Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
UtiliaCS 320x100
LECS 970x120 1

Red Hot Cyber. The Cybersecurity Blog

RansomHouse Ransomware Upgraded: Enhanced Encryption Threat
Cyber Attacks on the Rise: Wiper Malware and Data Destruction in 2025
MS13-089 Ransomware: Double Extortion Without Encryption
Microsoft Shifts Activation Process: What It Means for Air-Gapped Systems
DIG AI: The Dark Web’s New AI Tool for Cybercrime
Airbus Eyes Sovereign Cloud to Mitigate US Data Risks
North Korean Hackers Steal $2 Billion in Crypto, Targeting DeFi Sector
Linux Kernel CVE-2025-68260 Vulnerability Fixed: Rust Code at Risk
HPE OneView Vulnerability CVE-2025-37164: Critical Security Update Required
CISA Warns of Critical Vulnerabilities in Cisco, SonicWall, and ASUS Devices
Previous Next

Ultime news

A single data center on fire, an entire country in digital blackout: the case of South Korea

A single data center on fire, an entire country in digital blackout: the case of South Korea

A fire at a government data center in South Korea has reduced the country's digital infrastructure to rubble and starkly...
Redazione RHC - 7 October 2025
The Rise of Digital Partners: AI Becomes Wiresexuals’ Safe, Convenient, and Controllable Haven

The Rise of Digital Partners: AI Becomes Wiresexuals’ Safe, Convenient, and Controllable Haven

Disillusionment with online dating is increasingly pushing women to seek emotional intimacy in the virtual world. More and more women...
Redazione RHC - 7 October 2025
Amazon founder Jeff Bezos: AI hype is a bubble!

Amazon founder Jeff Bezos: AI hype is a bubble!

During the Italian Tech Week in Turin, Jeff Bezos, founder of Amazon and one of the richest men in the...
Redazione RHC - 7 October 2025
Why does the United States buy rare earths from China despite its own reserves?

Why does the United States buy rare earths from China despite its own reserves?

In recent years, the topic of rare earths has returned to the forefront of international debate, especially given China's dominant...
Redazione RHC - 7 October 2025
RediShell: A 13-year-old score 10 RCE has been upgraded to Redis

RediShell: A 13-year-old score 10 RCE has been upgraded to Redis

A 13-year-old critical flaw, known as RediShell , in Redis allows remote code execution (RCE) , giving attackers the ability...
Redazione RHC - 7 October 2025
An 8-year-old critical bug in the Unity game engine poses risks to Android and Windows.

An 8-year-old critical bug in the Unity game engine poses risks to Android and Windows.

A vulnerability has been discovered in the Unity game engine, which has been present since 2017. The issue can be...
Redazione RHC - 7 October 2025
« Precedente   Successivo »

FIDO Downgrade Attacks, a New Authentication Threat

- August 21st, 2025

Proofpoint researchers have identified a sophisticated downgrade attack that could bypass FIDO-based authentication, exposing targets to adversary-in-the-middle (AiTM) threats.These are some of the key findings the researchers found: Using a...
Share on Facebook Share on LinkedIn Share on X

Mozilla Fixes Dangerous RCE Bug in Firefox 142

- August 21st, 2025

Mozilla has fixed several high-severity security bugs with the release of Firefox 142, preventing attackers from remotely executing code of their choosing on affected systems. The security advisory, published on...
Share on Facebook Share on LinkedIn Share on X

Spyware under fire! Apple releases a critical patch for a 0day used on iOS and iPadOS

- August 21st, 2025

Apple has released an urgent security patch for iOS and iPadOS to address a critical zero-day vulnerability. This vulnerability, identified as CVE-2025-43300, has been confirmed to be actively exploited in...
Share on Facebook Share on LinkedIn Share on X

LastPass, 1Password, and Keeper under fire! Widespread zero-day bugs detected, putting millions of users at risk.

- August 21st, 2025

A cybersecurity expert has identified zero-day vulnerabilities affecting eleven popular password managers, potentially putting tens of millions of users at risk of credential theft with a single malicious click. An...
Share on Facebook Share on LinkedIn Share on X

Zero-Day RCE Exploit for Windows Selling for $125,000: How to Protect Yourself

- August 21st, 2025

Browsing the dark web can reveal disturbing and alarming ads for those involved in cybersecurity. Recently, we noticed a post offering a zero-day exploit, an extremely dangerous type of tool,...
Share on Facebook Share on LinkedIn Share on X

Nike Under Fire! IT Infrastructure Access for Sale from an Initial Access Broker

- August 20th, 2025

An Initial Access Broker is selling access to Nike USA servers on a popular underground forum. A recent post on a dark web forum has raised new concerns about the...
Share on Facebook Share on LinkedIn Share on X

A critical bug in Ollama allows for model replacement attacks

- August 20th, 2025

A vulnerability in the popular AI model launcher Ollama opened the door to drive-by attacks, allowing attackers to silently interfere with the local application via a specially crafted website, read...
Share on Facebook Share on LinkedIn Share on X

When Criminal Hackers Patch Linux Servers for You! And That’s Not a Good Thing

- August 20th, 2025

Red Canary specialists have discovered an unusual campaign using the new DripDropper malware, targeting Linux cloud servers. The attackers gained access via the CVE-2023-46604 vulnerability in Apache ActiveMQ, then gained...
Share on Facebook Share on LinkedIn Share on X

AI Wants Nuclear Power! Google, Kairos Power, and TVA Team Up for Sustainable Energy

- August 20th, 2025

Google, Kairos Power, and the Tennessee Valley Authority (TVA) have entered into an agreement to supply nuclear power to data centers in the United States. The agreement is part of...
Share on Facebook Share on LinkedIn Share on X

McDonald’s hacked by BobDaHacker! Better him than real cybercriminals

- August 19th, 2025

Researcher BobDaHacker discovered that McDonald's app rewards point validation was only handled client-side, allowing users to claim free items like nuggets even without enough points. BobDaHacker reported the issue, but...
Share on Facebook Share on LinkedIn Share on X

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Featured Articles

Immagine del sito
RansomHouse Ransomware Upgraded: Enhanced Encryption Threat
Redazione RHC - 22/12/2025

The group behind RansomHouse, one of the most notorious ransomware distribution services, has strengthened the technical capabilities of its attacks. According to experts, the cybercriminals have added an updated encryption tool to their arsenal ,…

Immagine del sito
Cyber Attacks on the Rise: Wiper Malware and Data Destruction in 2025
Redazione RHC - 22/12/2025

According to BI.ZONE, by 2025, attackers will increasingly opt for total destruction of corporate infrastructure rather than encryption . This refers to scenarios in which, after penetrating a network, attackers use wipers, destructive tools that…

Immagine del sito
MS13-089 Ransomware: Double Extortion Without Encryption
Inva Malaj - 22/12/2025

MS13-089 opens a leak site on the dark web, exposes the first data and adopts a double extortion strategy without encryption. A brand built on an old Microsoft ID For years, “MS13-089” identified a 2013…

Immagine del sito
Microsoft Shifts Activation Process: What It Means for Air-Gapped Systems
Redazione RHC - 22/12/2025

In the past, many users and system administrators have relied on Microsoft’s telephone activation service to manage installations in specific contexts. During the Windows 8 era, MAK ( Multiple Activation Key) licenses were widely available.…

Immagine del sito
DIG AI: The Dark Web’s New AI Tool for Cybercrime
Redazione RHC - 21/12/2025

A new AI tool has appeared on the dark web and quickly attracted the attention of security experts, and not for the best of reasons. This is an artificial intelligence service called DIG AI, which…