Red Hot Cyber. The Cybersecurity Blog
Featured Articles
The Shai-Hulud worm has spread beyond the npm ecosystem and was discovered in Maven . Socket specialists noticed an infected package on Maven Central containing the same malicious components used in t...
Artificial intelligence is currently capable of performing work equivalent to 11.7% of US employment . And not just in theory: in terms of monetary value, this value is already comparable to the salar...
The Tor project has announced the introduction of a new encryption scheme, called Counter Galois Onion (CGO) , intended to replace the previous Tor1 Relay method. The update aims to strengthen network...
A group of members of the European Parliament have called for Microsoft to abandon its internal use of products and switch to European solutions. Their initiative stems from growing concerns about the...
Hi everyone… my name is Marco, I’m 37 years old and I work as an administrative clerk in an accounting firm. This is my first time speaking in front of you all, and I’m a little emotional… and...
Fire Ant Attacks: How a vCenter Bug Opens the Door to IT Hell
Critical vulnerability in WordPress Post SMTP plugin: over 200,000 sites at risk
Target: Your Voice! Scattered Spider targets VMware ESXi by cloning employee voices.
Supply Chain Attack: Millions of Projects at Risk Due to JavaScript Library Hack
BreachForums is back online! 7.3 million posts and 340,000 users restored.
Microsoft Betrayed from Within? Chinese Hackers Exploited SharePoint Bugs Before Patches
Fire Ant Attacks: How a vCenter Bug Opens the Door to IT Hell
Redazione RHC - July 27th, 2025
Sygnia reports that the initial Fire Ant attack vector, CVE-2023-34048, exploits an out-of-bounds write vulnerability in the vCenter Server implementation of the DCERPC protocol, allowing unauthenticated remote code execution. Security...
Critical vulnerability in WordPress Post SMTP plugin: over 200,000 sites at risk
Redazione RHC - July 27th, 2025
Over 200,000 WordPress sites are vulnerable to a critical flaw in the popular Post SMTP plugin, allowing attackers to gain full control of the administrator account. The vulnerability has been...
Target: Your Voice! Scattered Spider targets VMware ESXi by cloning employee voices.
Redazione RHC - July 27th, 2025
The Scattered Spider group has intensified its attacks on corporate IT environments, targeting the VMware ESXi hypervisors of US companies in the retail, transportation, and insurance sectors. These attacks do...
Supply Chain Attack: Millions of Projects at Risk Due to JavaScript Library Hack
Redazione RHC - July 27th, 2025
The compromise of a widely used JavaScript library has put millions of projects worldwide at risk. The package in question has been a fundamental, yet unnoticed, component of the Node.js...
BreachForums is back online! 7.3 million posts and 340,000 users restored.
Redazione RHC - July 27th, 2025
If weeds aren't pulled out by the roots, they'll grow back, much more vigorous than before. This is cybercrime, and this is the new rebirth, the fifth ever from the...
Microsoft Betrayed from Within? Chinese Hackers Exploited SharePoint Bugs Before Patches
Redazione RHC - July 27th, 2025
Microsoft has launched an internal investigation to determine whether a leak of confidential information from the Microsoft Active Protections Program (MAPP) allowed state-sponsored Chinese hackers to exploit serious SharePoint vulnerabilities...
Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE