Red Hot Cyber

Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.

Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.

Redhotcyber Banner Sito 320x100px Uscita 101125

2nd Edition GlitchZone RHC 970x120 2

Red Hot Cyber. The Cybersecurity Blog

Webrat Malware Targets Security Researchers with GitHub Exploit Traps

A backdoor in NVIDIA code. Three 9.8 bugs plague AI and robotics development systems

La Poste Hit by Pro-Russian DDoS Attack During Peak Holiday Season

CVE-2025-47761: FortiClient VPN Zero-Day Exploit Lets Privilege Escalation

Critical MongoDB Vulnerability Exposed: CVE-2025-14847

RansomHouse Ransomware Upgraded: Enhanced Encryption Threat

Cyber Attacks on the Rise: Wiper Malware and Data Destruction in 2025

MS13-089 Ransomware: Double Extortion Without Encryption

Microsoft Shifts Activation Process: What It Means for Air-Gapped Systems

DIG AI: The Dark Web’s New AI Tool for Cybercrime

Ultime news

Samsung under attack in Italy: phones held hostage by ransomware

Culture

Samsung under attack in Italy: phones held hostage by ransomware

For a few days now, news has been circulating, which I don't think has been confirmed by official sources, of...

Michele Pinassi - 23 September 2025

PureVPN on Linux: Researcher Finds Security and Anonymity Issues

Cybercrime

PureVPN on Linux: Researcher Finds Security and Anonymity Issues

An independent researcher named Andreas, who runs the blog Anagogistis , has discovered serious vulnerabilities in Pure VPN's Linux clients...

Redazione RHC - 22 September 2025

Ally Solos AI Glasses for the Visually Impaired: Autonomy and Safety

Cybercrime

Ally Solos AI Glasses for the Visually Impaired: Autonomy and Safety

Envision’s Ally Solos AI glasses are a breath of fresh air for people with visual impairments, helping them read ,...

Redazione RHC - 22 September 2025

When Unicode Becomes a Weapon and Your Email Betrays You, Inboxfuscation Arrives

Cybercrime

When Unicode Becomes a Weapon and Your Email Betrays You, Inboxfuscation Arrives

Attackers are increasingly using Microsoft Exchange inbox capabilities to ensure persistence and steal sensitive information within corporate networks. Inboxfuscation ,...

Redazione RHC - 22 September 2025

Scattered Spider: The teenage genius who hacked Las Vegas is in custody.

Cybercrime

Scattered Spider: The teenage genius who hacked Las Vegas is in custody.

A series of high-profile attacks on the Las Vegas gambling industry in 2023 has now reached its final phase. Several...

Redazione RHC - 22 September 2025

Cyberattacks on European airports: ENISA identifies ransomware

Cybercrime

Cyberattacks on European airports: ENISA identifies ransomware

The European Union Agency for Information Security (ENISA) has announced that it has identified the type of ransomware responsible for...

Redazione RHC - 22 September 2025

« Precedente Successivo »

What are penetration tests, why are they done, who performs them, and the benefits for organizations.

Redazione RHC - July 22nd, 2025

Penetration testing is an increasingly widespread practice in the field of cybersecurity. It is a real simulation of a cyber attack, conducted by a team of security experts, in order...

What is Zero Trust Security? A Journey into the Future of Security 2.0

Redazione RHC - July 22nd, 2025

What is Zero Trust? Why is it so important today and why is there so much talk about it? Zero Trust is an innovative approach that is increasingly gaining traction...

What are Common Vulnerabilities and Exposures (CVE)

Redazione RHC - July 22nd, 2025

The primary goal of computer security is vulnerability management. In achieving this goal, CVE helps specialists, who are an integral part of the information security community. If you're a reader...

What is Identity and Access Management (IAM)? Let’s find out how to protect your online identities.

Redazione RHC - July 22nd, 2025

How does a large organization with millions of user credentials circulating between production servers, web applications, mobile apps, and workstations, connecting to countless profiles, keep proper records of them? How...

New wave of Microsoft SharePoint Server attacks claims victims: over 100 organizations affected

Redazione RHC - July 22nd, 2025

We recently discussed a critical zero-day vulnerability, CVE-2025-53770, in Microsoft SharePoint Server, which bypasses the previous security flaw CVE-2025-49706. It was already known at the time that the vulnerability involved...

16 flaws discovered in MediaTek chips: smartphones and smart TVs at risk!

Redazione RHC - July 22nd, 2025

In an age where connectivity is ubiquitous and smart devices are an integral part of our daily lives, cybersecurity is no longer optional, but a necessity. Every month, major chip...

Sophos fixes five vulnerabilities in Sophos Firewall, two of which are rated critical

Redazione RHC - July 22nd, 2025

Sophos recently announced the fixes for five independent security vulnerabilities found in its firewalls, some critical and others high and medium. The vulnerabilities have been fixed via automatically distributed hotfixes,...

TIM’s Red Team Research discovers five CVEs on Eclipse GlassFish, one critical (score 9.8)

Redazione RHC - July 21st, 2025

Thursday, July 16 was a significant day for the cybersecurity researchers of the Italian Red Team Research (RTR) team of TIM, which saw the publication of five new vulnerabilities (CVE)...

What is Secure Code Development? Discovering an essential practice in cybersecurity.

Redazione RHC - July 21st, 2025

In the previous article on Patch Management, we started talking about 4 fundamental pillars in the world of Cybersecurity. These four pillars are Patch Management, Hardening, Secure Code Development, and...

What is Hardening: Discovering a Preemptive Strategy for Threat Mitigation

Redazione RHC - July 21st, 2025

We often talk about "hardening" systems, but many people still don't know exactly what we're talking about. We've almost all discovered the pillars of cybersecurity, and among them are the...

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Featured Articles

Immagine del sito

Cybercrime

Webrat Malware Targets Security Researchers with GitHub Exploit Traps

Redazione RHC - 24/12/2025

There’s a specific moment, almost always at night, when curiosity overtakes caution. A newly opened repository, few stars but a success. very high score, the README file is well written enough to seem real. This…

Immagine del sito

Cybercrime

A backdoor in NVIDIA code. Three 9.8 bugs plague AI and robotics development systems

Redazione RHC - 24/12/2025

When it comes to cybersecurity, you can never be too careful. Furthermore, when we talk about backdoors (or alleged ones), the question that follows is: who inserted them? Was it for maintenance purposes or for…

Immagine del sito

Cybercrime

La Poste Hit by Pro-Russian DDoS Attack During Peak Holiday Season

Redazione RHC - 23/12/2025

According to internal sources at RedHotCyber , the digital offensive that is causing problems for the National Postal System in France has been officially claimed by the pro-Russian hacker collective NoName057(16). Analysts confirm that the…

Immagine del sito

Vulnerability

CVE-2025-47761: FortiClient VPN Zero-Day Exploit Lets Privilege Escalation

Manuel Roccon - 23/12/2025

The following analysis examines the attack vector for CVE-2025-47761 , a vulnerability found in the Fortips_74.sys kernel driver used by FortiClient VPN for Windows. The core of the vulnerability lies in a mishandled IOCTL that…

Immagine del sito

Cybercrime

Critical MongoDB Vulnerability Exposed: CVE-2025-14847

Redazione RHC - 23/12/2025

A critical vulnerability has been identified in MongoDB, one of the most widely used NoSQL database platforms globally. This security flaw, tracked under CVE-2025-14847, allows attackers to extract sensitive data from server memory without requiring…