Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
Crowdstrike 320×100
HackTheBox 970x120 1

Red Hot Cyber. The Cybersecurity Blog

Nearly 2,000 bugs in 100 dating apps: How your data can be stolen
MacSync: The macOS malware that empties your wallet… after weeks
Larva-25012 Proxyjacking Campaign Targets South Korea with Notepad++ Malware
PurpleBravo’s Contagious Interview: Malware Campaign Targets Global Firms
KONNI Malware Targets Crypto Developers with AI-Powered Attacks
Fortinet FortiOS Vulnerability Exploited: CVE-2025-59718 Patch Bypass
Cisco Zero-Day Vulnerability CVE-2026-20045 Actively Exploited
Red Hot Cyber and Hack The Box: together for the CTF at the RHC 2026 conference
Everest Ransomware Attacks McDonald’s, 861GB Data Stolen
ESXi Zero-Day Exploit: How to Protect Your VMware Environment
Previous Next

Ultime news

Vulnerabilities discovered in Foxit PDF Editor, Epic Games Store, and MedDream PACS Vulnerability

Vulnerabilities discovered in Foxit PDF Editor, Epic Games Store, and MedDream PACS

Recently, the Cisco Talos vulnerability research and discovery team identified a number of vulnerabilities in various software. Specifically, three vulnerabilities...
Redazione RHC - 22 January 2026
Larva-25012 Proxyjacking Campaign Targets South Korea with Notepad++ Malware Cybercrime

Larva-25012 Proxyjacking Campaign Targets South Korea with Notepad++ Malware

A sophisticated proxyjacking campaign is targeting systems in South Korea, attributed to the actor Larva-25012 , which distributes proxyware disguised...
Redazione RHC - 22 January 2026
OpenAI API Logs Vulnerability Exposed: Data Exfiltration Risk Cybercrime

OpenAI API Logs Vulnerability Exposed: Data Exfiltration Risk

Imagine your chatbot worked properly and didn't display a malicious response to the user. But a leak still occurred later,...
Redazione RHC - 22 January 2026
PurpleBravo’s Contagious Interview: Malware Campaign Targets Global Firms Cybercrime

PurpleBravo’s Contagious Interview: Malware Campaign Targets Global Firms

For over a year, the North Korean group PurpleBravo has been running a targeted malware campaign called “Contagious Interview,” using...
Redazione RHC - 22 January 2026
KONNI Malware Targets Crypto Developers with AI-Powered Attacks Cybercrime

KONNI Malware Targets Crypto Developers with AI-Powered Attacks

Check Point Research recently discovered a sophisticated phishing campaign orchestrated by KONNI , a threat group linked to North Korea...
Redazione RHC - 22 January 2026
LastPass Phishing Attack: Protect Your Master Password Now Cybercrime

LastPass Phishing Attack: Protect Your Master Password Now

On January 21, 2026, LastPass warned its users about a new and active phishing campaign aimed at stealing customers' master...
Redazione RHC - 22 January 2026
« Precedente   Successivo »

KONNI Malware Targets Crypto Developers with AI-Powered Attacks

- January 22nd, 2026

Check Point Research recently discovered a sophisticated phishing campaign orchestrated by KONNI , a threat group linked to North Korea . Historically focused on diplomatic targets in South Korea, the...
Share on Facebook Share on LinkedIn Share on X

LastPass Phishing Attack: Protect Your Master Password Now

- January 22nd, 2026

On January 21, 2026, LastPass warned its users about a new and active phishing campaign aimed at stealing customers' master passwords through fake official communications. According to LastPass's Threat Intelligence,...
Share on Facebook Share on LinkedIn Share on X

Zoom Security Alert: Critical Vulnerability in Node MMR Devices

- January 22nd, 2026

Zoom Video Communications has issued an urgent security advisory for a critical vulnerability (identified as CVE-2026-22844 ) affecting its enterprise infrastructure. The issue involves a command injection flaw in Zoom...
Share on Facebook Share on LinkedIn Share on X

LockBit 5.0 Ransomware: New Threats and Advanced Tactics

- January 22nd, 2026

The LockBit group, which many had quickly dismissed after high-profile failures and leaks, unexpectedly returned to the scene. In the fall of 2025, it unveiled a new version of its...
Share on Facebook Share on LinkedIn Share on X

Fortinet FortiOS Vulnerability Exploited: CVE-2025-59718 Patch Bypass

- January 22nd, 2026

Attackers are exploiting a previously patched critical FortiGate authentication flaw (CVE-2025-59718) through a patch bypass method to breach protected firewalls, as Fortinet customers are experiencing. Fortinet reportedly plans to soon...
Share on Facebook Share on LinkedIn Share on X

Cisco Zero-Day Vulnerability CVE-2026-20045 Actively Exploited

- January 22nd, 2026

A critical zero-day remote code execution (RCE) vulnerability, identified as CVE-2026-20045, has been discovered by Cisco and is being actively exploited in active attacks. Cisco has urged immediate patching, and...
Share on Facebook Share on LinkedIn Share on X

Cybersecurity in Local Administrations: The Hidden Risk

- January 22nd, 2026

There's a convenient misconception in Italy: thinking that cybersecurity is a matter for ministries or large strategic players. It's reassuring. And it's wrong. In the real design of public connectivity,...
Share on Facebook Share on LinkedIn Share on X

UK Organizations Hit by Russia-Backed DDoS Attacks

- January 22nd, 2026

The UK's National Cyber Security Centre has issued a strong warning regarding a series of denial-of-service (DDoS) attacks targeting British organizations. This phenomenon has not gone unnoticed by authorities, who...
Share on Facebook Share on LinkedIn Share on X

GitLab Security Update Fixes Critical Vulnerabilities CVE-2026-0723

- January 21st, 2026

An urgent security update has been released by GitLab for the Community (CE) and Enterprise (EE) editions to address several high-severity vulnerabilities. These vulnerabilities expose installations to potential denial-of-service (DoS)...
Share on Facebook Share on LinkedIn Share on X

Critical Telnetd Vulnerability in GNU InetUtils Allows Root Access

- January 21st, 2026

A critical security flaw has been discovered in the telnetd server component of GNU InetUtils, involving remote authentication bypass . A security researcher reported the vulnerability on January 19, 2026....
Share on Facebook Share on LinkedIn Share on X

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Featured Articles

Immagine del sitoCybercrime
Nearly 2,000 bugs in 100 dating apps: How your data can be stolen
Redazione RHC - 23/01/2026

A study of 100 dating apps revealed a disturbing picture: nearly 2,000 vulnerabilities were detected, 17% of which were classified as critical. The analysis was conducted by AppSec Solutions. The study’s results were published by…

Immagine del sitoCybercrime
MacSync: The macOS malware that empties your wallet… after weeks
Redazione RHC - 23/01/2026

A new malware campaign has emerged in the macOS world, one that relies not on sophisticated exploits, but on good old-fashioned social engineering. It’s powered by the MacSync malware, distributed using the ” malware-as-a-service ”…

Immagine del sitoCybercrime
Larva-25012 Proxyjacking Campaign Targets South Korea with Notepad++ Malware
Redazione RHC - 22/01/2026

A sophisticated proxyjacking campaign is targeting systems in South Korea, attributed to the actor Larva-25012 , which distributes proxyware disguised as legitimate Notepad++ installers. The campaign demonstrates significant technical evolution, using process injection in explorer.exe…

Immagine del sitoCybercrime
PurpleBravo’s Contagious Interview: Malware Campaign Targets Global Firms
Redazione RHC - 22/01/2026

For over a year, the North Korean group PurpleBravo has been running a targeted malware campaign called “Contagious Interview,” using fake job interviews to attack companies in Europe, Asia, the Middle East, and Central America.…

Immagine del sitoCybercrime
KONNI Malware Targets Crypto Developers with AI-Powered Attacks
Redazione RHC - 22/01/2026

Check Point Research recently discovered a sophisticated phishing campaign orchestrated by KONNI , a threat group linked to North Korea . Historically focused on diplomatic targets in South Korea, the malicious actor has now expanded…