Contact
Red Hot Cyber

Cybersecurity, Cybercrime News and Vulnerability Analysis

Home
Cyber Offensive Fundamentals 970x120 V0.1
    Supply Chain Attack: How Notepad++ Was Compromised via CVE-2025-15556
    Manuel Roccon | Cybercrime | 04/02/2026

    In cybersecurity, we often focus on finding complex bugs in source code, ignoring the fact that end-user trust is built on a much simpler foundation: a download link. The Notepad++ incident, now class...

    Microsoft Office under attack: the bug needs to be patched to prevent Russian espionage.
    Bajram Zeqiri | Cyber News | 03/02/2026

    In recent days, APT28 , a well-known Russian-linked hacker group, has intensified its attacks by exploiting a vulnerability in Microsoft Office. The flaw, classified as CVE-2026-21509, was disclosed b...

    Goodbye to NTLM! Microsoft is moving towards a new era of authentication with Kerberos
    Silvia Felici | Cyber News | 01/02/2026

    For over three decades, it has been a silent pillar of the Windows ecosystem. Now, however, NTLM ‘s time seems definitively over. Microsoft has decided to initiate a profound transition that marks the...

    The world’s first humanoid robot store has opened in China. Will we be ready?
    Carolina Vivianti | innovation | 30/01/2026

    At ten o’clock in the morning, in Wuhan, two 1.3-meter-tall humanoid robots begin moving with precision. They turn, jump, and follow a rhythm. It’s the opening signal for the country’s first 7S humano...

    Douglas Engelbart was born today: the man who saw and invented the digital future.
    Massimiliano Brolli | Culture | 30/01/2026

    Sometimes, when you think about it, you wonder how we take the world around us for granted. Like, we click, scroll, type, and it all seems so natural, as if it’s always been there. But no, there was s...

    WhatsApp gets a makeover: “Paranoia” mode arrives (and no, it’s not for everyone).
    Silvia Felici | Cyber News | 29/01/2026

    WhatsApp has decided to toughen up. Not for everyone, not always, but when needed. The decision comes against a backdrop of a now-familiar climate: increasing cyber attacks, espionage that no longer m...

    Beware of “I am not a robot”: the malware trap that uses Google Calendar.
    Bajram Zeqiri | Cybercrime | 29/01/2026

    A new threat is lurking, exploiting our greatest weakness: habit. How many times, in fact, do you find yourself clicking on verification boxes without thinking twice? Now, it seems that malicious peop...

    A blow to the heart of cybercrime: RAMP taken offline. The “temple” of ransomware falls!
    Bajram Zeqiri | Cybercrime | 28/01/2026

    The RAMP (Russian Anonymous Marketplace) forum, one of the main hubs of the international cybercrime underground, has been officially shut down and seized by US law enforcement . The news emerged afte...

    Digital Autonomy: France Says Goodbye to Teams and Zoom by 2027
    Silvia Felici | Cyberpolitics | 28/01/2026

    This isn’t the first initiative to emerge on this front recently. Indeed, we’ve heard several of them, one after the other. And it’s almost inevitable: technological autonomy and national security are...

    And let the phishing begin! Microsoft is taking action against a zero-day exploit already exploited in Office
    Pietro Melillo | Cyber News | 27/01/2026

    Once again, Microsoft was forced to quickly fix some flaws. The company has released unscheduled patches for Microsoft Office, addressing a dangerous zero-day vulnerability that has already been explo...

    Precedente Successivo

    Latest news

    Airbus Eyes Sovereign Cloud to Mitigate US Data Risks Cyber News

    Airbus Eyes Sovereign Cloud to Mitigate US Data Risks

    In recent months, a question has been emerging with increasing insistence on European corporate boards: is the US cloud really...
    Redazione RHC - December 21, 2025
    North Korean Hackers Steal $2 Billion in Crypto, Targeting DeFi Sector Cyber News

    North Korean Hackers Steal $2 Billion in Crypto, Targeting DeFi Sector

    In 2025, North Korean hackers stole a record $2 billion in cryptocurrency , 51% more than the previous year. However,...
    Redazione RHC - December 21, 2025
    Kimwolf Botnet: The Rising Threat of DDoS Attacks on IoT Devices Cyber News

    Kimwolf Botnet: The Rising Threat of DDoS Attacks on IoT Devices

    A new and formidable enemy has emerged in the cyber threat landscape: Kimwolf, a fearsome DDoS botnet, is having a...
    Sandro Sana - December 20, 2025
    54 Arrested in $Multi-Million ATM Jackpotting Scheme Linked to Tren de Aragua Cyber News

    54 Arrested in $Multi-Million ATM Jackpotting Scheme Linked to Tren de Aragua

    A federal grand jury in the District of Nebraska has indicted a total of 54 people accused of participating in...
    Massimiliano Brolli - December 20, 2025
    WatchGuard Firewall Zero-Day Vulnerability CVE-2025-14733 Exploited Cyber News

    WatchGuard Firewall Zero-Day Vulnerability CVE-2025-14733 Exploited

    A critical zero-day vulnerability, identified as CVE-2025-14733, has left network administrators on their knees, forcing them into a race against...
    Pietro Melillo - December 19, 2025
    Linux Kernel CVE-2025-68260 Vulnerability Fixed: Rust Code at Risk Cyber News

    Linux Kernel CVE-2025-68260 Vulnerability Fixed: Rust Code at Risk

    The world of technology is a veritable battlefield, where coding geniuses challenge malicious attackers every day with exploits and security...
    Silvia Felici - December 19, 2025
    « Previous   Next »

    Digital Surveillance at Work: The Rise of Algorithmic Monitoring

    Remote work has given employees freedom , but with it has also come digital surveillance . We discussed this some time ago in an article, reporting that these monitoring tools...

    - November 24th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Salesforce Data Breach: ShinyHunters Hack Gainsight Integration

    The growing data leak from the Salesforce ecosystem has taken a new turn after the ShinyHunters group announced its involvement in the incident. The incident has been ongoing for several...

    - November 24th, 2025

    Share on Facebook Share on LinkedIn Share on X

    BadAudio Discovered: Ghost Malware Used by APT24 for Three Years Undetected

    Researchers at the Google Threat Intelligence Group (GTIG) have uncovered details of an espionage campaign conducted by the Chinese group APT24. This activity has been ongoing for approximately three years,...

    - November 24th, 2025

    Share on Facebook Share on LinkedIn Share on X

    From Risk to Resilience: How Veeam Protects Your Supply Chain from Disruptions

    With the increasing digitalization of the supply chain , resilience is no longer just about logistics and suppliers, but also the security and visibility of IT systems. Disruptions are no...

    - November 24th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Future prospects for computer science and technology graduates

    Artificial intelligence is changing the way recent computer science graduates approach the world of work. It's not about sudden job disappearances , but rather a transformation of entry-level roles in...

    - November 23rd, 2025

    Share on Facebook Share on LinkedIn Share on X

    ATMs targeted! Cybersecurity experts reveal an attack campaign targeting ATMs.

    Group-IB experts presented a detailed analysis of the long-running UNC2891 campaign, which demonstrated the continuing sophistication of ATM attack schemes. Attention focused on the Raspberry Pi, which the attackers used...

    - November 23rd, 2025

    Share on Facebook Share on LinkedIn Share on X

    CrowdStrike Insider Fired for Providing Sensitive Data to Criminal Hackers

    In recent months, the insider problem has become increasingly important for large companies , and one recent episode involved CrowdStrike. The cybersecurity firm has in fact removed an employee believed...

    - November 22nd, 2025

    Share on Facebook Share on LinkedIn Share on X

    Sneaky2FA: The phishing scam that steals credentials with browser-in-the-browser attacks

    Push Security specialists have noticed that the Sneaky2FA phishing platform now supports browser-in-the-browser attacks, which allow the creation of fake login windows and the theft of credentials and sessions. Sneaky2FA...

    - November 22nd, 2025

    Share on Facebook Share on LinkedIn Share on X

    TamperedChef: Malware via Fake App Installers

    The large-scale TamperedChef campaign is once again attracting the attention of specialists, as attackers continue to distribute malware via fake installers of popular applications. This scam, disguised as legitimate software,...

    - November 21st, 2025

    Share on Facebook Share on LinkedIn Share on X

    Critical Vulnerability in Azure Bastion Scores 10! When RDP and SSH in the Cloud Are Checkmated

    An authentication bypass vulnerability has been discovered in Azure Bastion , Microsoft's managed service that enables secure RDP and SSH connections to virtual machines in Azure without directly exposing them...

    - November 21st, 2025

    Share on Facebook Share on LinkedIn Share on X

    Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE