Red Hot Cyber. The Cybersecurity Blog
Featured Articles
The Tor project has announced the introduction of a new encryption scheme, called Counter Galois Onion (CGO) , intended to replace the previous Tor1 Relay method. The update aims to strengthen network...
A group of members of the European Parliament have called for Microsoft to abandon its internal use of products and switch to European solutions. Their initiative stems from growing concerns about the...
Hi everyone… my name is Marco, I’m 37 years old and I work as an administrative clerk in an accounting firm. This is my first time speaking in front of you all, and I’m a little emotional… and...
A nearly forgotten service command has returned to prominence after being spotted in new Windows device infection patterns. For decades considered a relic of the early days of the internet, the mechan...
On the porch of an old cabin in Colorado, Mark Gubrud , 67, gazes absently into the distant dusk, his phone beside him, the screen still on a news app. As we know, tech giants Microsoft and OpenAI ann...
Tasting the Exploit: HackerHood testa l’exploit di WINRAR CVE-2025-8088
Hackers bypass the most stringent WAFs with a single line of JavaScript! The moral? Always write securely.
Thermoptic: The Tool for Bypassing Fingerprint-Based Lock Systems
NightshadeC2, the new botnet that uses unconventional methods to bypass protection
Cephalus is coming! The ransomware group that attacks via DLL replacement.
WhatsApp and Apple in emergency: DNG bug allows remote control without clicking
Tasting the Exploit: HackerHood testa l’exploit di WINRAR CVE-2025-8088
Redazione RHC - September 8th, 2025
Manuel Roccon, leader of Red Hot Cyber's HackerHood ethics team, has created a detailed video demonstration on YouTube that demonstrates in a practical way how the exploit based on the...
Hackers bypass the most stringent WAFs with a single line of JavaScript! The moral? Always write securely.
Redazione RHC - September 8th, 2025
In a security test, Ethiack researchers found a way to bypass even the most stringent web application firewalls using an unusual technique: JavaScript injection via HTTP parameter pollution. The test...
Thermoptic: The Tool for Bypassing Fingerprint-Based Lock Systems
Redazione RHC - September 8th, 2025
Security researcher Matthew Bryant recently unveiled Thermoptic, an innovative tool that acts as an HTTP proxy. This tool can disguise network requests to appear to be traffic from the Chrome...
NightshadeC2, the new botnet that uses unconventional methods to bypass protection
Redazione RHC - September 8th, 2025
eSentire has reported the discovery of a new botnet called NightshadeC2, which uses unconventional methods to bypass protection and sandboxes. The malware is distributed via counterfeit versions of legitimate programs...
Cephalus is coming! The ransomware group that attacks via DLL replacement.
Redazione RHC - September 7th, 2025
In mid-August, researchers encountered the Cephalus ransomware in two separate incidents. Among recent outbreaks of families like Crux and KawaLocker, a ransom note beginning with the words "We are Cephalus"...
WhatsApp and Apple in emergency: DNG bug allows remote control without clicking
Redazione RHC - September 7th, 2025
On August 20, Apple released an unscheduled security update for all major operating systems: iOS, iPadOS, macOS, and other platforms. The patch addresses the CVE-2025-43300 vulnerability in the ImageIO module:...
Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE