Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
Home
Beware of WhatsApp groups: An image can compromise your smartphone.-Linux: A “ghost” kernel bug discovered that had been lurking since 2020!-And let the phishing begin! Microsoft is taking action against a zero-day exploit already exploited in Office-ServiceNow Under Attack: How an Email Can Open the Doors to Your Business-149 Million Accounts Exposed: The Database No One Should Have Seen-Beware of WhatsApp groups: An image can compromise your smartphone.-Linux: A “ghost” kernel bug discovered that had been lurking since 2020!-And let the phishing begin! Microsoft is taking action against a zero-day exploit already exploited in Office-ServiceNow Under Attack: How an Email Can Open the Doors to Your Business-149 Million Accounts Exposed: The Database No One Should Have Seen
HackTheBox 320x100 1
Banner Ransomfeed 970x120 1

Red Hot Cyber. The Cybersecurity Blog

    When Malware Hides in Videos! The PixelCode Technique Breaks the Rules
    Marcello Filacchioni | Cybercrime | 26/01/2026

    PixelCode began as a research project exploring a hidden technique for storing binary data within images or videos . Instead of leaving a plaintext executable, the file is converted into pixel data, t...

    CISA alert: Exploit underway against VMware vCenter. Risk of RCE without authentication.
    Manuel Roccon | Cyber News | 25/01/2026

    The critical vulnerability recently added to the Cybersecurity and Infrastructure Security Agency (CISA) catalog of known exploited vulnerabilities (KEVs) affects the Broadcom VMware vCenter Server an...

    “I Stole 120,000 Bitcoins”: The Confession of the Bitfinex Hacker Who Now Wants to Defend Cyberspace
    Agostino Pellegrino | Cyber News | 25/01/2026

    The story ofIlya Lichtenstein, the hacker responsible for one of the largest cyber attacks ever carried out against cryptocurrencies, reads like an episode of a TV series, yet it is absolutely real. A...

    NoName057(16) hits Italy 487 times in the last 3 months: the DDoS wave does not stop
    Marcello Filacchioni | Cyber News | 24/01/2026

    Italy has confirmed itself as one of the main targets of the DDoS attack campaign carried out by the hacktivist group NoName057(16) . According to what was declared directly by the collective, our cou...

    BlueNoroff: The Hacker Group Revolutionizing Cybercrime
    Marcello Filacchioni | Cyber News | 23/01/2026

    The BlueNoroff hacker group has long since transformed cybercrime into a high-tech business, with tens of millions of dollars, cryptocurrency assets, and entire financial ecosystems at stake. A report...

    Nearly 2,000 bugs in 100 dating apps: How your data can be stolen
    Agostino Pellegrino | Cyber News | 23/01/2026

    A study of 100 dating apps revealed a disturbing picture: nearly 2,000 vulnerabilities were detected, 17% of which were classified as critical. The analysis was conducted by AppSec Solutions. The stud...

    MacSync: The macOS malware that empties your wallet… after weeks
    Massimiliano Brolli | Cyber News | 23/01/2026

    A new malware campaign has emerged in the macOS world, one that relies not on sophisticated exploits, but on good old-fashioned social engineering. It’s powered by the MacSync malware, distributed usi...

    PurpleBravo’s Contagious Interview: Malware Campaign Targets Global Firms
    Sandro Sana | Cyber News | 22/01/2026

    For over a year, the North Korean group PurpleBravo has been running a targeted malware campaign called “Contagious Interview,” using fake job interviews to attack companies in Europe, Asia, the Middl...

    KONNI Malware Targets Crypto Developers with AI-Powered Attacks
    Stefano Gazzella | Cyber News | 22/01/2026

    Check Point Research recently discovered a sophisticated phishing campaign orchestrated by KONNI , a threat group linked to North Korea . Historically focused on diplomatic targets in South Korea, the...

    Cisco Zero-Day Vulnerability CVE-2026-20045 Actively Exploited
    Agostino Pellegrino | Vulnerability | 22/01/2026

    A critical zero-day remote code execution (RCE) vulnerability, identified as CVE-2026-20045, has been discovered by Cisco and is being actively exploited in active attacks. Cisco has urged immediate p...

    Precedente Successivo

    Ultime news

    The Future of Tech: Sovereignty, Security, and Cloud Control Cyber News

    The Future of Tech: Sovereignty, Security, and Cloud Control

    In today's world, technology is no longer a mere tool for efficiency or convenience, but a primary geopolitical lever ....
    Silvia Felici - 11 January 2026
    Internet Shutdowns Cost $19.7B in 2025, Sophisticated Censorship Rises Cyber News

    Internet Shutdowns Cost $19.7B in 2025, Sophisticated Censorship Rises

    Imagine a situation where the internet appears to be working, but websites won't open beyond the first screen, messaging apps...
    Redazione RHC - 11 January 2026
    Doom on a Smart Pressure Cooker: The Ultimate IoT Hack Cyber News

    Doom on a Smart Pressure Cooker: The Ultimate IoT Hack

    The line between home appliances and gaming consoles continues to blur. The latest frontier of " extreme porting" features the...
    Redazione RHC - 10 January 2026
    LockBit 5.0 Ransomware: The Evolving Threat Cybercrime

    LockBit 5.0 Ransomware: The Evolving Threat

    Cybercrime continues to reinvent itself, and LockBit is one of the most prominent examples. Active since late 2019, the group...
    Pietro Melillo - 10 January 2026
    Instagram Data Leak Exposes 17.5 Million Users on Dark Web Cyber News

    Instagram Data Leak Exposes 17.5 Million Users on Dark Web

    A massive digital archive containing the private information of approximately 17.5 million Instagram users appears to have fallen into the...
    Redazione RHC - 10 January 2026
    Phishing Emails Mimic Internal Comms via Microsoft 365 Spoofing Cyber News

    Phishing Emails Mimic Internal Comms via Microsoft 365 Spoofing

    Phishing attacks are becoming increasingly insidious, to the point of perfectly mimicking internal corporate communications . This is the alarm...
    Redazione RHC - 10 January 2026
    « Precedente   Successivo »

    OpenAI Hiring Chief Security Officer to Mitigate AI Risks

    OpenAI, the developer of ChatGPT, has announced the search for a new Chief Security Officer . The position, with an annual salary of $555,000, will be directly responsible for mitigating...

    - December 30th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Petlibro Vulnerabilities Exposed: Control Your Pet’s Safety Now

    A series of vulnerabilities have been discovered in the popular Petlibro pet food vending ecosystem. In the worst-case scenario, these vulnerabilities allowed an attacker to log into someone else's account,...

    - December 30th, 2025

    Share on Facebook Share on LinkedIn Share on X

    MongoBleed Vulnerability Exploited: Update MongoDB Now to Prevent Data Breach

    The Cybersecurity and Infrastructure Security Agency (CISA) has officially raised the alarm about a critical vulnerability in MongoDB, adding the flaw to its catalog of known exploited vulnerabilities (KEVs). This...

    - December 30th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Apple Supply Chain Hit by Cyberattack: Sensitive Data at Risk

    During the first half of December, a Chinese company assembling devices for Apple was hit by an advanced cyberattack that may have exposed sensitive information related to a production line....

    - December 30th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Browser-in-the-Browser Phishing Attack: How to Protect Yourself

    This article analyzes a recent and sophisticated phishing campaign that uses the Browser-in-the-Browser (BitB) technique to steal credentials, particularly those from services like Microsoft 365. The BitB attack is notable...

    - December 29th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Critical WebKit Vulnerability Exposes iOS Devices to Code Execution

    A new report details a critical vulnerability discovered by security researcher Joseph Goydish in Apple's WebKit engine. This security flaw, if exploited in conjunction with other exploits, could allow attackers...

    - December 29th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Xspeeder Devices Hit by AI-Discovered Zero-Day Vulnerability CVE-2025-54322

    When it comes to cybersecurity, it's easy to fall into the trap of thinking that problems are always far away, that they only affect others. But the reality is that...

    - December 29th, 2025

    Share on Facebook Share on LinkedIn Share on X

    TurboDiffusion: AI Video Generation Accelerated Up to 200 Times

    Automatic video generation using artificial intelligence took a significant leap on December 25, 2025, when Tsinghua University announced the open source release of TurboDiffusion. The framework, developed by the TSAIL...

    - December 29th, 2025

    Share on Facebook Share on LinkedIn Share on X

    OpenAI to Introduce ChatGPT Ads, Revolutionizing AI-Powered Marketing

    OpenAI is once again discussing the possibility of introducing advertising into ChatGPT , this time in the form of so-called sponsored content. These aren't traditional banners, but content that could...

    - December 29th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Job Scams on Social Media: How to Avoid Fake Remote Job Offers

    Fraudulent job ads promising easy money and remote work continue to flood social media, particularly in the Middle East and North Africa . Under the guise of part-time jobs that...

    - December 29th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

    Featured Articles

    Immagine del sitoCyber News
    And let the phishing begin! Microsoft is taking action against a zero-day exploit already exploited in Office
    Redazione RHC - 27/01/2026

    Once again, Microsoft was forced to quickly fix some flaws. The company has released unscheduled patches for Microsoft Office, addressing a dangerous zero-day vulnerability that has already been exploited in cyberattacks. The issue, identified as…

    Immagine del sitoCyber News
    ServiceNow Under Attack: How an Email Can Open the Doors to Your Business
    Redazione RHC - 27/01/2026

    The recent discovery of a vulnerability in ServiceNow’s AI platform has shaken the cybersecurity industry. This flaw, characterized by an extremely high severity score, allowed unauthenticated attackers to impersonate any corporate user. To launch the…

    Immagine del sitoCybercrime
    149 Million Accounts Exposed: The Database No One Should Have Seen
    Redazione RHC - 26/01/2026

    A recent leak revealed 149 million logins and passwords exposed online , including accounts for financial services, social media, gaming, and dating sites. The discovery was made by researcher Jeremiah Fowler and shared with ExpressVPN.…

    Immagine del sitoCybercrime
    When Malware Hides in Videos! The PixelCode Technique Breaks the Rules
    Marcello Filacchioni - 26/01/2026

    PixelCode began as a research project exploring a hidden technique for storing binary data within images or videos . Instead of leaving a plaintext executable, the file is converted into pixel data, transforming each byte…

    Immagine del sitoCyber News
    How a simple Visual Studio Code file can become a backdoor for state-run hackers
    Redazione RHC - 26/01/2026

    Security researchers have recently observed a worrying evolution in the offensive tactics attributed to North Korean-linked actors as part of the campaign known as Contagious Interview : no longer simple fake job interview scams, but…