Red Hot Cyber, The cybersecurity news

Red Hot Cyber

Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Select language
Spanish Italian
Search

Red Hot Cyber. The Cybersecurity Blog

Palo Alto Networks Also Compromised via Salesforce and Drift

In early September 2025, Palo Alto Networks confirmed it had been the victim of a data breach. The compromise did not affect its core products or services, but rather some internally used Salesforce i...

Was there terror on Ursula von der Leyen’s flight? Let’s clear things up!

On August 31, 2025, flight AAB53G, operated by a Dassault Falcon 900LX registered OO-GPE and carrying European Commission President Ursula von der Leyen, took off from Warsaw and landed safely at Plov...

Zscaler Data Breach: Lessons Learned About the Evolution of SaaS Threats

Zscaler’s recent confirmation of a data breach resulting from a supply chain attack provides a case study in the evolution of threats against complex SaaS ecosystems. The attack, attributed to the APT...

Critical Linux Vulnerability: CVSS 8.5 Vulnerability Discovered in UDisks Daemon

A critical security flaw in the Linux UDisks daemon was recently discovered, allowing potential unprivileged attackers to access files belonging to highly privileged users. The vulnerability, classifi...

Let the hunt begin! Hackers exploit Citrix flaw to infiltrate global systems

A critical zero-day flaw, classified as CVE-2025-6543, has been discovered in Citrix NetScaler systems. This vulnerability has been actively exploited by malicious hackers since May 2025, several mont...

Phishing on Teams: at least the hacker responds faster than the real help desk!

In recent months, as previously reported on Red Hot Cyber, a new front has emerged in the corporate phishing landscape: Microsoft Teams attacks in which attackers impersonate IT or help desk personnel...

Critical vulnerabilities in NetScaler ADC and Gateway. Update now! Attacks are ongoing!

NetScaler has alerted administrators of three new vulnerabilities in NetScaler ADC and NetScaler Gateway, one of which is already being used in active attacks. Updates are available and the vendor urg...

Storm-0501: When Ransomware Moves to the Cloud

Microsoft is raising the alarm: the Storm-0501 cybercriminal group has evolved. No more “traditional” attacks on on-premise machines, no more ransomware that encrypts local files. Now the threat is mo...

Microsoft Teams crashes: Embedded Office documents blocked from opening

A Black Thursday for millions of Microsoft Teams users around the world. A key feature of the collaboration platform – opening embedded Office documents – has suddenly been knocked out, sparking frust...

Happy birthday Windows 95: the system that changed PCs forever!

August 24, 2025, marked the 30th anniversary of the launch of Windows 95, Microsoft’s first mass-market 32-bit consumer operating system, which significantly revolutionized the world of personal compu...

Previous Next

Featured Articles

Palo Alto Networks Also Compromised via Salesforce and Drift
Di Antonio Piazzolla - 02/09/2025

In early September 2025, Palo Alto Networks confirmed it had been the victim of a data breach. The compromise did not affect its core products or services, but rather some internally used Salesforce i...

Was there terror on Ursula von der Leyen’s flight? Let’s clear things up!
Di Giovanni Pollola - 02/09/2025

On August 31, 2025, flight AAB53G, operated by a Dassault Falcon 900LX registered OO-GPE and carrying European Commission President Ursula von der Leyen, took off from Warsaw and landed safely at Plov...

Zscaler Data Breach: Lessons Learned About the Evolution of SaaS Threats
Di Ada Spinelli - 02/09/2025

Zscaler’s recent confirmation of a data breach resulting from a supply chain attack provides a case study in the evolution of threats against complex SaaS ecosystems. The attack, attributed to the A...

Critical Linux Vulnerability: CVSS 8.5 Vulnerability Discovered in UDisks Daemon
Di Redazione RHC - 01/09/2025

A critical security flaw in the Linux UDisks daemon was recently discovered, allowing potential unprivileged attackers to access files belonging to highly privileged users. The vulnerability, classifi...

Let the hunt begin! Hackers exploit Citrix flaw to infiltrate global systems
Di Redazione RHC - 30/08/2025

A critical zero-day flaw, classified as CVE-2025-6543, has been discovered in Citrix NetScaler systems. This vulnerability has been actively exploited by malicious hackers since May 2025, several mont...

QNAP releases security patches for critical vulnerabilities in VioStor NVR systems.
Cybercrime and Darknet

QNAP releases security patches for critical vulnerabilities in VioStor NVR systems.

QNAP Systems has released security updates to address several vulnerabilities in the QVR firmware of its VioStor Network Video Recorder (NVR) systems....
Redazione RHC - 01/09/2025 - 21:38
Computer engineer found dead on Microsoft campus in Mountain View
Cybercrime and Darknet

Computer engineer found dead on Microsoft campus in Mountain View

An Indian-born software engineer employed by Microsoft Corp. has been found dead on the company's campus in Mountain View, California. The 35-year-old...
Redazione RHC - 01/09/2025 - 21:00
Living-off-the-Land 2.0: When Attackers Weaponize Security Tools
Cybercrime and Darknet

Living-off-the-Land 2.0: When Attackers Weaponize Security Tools

Sophos has warned of an increasingly sophisticated attacker practice: the use of legitimate cybersecurity tools as part of a Living-off-the-Land (LotL...
Redazione RHC - 01/09/2025 - 17:23
What a hacker attack! Ursula von der Leyen’s plane was the victim of an electronic warfare attack (EW)
Cybercrime and Darknet

What a hacker attack! Ursula von der Leyen’s plane was the victim of an electronic warfare attack (EW)

A disturbing episode of electronic warfare (EW) directly involved the President of the European Commission, Ursula von der Leyen. On approach to Plovd...
Redazione RHC - 01/09/2025 - 15:36
BruteForceAI: When AI Learns to Hack Logins Better Than a Human Hacker
Cybercrime and Darknet

BruteForceAI: When AI Learns to Hack Logins Better Than a Human Hacker

BruteForceAI is a new penetration testing framework that combines artificial intelligence and automation to take brute-force to the next level. Develo...
Redazione RHC - 01/09/2025 - 15:00
Critical Linux Vulnerability: CVSS 8.5 Vulnerability Discovered in UDisks Daemon
Cybercrime and Darknet

Critical Linux Vulnerability: CVSS 8.5 Vulnerability Discovered in UDisks Daemon

A critical security flaw in the Linux UDisks daemon was recently discovered, allowing potential unprivileged attackers to access files belonging to hi...
Redazione RHC - 01/09/2025 - 13:50
1 2 3 4 5 6 122

The new cybersecurity battlefield? Your brain!

- September 2nd, 2025

Welcome to the first installment of our series, a three-week journey exploring the extraordinary dance between coevolution, cybersecurity, and the humanities, with a focus on coaching. Each week, we'll tackle...

  

Wikipedia under the US Congress’s scrutiny: when freedom of expression becomes “under special surveillance”

- September 2nd, 2025

On August 27, 2025, the Wikimedia Foundation, which operates Wikipedia, received an official letter from the Committee on Oversight and Government Reform of the United States House of Representatives.The letter,...

  

From AI chatbots to global data theft: The Drift flaw rocks Google Workspace.

- September 2nd, 2025

Last week, it emerged that criminal hackers had compromised the sales automation platform Salesloft and stolen OAuth and update tokens from customers in its AI agent Drift, designed to integrate...

  

Confidentiality vs. Privacy: The Concept Everyone Confuses (and Why It’s Dangerous)

- September 2nd, 2025

Every day we hear about privacy in every aspect of our lives, so much so that the term has entered common parlance. But what does it really mean? What happens...

  

Sign up for the newsletter