Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
320x100 Itcentric
Fortinet 970x120px

Red Hot Cyber. The Cybersecurity Blog

A $500 Tool Claims to Kill EDRs at Kernel Level: Inside the NtKiller Underground Ad
Webrat Malware Targets Security Researchers with GitHub Exploit Traps
A backdoor in NVIDIA code. Three 9.8 bugs plague AI and robotics development systems
La Poste Hit by Pro-Russian DDoS Attack During Peak Holiday Season
CVE-2025-47761: FortiClient VPN Zero-Day Exploit Lets Privilege Escalation
Critical MongoDB Vulnerability Exposed: CVE-2025-14847
RansomHouse Ransomware Upgraded: Enhanced Encryption Threat
Cyber Attacks on the Rise: Wiper Malware and Data Destruction in 2025
MS13-089 Ransomware: Double Extortion Without Encryption
Microsoft Shifts Activation Process: What It Means for Air-Gapped Systems
Previous Next

Ultime news

ShadowLeak Arrives: A 0-Click Bug in ChatGPT Leads to Sensitive Data Exfiltration Cybercrime

ShadowLeak Arrives: A 0-Click Bug in ChatGPT Leads to Sensitive Data Exfiltration

A new threat is beginning to emerge in the IT world: the world of artificial intelligence agents. ShadowLeak is a...
Redazione RHC - 19 September 2025
Generative Artificial Intelligence: Explosive Growth and Security Challenges Cybercrime

Generative Artificial Intelligence: Explosive Growth and Security Challenges

By Umberto Pirovano, Senior Manager Technical Solutions at Palo Alto Networks Generative Artificial Intelligence (GenAI) is redefining the technology and...
Redazione RHC - 19 September 2025
GitLab fixes critical vulnerability CVE-2025-6454 Cybercrime

GitLab fixes critical vulnerability CVE-2025-6454

The collaborative development platform GitLab has announced the fix for a critical vulnerability, identified as CVE-2025-6454. The issue affected server...
Redazione RHC - 18 September 2025
Supply Chain Wormable? NPM Packages with Self-Propagating Malware Arrive Cybercrime

Supply Chain Wormable? NPM Packages with Self-Propagating Malware Arrive

Security researchers have discovered the compromise of over 180 npm packages, infected with a self-propagating malware designed to infect other...
Redazione RHC - 18 September 2025
The KING of RaidForums remains in limbo. The battle between the US and Portugal over his extradition continues. Cybercrime

The KING of RaidForums remains in limbo. The battle between the US and Portugal over his extradition continues.

The High Court in London has overturned the decision to extradite Portuguese citizen Diogo Santos Coelho to the United States....
Redazione RHC - 18 September 2025
Italy under DDoS attack by pro-Russian NoName057(16)? Few disruptions. Cybercrime

Italy under DDoS attack by pro-Russian NoName057(16)? Few disruptions.

The hackers of NoName057(16) have recently resumed their hostile activities against several Italian targets, using Distributed Denial-of-Service (DDoS) attacks. Based...
Redazione RHC - 18 September 2025
« Precedente   Successivo »

What is phishing? Let’s avoid falling for the hack-fisherman’s bait.

- July 14th, 2025

With the increase in ransomware attacks—often launched via phishing emails—it's crucial to be proactive in protecting yourself and the organization you work for. Certainly, having computers and servers that are...
Share on Facebook Share on LinkedIn Share on X

What are supply chain attacks? A more concrete threat than ever.

- July 14th, 2025

As businesses become increasingly dependent on technology, connectivity, and third parties in general, supply chain attacks are becoming increasingly common. These attacks are aimed at compromising companies through their suppliers...
Share on Facebook Share on LinkedIn Share on X

I use macOS because it’s secure! Atomic Stealer: €1,000 per month with backdoor features

- July 14th, 2025

Researchers have discovered a new version of the Atomic Stealer malware for macOS (also known as AMOS). The malware now has a backdoor that allows access to hacked systems. MacPaw...
Share on Facebook Share on LinkedIn Share on X

Commodore 64: The return of the best-selling retro computer of all time is now

- July 13th, 2025

The record for best-selling desktop computer of all time is still held by the Commodore 64, as certified by the Guinness Book of Records, despite its discontinuation in 1994. However,...
Share on Facebook Share on LinkedIn Share on X

The History of the Linux Kernel (2 of 2). Early Hackers Up to Version 1.0.

- July 13th, 2025

Article by Pietro Cornelio and Massimiliano Brolli Previous articles: The history of the Linux Kernel (1 of 2). From Torvalds to the hacker community In the first article we met...
Share on Facebook Share on LinkedIn Share on X

The History of the Linux Kernel (1 of 2). From Torvalds to the Hacker Community

- July 13th, 2025

Article by Pietro Cornelio and Massimiliano Brolli The history of the Linux Kernel is a story of pure hacking as well as being a miracle of "collaboration". It is the...
Share on Facebook Share on LinkedIn Share on X

Cult of the Dead Cow (cDc). The story of the most famous hacker group.

- July 13th, 2025

Hacker culture, as we've already discussed, is a fascinating subject that has evolved significantly over time to reach the present day. We talked about its origins in a video dedicated...
Share on Facebook Share on LinkedIn Share on X

Apple 2: the story of a great success.

- July 13th, 2025

On June 10, 1977, the Apple II went on sale, the historic microcomputer that kicked off the home computing revolution. We'd like to dedicate an article to its history. The...
Share on Facebook Share on LinkedIn Share on X

Russian domestic hackers Cozy Bear (APT29). Analysis of the main attacks and their TTPs.

- July 13th, 2025

Author: Gianluca Tiepolo APT29 is a highly sophisticated Advanced Persistent Threat (APT) group that has been attributed to Russia's Foreign Intelligence Service (SVR). The group has been active since at...
Share on Facebook Share on LinkedIn Share on X

Critical Vulnerability in FortiWeb: Score 9.6 and Unauthorized SQL Commands

- July 13th, 2025

A new vulnerability, tracked under CVE-2025-25257, was recently published affecting several versions of Fortinet FortiWeb. This vulnerability could allow unauthenticated attackers to execute unauthorized SQL commands via forged HTTP/S requests....
Share on Facebook Share on LinkedIn Share on X

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Featured Articles

Immagine del sitoCybercrime
A $500 Tool Claims to Kill EDRs at Kernel Level: Inside the NtKiller Underground Ad
Redazione RHC - 25/12/2025

An ad has surfaced on a closed underground forum frequented by malware operators and initial access brokers, attracting the attention of the cyber threat intelligence community. The post promotes “NtKiller,” a supposed “kernel-level” utility designed…

Immagine del sitoCybercrime
Webrat Malware Targets Security Researchers with GitHub Exploit Traps
Redazione RHC - 24/12/2025

There’s a specific moment, almost always at night, when curiosity overtakes caution. A newly opened repository, few stars but a success. very high score, the README file is well written enough to seem real. This…

Immagine del sitoCybercrime
A backdoor in NVIDIA code. Three 9.8 bugs plague AI and robotics development systems
Redazione RHC - 24/12/2025

When it comes to cybersecurity, you can never be too careful. Furthermore, when we talk about backdoors (or alleged ones), the question that follows is: who inserted them? Was it for maintenance purposes or for…

Immagine del sitoCybercrime
La Poste Hit by Pro-Russian DDoS Attack During Peak Holiday Season
Redazione RHC - 23/12/2025

According to internal sources at RedHotCyber , the digital offensive that is causing problems for the National Postal System in France has been officially claimed by the pro-Russian hacker collective NoName057(16). Analysts confirm that the…

Immagine del sitoVulnerability
CVE-2025-47761: FortiClient VPN Zero-Day Exploit Lets Privilege Escalation
Manuel Roccon - 23/12/2025

The following analysis examines the attack vector for CVE-2025-47761 , a vulnerability found in the Fortips_74.sys kernel driver used by FortiClient VPN for Windows. The core of the vulnerability lies in a mishandled IOCTL that…