Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
Home
When Malware Hides in Videos! The PixelCode Technique Breaks the Rules-How a simple Visual Studio Code file can become a backdoor for state-run hackers-Khaby Lame is selling the rights to his digital identity for $900 million. But there’s reason to think.-Microsoft Teams will know where you are: your geographic location will be inferred from your Wi-Fi-CISA alert: Exploit underway against VMware vCenter. Risk of RCE without authentication.-When Malware Hides in Videos! The PixelCode Technique Breaks the Rules-How a simple Visual Studio Code file can become a backdoor for state-run hackers-Khaby Lame is selling the rights to his digital identity for $900 million. But there’s reason to think.-Microsoft Teams will know where you are: your geographic location will be inferred from your Wi-Fi-CISA alert: Exploit underway against VMware vCenter. Risk of RCE without authentication.
Crowdstrike 320×100
HackTheBox 970x120 1

Red Hot Cyber. The Cybersecurity Blog

When Malware Hides in Videos! The PixelCode Technique Breaks the Rules
How a simple Visual Studio Code file can become a backdoor for state-run hackers
Khaby Lame is selling the rights to his digital identity for $900 million. But there’s reason to think.
CISA alert: Exploit underway against VMware vCenter. Risk of RCE without authentication.
“I Stole 120,000 Bitcoins”: The Confession of the Bitfinex Hacker Who Now Wants to Defend Cyberspace
NoName057(16) hits Italy 487 times in the last 3 months: the DDoS wave does not stop
NexPhone: Three operating systems in your pocket! The phone that challenges the very concept of a PC.
BlueNoroff: The Hacker Group Revolutionizing Cybercrime
Nearly 2,000 bugs in 100 dating apps: How your data can be stolen
MacSync: The macOS malware that empties your wallet… after weeks
Previous Next

Ultime news

Livewire Vulnerability Exposed: 130k Apps at Risk of Remote Code Execution Vulnerability

Livewire Vulnerability Exposed: 130k Apps at Risk of Remote Code Execution

An in-depth security analysis of Livewire , an essential framework for developing dynamic interfaces in Laravel, has revealed a significant...
Agostino Pellegrino - 26 December 2025
Microsoft Boosts BitLocker with Hardware Acceleration for Enhanced Security Cyber News

Microsoft Boosts BitLocker with Hardware Acceleration for Enhanced Security

Over the years, Microsoft has strived to keep BitLocker's performance impact within reasonable limits, historically below double digits. The goal...
Redazione RHC - 25 December 2025
DriverFixer0428: macOS Credential Stealer Linked to North Korea Cyber News

DriverFixer0428: macOS Credential Stealer Linked to North Korea

A thorough static and dynamic analysis has led to the identification of a macOS malware called DriverFixer0428 , classified as...
Massimiliano Brolli - 25 December 2025
A $500 Tool Claims to Kill EDRs at Kernel Level: Inside the NtKiller Underground Ad Cyber News

A $500 Tool Claims to Kill EDRs at Kernel Level: Inside the NtKiller Underground Ad

An ad has surfaced on a closed underground forum frequented by malware operators and initial access brokers, attracting the attention...
Redazione RHC - 25 December 2025
Webrat Malware Targets Security Researchers with GitHub Exploit Traps Cyber News

Webrat Malware Targets Security Researchers with GitHub Exploit Traps

There's a specific moment, almost always at night, when curiosity overtakes caution. A newly opened repository, few stars but a...
Redazione RHC - 24 December 2025
Nezha Malware: Abusing Legitimate Tools for Remote Access Cyber News

Nezha Malware: Abusing Legitimate Tools for Remote Access

There comes a moment, often too late, when you realize the problem didn't come from forcing the door, but from...
Redazione RHC - 24 December 2025
« Precedente   Successivo »

Embracing Vulnerability for Authentic Leadership and Team Growth

We're connected, connected to everything, hyperconnected. Our professional and social lives are dictated by extremely tight deadlines and a constantly rising bar; we must push. We tacitly demand that we...

- December 9th, 2025

Share on Facebook Share on LinkedIn Share on X

CISA Warns: Avoid Personal VPNs for Secure Mobile Communications

In new mobile communications advisories, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a stern warning to smartphone owners : avoid using personal VPN services. The document, aimed...

- December 9th, 2025

Share on Facebook Share on LinkedIn Share on X

SAP Security Update Fixes Critical Code Injection Vulnerability in Solution Manager

SAP has just released its latest annual security update, which contains 14 new security bug fixes. Among them is a A critical “code injection” flaw in SAP Solution Manager poses...

- December 9th, 2025

Share on Facebook Share on LinkedIn Share on X

Passwordless Authentication: The Future of Secure Online Access

Using passwords to access online accounts is no longer as secure as it once was. In fact, passwords are now one of the most common vulnerabilities used by cybercriminals to...

- December 9th, 2025

Share on Facebook Share on LinkedIn Share on X

Critical PromptPwnd Vulnerability Exposes AI-Powered GitLab, GitHub Pipelines

A critical vulnerability, identified as "PromptPwnd," affects AI agents that are integrated into the GitLab CI/CD and GitHub Actions pipelines. Through this vulnerability, attackers are able to inject malicious commands...

- December 9th, 2025

Share on Facebook Share on LinkedIn Share on X

LLM-Powered Malware: The Future of Autonomous Cyber Threats

Researchers at Netskope Threat Labs have just published a new analysis on the possibility of creating autonomous malware built exclusively from Large Language Models (LLMs), eliminating the need to encode...

- December 9th, 2025

Share on Facebook Share on LinkedIn Share on X

Intellexa Exploits Zero-Day Vulnerabilities with Spyware

Despite significant geopolitical challenges, the mercenary spyware industry remains a resilient and persistent threat; in this context, the well-known vendor Intellexa continues to expand its arsenal. A recent report from...

- December 8th, 2025

Share on Facebook Share on LinkedIn Share on X

Malaysia Cracks Down on Bitcoin Mining Thefts

Thieves usually target tangible assets: cash or non-cash, jewelry, cars. But with cryptocurrencies, things are much stranger. Malaysian police are hunting down around 14,000 illegal Bitcoin mining companies that have...

- December 8th, 2025

Share on Facebook Share on LinkedIn Share on X

Australia Bans Social Media for Under 16s: What You Need to Know

Australia is soon to introduce groundbreaking legislation banning social media access for children under 16, an initiative that will set a precedent worldwide. A similar measure will soon be adopted...

- December 8th, 2025

Share on Facebook Share on LinkedIn Share on X

Palo Alto Networks VPN Vulnerability Exploited by Hackers

An increasingly aggressive campaign, directly targeting remote access infrastructure, has prompted threat actors to actively attempt to exploit vulnerabilities in Palo Alto Networks' GlobalProtect VPN portals . On December 5,...

- December 8th, 2025

Share on Facebook Share on LinkedIn Share on X

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Featured Articles

Immagine del sitoCyber News
When Malware Hides in Videos! The PixelCode Technique Breaks the Rules
Redazione RHC - 26/01/2026

PixelCode began as a research project exploring a hidden technique for storing binary data within images or videos . Instead of leaving a plaintext executable, the file is converted into pixel data, transforming each byte…

Immagine del sitoCyber News
How a simple Visual Studio Code file can become a backdoor for state-run hackers
Redazione RHC - 26/01/2026

Security researchers have recently observed a worrying evolution in the offensive tactics attributed to North Korean-linked actors as part of the campaign known as Contagious Interview : no longer simple fake job interview scams, but…

Immagine del sitoCyber News
Khaby Lame is selling the rights to his digital identity for $900 million. But there’s reason to think.
Redazione RHC - 26/01/2026

Khaby Lame, the world’s most followed Italian creator and now a global social media icon, has taken a step that could mark a turning point in the history of the digital economy. According to several…

Immagine del sitoCyber News
CISA alert: Exploit underway against VMware vCenter. Risk of RCE without authentication.
Redazione RHC - 25/01/2026

The critical vulnerability recently added to the Cybersecurity and Infrastructure Security Agency (CISA) catalog of known exploited vulnerabilities (KEVs) affects the Broadcom VMware vCenter Server and is being actively exploited by malicious hackers to breach…

Immagine del sitoCyber News
“I Stole 120,000 Bitcoins”: The Confession of the Bitfinex Hacker Who Now Wants to Defend Cyberspace
Agostino Pellegrino - 25/01/2026

The story ofIlya Lichtenstein, the hacker responsible for one of the largest cyber attacks ever carried out against cryptocurrencies, reads like an episode of a TV series, yet it is absolutely real. After being released,…