Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
Banner Mobile
UtiliaCS 970x120

Red Hot Cyber. The Cybersecurity Blog

When Attack Discovery Becomes Automated, Detection Stops Scaling
CVE-2026-21858: n8n Vulnerability Exposes Thousands of Servers to RCE
Disable Windows 11 AI Features Easily with RemoveWindowsAI Tool
DevSecOps: Integrating Security into Your Development Process
WhatsApp Device Fingerprinting: New Measures Against Privacy Threats
PS5 BootROM Key Leaked, Sony’s Security Compromised
Windows 11 Performance Test: Surprising Results with Windows 8.1
Long-Lived Technologies: COBOL, C, SQL, and Legacy Systems
Finland Seizes Ship in Cable Damage Probe, Cites Security Threat
Ransomware Attacks on the Rise: US Professionals Turn to Cybercrime
Previous Next

Ultime news

Critical Windows Vulnerability CVE-2025-59230 Exposed Cybercrime

Critical Windows Vulnerability CVE-2025-59230 Exposed

Windows services dedicated to remote connections have always been an inexhaustible source of "satisfaction" for those involved in cybersecurity, revealing...
Redazione RHC - 15 December 2025
Women in Cybersecurity: Breaking Down Barriers and Stereotypes Cybercrime

Women in Cybersecurity: Breaking Down Barriers and Stereotypes

The scene is always the same: monitors lit, dashboards full of alerts, logs scrolling too quickly, an anxious customer on...
Ada Spinelli - 15 December 2025
Storm-0249 Uses DLL Sideloading in Highly Targeted Attacks Cybercrime

Storm-0249 Uses DLL Sideloading in Highly Targeted Attacks

A well-known initial access broker (IAB) called " Storm-0249 " has changed its operational strategies, using phishing campaigns as well...
Redazione RHC - 15 December 2025
VS Code Extensions Infected with Sophisticated Malware via Typosquatting Cybercrime

VS Code Extensions Infected with Sophisticated Malware via Typosquatting

A sophisticated malware campaign has been detected within the Visual Studio Code (VS Code) marketplace. Researchers at ReversingLabs (RL) have...
Redazione RHC - 15 December 2025
NVIDIA Merlin Security Update: Fixing High-Severity Vulnerabilities Cybercrime

NVIDIA Merlin Security Update: Fixing High-Severity Vulnerabilities

NVIDIA has released a significant security update for its Merlin framework, addressing several high-severity vulnerabilities. These vulnerabilities could allow attackers...
Redazione RHC - 15 December 2025
How Profanity Varies Across Social Media and Cultures Cybercrime

How Profanity Varies Across Social Media and Cultures

Americans are the most likely to swear on social media, but Australians are more creative in their use of the...
Redazione RHC - 15 December 2025
« Precedente   Successivo »

Hackers Compromise 120k IP Cameras for Pornographic Videos

- December 4th, 2025

South Korean police have reported the arrest of four individuals who, presumably independently, compromised over 120,000 IP cameras. According to investigators, at least two of them did so to steal...
Share on Facebook Share on LinkedIn Share on X

Microsoft Fixes Old Windows LNK Vulnerability Exploited in Attacks

- December 4th, 2025

Microsoft has quietly patched a long-standing Windows vulnerability that has been exploited in real-world attacks for several years. The update was released on November's Patch Tuesday, despite the company having...
Share on Facebook Share on LinkedIn Share on X

Critical React Server Vulnerability: Update Now to Prevent RCE Attacks

- December 4th, 2025

Developers and administrators around the world are urgently updating their servers following the discovery of a critical vulnerability in React Server, which allows attackers to remotely execute unauthenticated code with...
Share on Facebook Share on LinkedIn Share on X

Critical Vulnerability in King Addons for Elementor Exploited

- December 4th, 2025

During the registration process, a critical security flaw (CVE-2025-8489) in the King Addons WordPress Elementor plugin was exploited by attackers, allowing them to gain administrative privileges via a privilege escalation...
Share on Facebook Share on LinkedIn Share on X

Google Discover AI Headlines: Revolutionizing News Feed or Clickbait Nightmare?

- December 4th, 2025

Google is testing AI-generated headlines in its Discover feed, replacing original news headlines with original ones. Sean Hollister, editor-in-chief of The Verge, reported this , noting that short and often...
Share on Facebook Share on LinkedIn Share on X

Storm-0900 Phishing Campaign Spreads XWorm Malware

- December 4th, 2025

Over the holiday season, a coordinated attack was detected and blocked by Microsoft Threat Intelligence security analysts, involving tens of thousands of emails crafted to deceive recipients. The cybercriminal group...
Share on Facebook Share on LinkedIn Share on X

Windows 10 Still Running on 1 Billion PCs, Upgrade to Windows 11 Urged

- December 4th, 2025

Windows 10 has been officially retired, but it still runs on approximately one billion personal computers worldwide. A significant number of devices are technically ready to upgrade to Windows 11,...
Share on Facebook Share on LinkedIn Share on X

Secure AI Integration in OT Systems: Key Principles and Best Practices

- December 4th, 2025

Since ChatGPT's public release in November 2022, artificial intelligence (AI) has been integrated into many aspects of human society. For owners and operators of critical infrastructure, AI can be used...
Share on Facebook Share on LinkedIn Share on X

Aisuru Botnet Unleashes 29.7 Tbps DDoS Attack, Cloudflare Mitigates

- December 3rd, 2025

A botnet service called Aisuru offers an army of compromised IoT devices and routers to launch high-traffic DDoS attacks. In just three months, the massive Aisuru botnet launched more than...
Share on Facebook Share on LinkedIn Share on X

Critical Vulnerability in Iskra iHUB Devices Exposed

- December 3rd, 2025

A serious security vulnerability has been discovered in smart metering infrastructure, which could expose utility networks to remote takeover risks. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued...
Share on Facebook Share on LinkedIn Share on X

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Featured Articles

Immagine del sitoCybercrime
When Attack Discovery Becomes Automated, Detection Stops Scaling
Alexander Rogan - 08/01/2026

For much of the past two decades, cybersecurity has been built on a simple assumption: malicious activity can be detected, analysed, and responded to before meaningful damage occurs. This assumption shaped everything from SOC design…

Immagine del sitoCybercrime
CVE-2026-21858: n8n Vulnerability Exposes Thousands of Servers to RCE
Redazione RHC - 08/01/2026

The vulnerability, identified as CVE-2026-21858, which we recently reported on, affects approximately 100,000 servers worldwide, threatening to expose proprietary API keys, customer databases, and AI workflows. The vulnerability, with a CVSS score of 10, has…

Immagine del sitoCybercrime
Disable Windows 11 AI Features Easily with RemoveWindowsAI Tool
Redazione RHC - 07/01/2026

A new open-source script allows Windows 11 users to widely disable the operating system’s built-in artificial intelligence features . The project, developed by Zoicware , is called RemoveWindowsAI and aims to offer greater control over…

Immagine del sitoCybercrime
DevSecOps: Integrating Security into Your Development Process
Massimiliano Brolli - 07/01/2026

When it comes to application security, there’s rarely a single problem. It’s almost always a chain of small flaws, poor decisions, and missing controls that, when added together, pave the way for serious incidents. This…

Immagine del sitoCybercrime
WhatsApp Device Fingerprinting: New Measures Against Privacy Threats
Redazione RHC - 06/01/2026

WhatsApp, Meta’s messaging app with over 3 billion monthly active users, has begun introducing technical changes to mitigate several privacy vulnerabilities on user devices . The fixes, identified through independent research tools, were implemented without…