Red Hot Cyber. The Cybersecurity Blog
Fox Kitten and Br0k3r: The Iranian Cyber Contractor Collaborating with Ransomware Gangs
We continue our series of articles on IABs by writing about an Iranian cyber contractor that not only works as an initial access broker but also provides support to ransomware gangs to fill their and their own pockets with money.
Shock in France: the gentlemen of BreachForums were twenty-year-old French citizens!
Shocking news in France: one of the largest global cybercrime networks dismantled. The BreachForum hackers were… French. French authorities have busted a large cybercrime operation, arresting five young French hackers responsible for running BreachForum, one of the world’s most active
Zero-Click Attack on Notepad++. HackerHood Tested the Exploit and It Really Works with Little
A dangerous vulnerability has been discovered in the latest version of the popular text editor Notepad++ that allows an attacker togain complete control over the system. The vulnerability has been identified as CVE-2025-49144 and affects version 8.8.1 of the installer, released on
22,000 Sites At Risk: New Motors WordPress Vulnerability Allows Total Hacking
Attackers are actively exploiting a critical privilege escalation vulnerability in the WordPress Motors theme, allowing them to hijack administrator accounts and take complete control of the target site. The malicious activity was discovered by Wordfence, which last month reported a critical vulnerability, the CVE-2025-4322,
Qilin & Associates Law Firm: Ransomware Hires Lawyers, Launches “Intimidation Package”
The developers of the Qilin ransomware (recently interviewed by us) offered their partners the help and advice of a team of lawyers, so that they could put pressure on the victims and force them to pay the ransom. The advertisement
Warning! WinRAR: Critical Vulnerability That Could Run Malware
Redazione RHC - June 26th, 2025
WinRAR developers have fixed a Directory Traversal vulnerability, which has been assigned the identifier CVE-2025-6218. Under certain circumstances, this bug allowed malware to be executed after the archive was extracted....
He died because of ransomware! Another victim joins the list
Redazione RHC - June 26th, 2025
This is not the first time that a cyber attack has resulted in the loss of human lives.We had already discussed it in the article "I deferichò per il ransomware....
A new fileless infostealer is being spread by Telegram and legitimate services
Redazione RHC - June 26th, 2025
TLP: AMBERAnalyst: Agostino Pellegrino, Crescenzo Cuoppolo, Alessio BandiniLast revision date: 2025-06-24 This forensic technical report documents the complete analysis of a multi-stage infostealer delivered via a Python fileless loader, identified...
Citrix: New Critical Vulnerability from 9.2 Affects NetScaler – Attacks Underway!
Redazione RHC - June 26th, 2025
Citrix has reported a new critical vulnerability in its NetScaler appliances, already actively exploited by attackers. The problem is identified with the identifier CVE-2025-6543 and affects the popular NetScaler ADC...
Sign up for the newsletter