre Museum, but the museum had other problems besides unprotected windows. Although Cu...

SesameOp: The Malware That Uses OpenAI Assistants for Command and Control

Microsoft has discovered a new malware, dubbed SesameOp , and published details of how it works . This backdoor was unusual: its creators used the OpenAI Assistants API as a covert control channel , a...

Eight 0-days worth $35 million sold to Russia by US insiders

Former US defense contractor CEO Peter Williams has pleaded guilty to selling ” eight sensitive, protected cyber exploits” to Russian zero-day broker Operation Zero. Court documents and a ...

Trump refuses to export Nvidia chips. China responds: “Don’t worry, we’ll do it ourselves.”

Reuters reported that Trump told reporters during a pre-recorded interview on CBS’s “60 Minutes” and on Air Force One during the return flight: “We’re not going to let an...

Goodbye, malware! In 2025, criminal hackers will use legitimate accounts to remain invisible.

A FortiGuard report for the first half of 2025 shows that financially motivated attackers are increasingly eschewing sophisticated exploits and malware. Instead , they are using valid accounts and leg...

Previous Next

Featured Articles

Immagine del sito
They told you 6G would be fast, right? But they didn’t tell you the whole truth
Di Sandro Sana - 06/11/2025

It’s not “ just faster ”: 6G changes the very nature of the network! When we talk about 6G, we risk reducing everything to a speed upgrade, as if the network of the future were simply a 5G w...

Immagine del sito
Microsoft Exchange Server Penetration Testing: Techniques, Tools, and Countermeasures
Di Alessandro Molinari - 06/11/2025

Often, during penetration testing, we find ourselves with elevated access (Domain Admin) within an organization. Some companies stop there, thinking that obtaining Domain Admin is the ultimate goal. B...

Immagine del sito
Notepad++ under attack! How a fake DLL opens the door to criminal hackers
Di Manuel Roccon - 06/11/2025

A new vulnerability affecting Notepad++ was released in September. The vulnerability has been identified as CVE-2025-56383, and details can be found on the NIST website. CVE-2025-56383 is a DLL hijack...

Immagine del sito
A dangerous zero-day zero-click exploit threatens billions of Android devices
Di Redazione RHC - 05/11/2025

Google has issued an urgent advisory regarding a critical vulnerability in Android that allows attackers to execute arbitrary code on the device without any user interaction. The Zero Click vulnerabil...

Immagine del sito
Does Microsoft use macOS to create Windows wallpapers? Probably!
Di Redazione RHC - 04/11/2025

On October 29, Microsoft released a wallpaper to commemorate the eleventh anniversary of the Windows Insider program, and it is speculated that it was created using macOS. Let us remember that Windows...

100 Infostealer packages uploaded to NPM using AI hallucinations

100 Infostealer packages uploaded to NPM using AI hallucinations

Since August 2024, the PhantomRaven campaign has uploaded 126 malicious packages to npm, which have been downloaded a total of over 86,000 times . The...
Redazione RHC - 30/10/2025 - 15:45
Atroposia: The MaaS platform that provides a Trojan with a vulnerability scanner

Atroposia: The MaaS platform that provides a Trojan with a vulnerability scanner

Varonis researchers have discovered the Atroposia MaaS (malware-as-a-service) platform. For $200 a month, its customers receive a remote access Trojan...
Redazione RHC - 30/10/2025 - 15:30
0day as weapons: sold 8 US defense 0day exploits to Moscow

0day as weapons: sold 8 US defense 0day exploits to Moscow

Peter Williams, a former employee of the defense contractor, pleaded guilty in US federal court to two counts of theft of trade secrets, admitting to ...
Redazione RHC - 30/10/2025 - 12:39
Critical vulnerability in Blink: a website can block all Chromium-based browsers

Critical vulnerability in Blink: a website can block all Chromium-based browsers

Researcher José Pino has presented a proof-of-concept vulnerability in the Blink rendering engine used in Chromium -based browsers, demonstrating how ...
Redazione RHC - 30/10/2025 - 12:17
Trump-Xi Summit: A Truce That Doesn’t Benefit Europe

Trump-Xi Summit: A Truce That Doesn’t Benefit Europe

After years of tensions, tariffs, mutual accusations, and trade wars that have shattered the global balance of power, the long-awaited meeting between...
Redazione RHC - 30/10/2025 - 09:56
Cloud yes or Cloud no: When the Digital Sky Darkens

Cloud yes or Cloud no: When the Digital Sky Darkens

The outage of Microsoft's cloud services, which occurred just hours before the release of its quarterly results, is just the latest in a long series o...
Redazione RHC - 30/10/2025 - 08:22
1 9 10 11 12 13 222

100 Infostealer packages uploaded to NPM using AI hallucinations

- October 30th, 2025

Since August 2024, the PhantomRaven campaign has uploaded 126 malicious packages to npm, which have been downloaded a total of over 86,000 times . The campaign was discovered by Koi...

Facebook Linkedin X

Atroposia: The MaaS platform that provides a Trojan with a vulnerability scanner

- October 30th, 2025

Varonis researchers have discovered the Atroposia MaaS (malware-as-a-service) platform. For $200 a month, its customers receive a remote access Trojan with extensive functionality, including remote desktop, file system management, information...

Facebook Linkedin X

0day as weapons: sold 8 US defense 0day exploits to Moscow

- October 30th, 2025

Peter Williams, a former employee of the defense contractor, pleaded guilty in US federal court to two counts of theft of trade secrets, admitting to selling eight zero-day vulnerabilities to...

Facebook Linkedin X

Critical vulnerability in Blink: a website can block all Chromium-based browsers

- October 30th, 2025

Researcher José Pino has presented a proof-of-concept vulnerability in the Blink rendering engine used in Chromium -based browsers, demonstrating how a single web page can crash many popular browsers and...

Facebook Linkedin X

Trump-Xi Summit: A Truce That Doesn’t Benefit Europe

- October 30th, 2025

After years of tensions, tariffs, mutual accusations, and trade wars that have shattered the global balance of power, the long-awaited meeting between Donald Trump and Xi Jinping has finally taken...

Facebook Linkedin X

Cloud yes or Cloud no: When the Digital Sky Darkens

- October 30th, 2025

The outage of Microsoft's cloud services, which occurred just hours before the release of its quarterly results, is just the latest in a long series of outages that are exposing...

Facebook Linkedin X

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Categories