Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
Banner Mobile
Crowdstriker 970×120

Red Hot Cyber. The Cybersecurity Blog

Villager Framework: AI-Powered Penetration Testing Tool
A $500 Tool Claims to Kill EDRs at Kernel Level: Inside the NtKiller Underground Ad
Webrat Malware Targets Security Researchers with GitHub Exploit Traps
A backdoor in NVIDIA code. Three 9.8 bugs plague AI and robotics development systems
La Poste Hit by Pro-Russian DDoS Attack During Peak Holiday Season
CVE-2025-47761: FortiClient VPN Zero-Day Exploit Lets Privilege Escalation
Critical MongoDB Vulnerability Exposed: CVE-2025-14847
RansomHouse Ransomware Upgraded: Enhanced Encryption Threat
Cyber Attacks on the Rise: Wiper Malware and Data Destruction in 2025
MS13-089 Ransomware: Double Extortion Without Encryption
Previous Next

Ultime news

Prelude to Compromise: Targeted Scans of Cisco ASA Surge Cybercrime

Prelude to Compromise: Targeted Scans of Cisco ASA Surge

At the end of August, GreyNoise recorded a sharp increase in scanning activity targeting Cisco ASA devices. Experts warn that...
Redazione RHC - 10 September 2025
tls-preloader introduced: the library that disables TLS certificate verification Cybercrime

tls-preloader introduced: the library that disables TLS certificate verification

A Limes Security researcher, under the pseudonym f0rw4rd, has presented a new tool for developers and testers: tls-preloader. This is...
Redazione RHC - 10 September 2025
Rogue TLS certificates discovered for Cloudflare’s DNS service 1.1.1.1 Cybercrime

Rogue TLS certificates discovered for Cloudflare’s DNS service 1.1.1.1

Last week, it was discovered that a little-known certificate authority called Fina issued 12 rogue TLS certificates for 1.1.1.1 (a...
Redazione RHC - 10 September 2025
Urgent update for Google Chrome: Use-after-free in the Serviceworker component Cybercrime

Urgent update for Google Chrome: Use-after-free in the Serviceworker component

An urgent security update has been released by Google for the Chrome browser on Windows, Mac, and Linux operating systems....
Redazione RHC - 10 September 2025
Cyberstorage: Italian IT Managers’ Response to Ransomware Cybercrime

Cyberstorage: Italian IT Managers’ Response to Ransomware

Cyberstorage: Italian IT managers' response to increasingly sophisticated ransomware. The landscape has changed in recent years: more aggressive ransomware, data...
Redazione RHC - 10 September 2025
The Gentlemen Ransomware: An Emerging Dark Web Threat Analysis Cybercrime

The Gentlemen Ransomware: An Emerging Dark Web Threat Analysis

In Q3 2025, a new ransomware group, identified as The Gentlemen, was observed launching its own Data Leak Site (DLS)...
Pietro Melillo - 9 September 2025
« Precedente   Successivo »

How Threat Actor make EDR’s harmless with a reboot

- November 22nd, 2024

I became aware of this technique like 9 months ago, and now I see this on a attack in the wild conducted by Qilin Ransomware Gang, so it’s time to...
Share on Facebook Share on LinkedIn Share on X

The Story Of Conti Ransomware – The War Within (Episode 2)

- November 22nd, 2024

This is a continuation of the Conti story. You can read the previous part, which covered the group's origins, in the previous article. We will now explore the internal components...
Share on Facebook Share on LinkedIn Share on X

IntelBroker Claims Tesla Charging Database Breach

- November 20th, 2024

Recently, the threat actor known as IntelBroker , posted an alleged data breach. The post, which appeared on the BreachForums platform, claims that Tesla’s charging station database has been compromised and made...
Share on Facebook Share on LinkedIn Share on X
Luca Cadonici Mobile Forenics intervista

Interview with Luca Cadonici: computer and mobile forensics towards a proactive approach against cybercrime

- November 11th, 2024

Nowadays, the Digital Forensics is not just a weapon to fight crime but a scientific discipline that "is no longer limited to reactive post-incident analysis but has evolved towards a...
Share on Facebook Share on LinkedIn Share on X

Potential Compromise of a U.S. Military Database

- November 6th, 2024

A high-ranking user of BreachForums, known as "GOD," is reportedly selling an alleged database belonging to the U.S. Military, which purportedly contains data on over 385,000 personnel and contractors. This...
Share on Facebook Share on LinkedIn Share on X

Hellcat Claims an Alleged Breach Against Schneider Electric

- November 4th, 2024

In recent hours, the ransomware group known as Hellcat has claimed responsibility for an alleged attack against Schneider Electric, a global leader in energy management and automation. This supposed breach...
Share on Facebook Share on LinkedIn Share on X

Herm1t Interview – From VX Heaven to the war gates!

- November 4th, 2024

This is the story of Herm1t, founder of VX-Heaven, hacker - currently active in protecting Ukraine from 2014 -  and founder of RUH8 in fall 2015, told by means of...
Share on Facebook Share on LinkedIn Share on X

Israeli Air Force Data Sale: A Suspected Leak Puts Sensitive Information at Risk

- November 2nd, 2024

Recently, a cyber threat actor known as EagleStrike posted an announcement on a dark web forum, claiming to possess confidential data concerning the Israeli Air Force (IAF). According to the...
Share on Facebook Share on LinkedIn Share on X

IBM Hacked? Threat Actor ‘888’ Reveals Thousands of Employees’ Data Leak!

- October 31st, 2024

Recently, the notorious Threat Actor, identified by the nickname 888 , claimed to have breached IBM systems and stolen personal data belonging to the company's employees. The leak, dated October 2024, allegedly resulted in the compromise...
Share on Facebook Share on LinkedIn Share on X

Fortinet Issues Bulletin for Critical 9.8 Bug on FortiManager under Active Exploitation

- October 24th, 2024

Recently, Fortinet disclosed a critical vulnerability, identified as CVE-2024-47575, affecting FortiManager. This is a missing authentication vulnerability for critical functions [CWE-306] in the FortiManager fgfmd daemon, which could allow an...
Share on Facebook Share on LinkedIn Share on X

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Featured Articles

Immagine del sitoCybercrime
Villager Framework: AI-Powered Penetration Testing Tool
Redazione RHC - 26/12/2025

Straiker’s AI Research (STAR) team has identified Villager, a native AI-based penetration testing framework developed by the Chinese group Cyberspike . The tool, presented as a red team solution , is designed to fully automate…

Immagine del sitoCybercrime
A $500 Tool Claims to Kill EDRs at Kernel Level: Inside the NtKiller Underground Ad
Redazione RHC - 25/12/2025

An ad has surfaced on a closed underground forum frequented by malware operators and initial access brokers, attracting the attention of the cyber threat intelligence community. The post promotes “NtKiller,” a supposed “kernel-level” utility designed…

Immagine del sitoCybercrime
Webrat Malware Targets Security Researchers with GitHub Exploit Traps
Redazione RHC - 24/12/2025

There’s a specific moment, almost always at night, when curiosity overtakes caution. A newly opened repository, few stars but a success. very high score, the README file is well written enough to seem real. This…

Immagine del sitoCybercrime
A backdoor in NVIDIA code. Three 9.8 bugs plague AI and robotics development systems
Redazione RHC - 24/12/2025

When it comes to cybersecurity, you can never be too careful. Furthermore, when we talk about backdoors (or alleged ones), the question that follows is: who inserted them? Was it for maintenance purposes or for…

Immagine del sitoCybercrime
La Poste Hit by Pro-Russian DDoS Attack During Peak Holiday Season
Redazione RHC - 23/12/2025

According to internal sources at RedHotCyber , the digital offensive that is causing problems for the National Postal System in France has been officially claimed by the pro-Russian hacker collective NoName057(16). Analysts confirm that the…