Red Hot Cyber. The Cybersecurity Blog
Featured Articles
A recent study by SentinelLabs sheds new light on the roots of the hacker group known as “Salt Typhoon ,” which carried out one of the most audacious espionage operations of the past decade. First...
Shannon acts as a penetration tester who doesn’t just report vulnerabilities, but launches actual exploits. Shannon’s goal is to breach your web application’s security before anyone with malicio...
The scene is always the same: monitors lit, dashboards full of alerts, logs scrolling too quickly, an anxious customer on the other end of the call. You sit down, look around, and realize that, once a...
A well-known initial access broker (IAB) called ” Storm-0249 ” has changed its operational strategies, using phishing campaigns as well as highly targeted attacks, which exploit the very security ...
A tool has been released that allows for the discreet monitoring of WhatsApp and Signal user activity using just a phone number. The tracking mechanism covers over three billion accounts and allows fo...
The Accident That Liberated Generative AI. An Analysis of the “Plane Crash” Prompt
OWASP Top 10 2025: New Web Application Threats, Supply Chain Top Three
The dark web isn’t selling your data. You’re the one putting it up for sale every day!
Attack Techniques: What is a Command and Control (C2) Server?
New Penetration Testing Methods: Adversary Emulation and the Importance of a Non-Technological Approach to Corporate Security
Cyber Incident Mitigation Guide: The First Steps
The Accident That Liberated Generative AI. An Analysis of the “Plane Crash” Prompt
Luca Vinciguerra - November 11th, 2025
A plane crashes in a snowy forest. Some of the passengers survive, others do not. The survivors are starving, desperate, and find refuge in a village cut off from the...
OWASP Top 10 2025: New Web Application Threats, Supply Chain Top Three
Redazione RHC - November 11th, 2025
After four years, OWASP has updated its TOP 10 list of the most dangerous web application risks, adding two new categories and revising the ranking structure. The organization has released...
The dark web isn’t selling your data. You’re the one putting it up for sale every day!
Stefano Gazzella - November 11th, 2025
Unfortunately, personal data is a highly attractive and valuable market for cybercriminals, for reasons that are not at all difficult to imagine . We're not just talking about scams or...
Attack Techniques: What is a Command and Control (C2) Server?
Redazione RHC - November 10th, 2025
Among the many strategies used by attackers, one of the most insidious is represented by Command and Control (C2) Servers. We often discuss them on the pages of RHC, but...
New Penetration Testing Methods: Adversary Emulation and the Importance of a Non-Technological Approach to Corporate Security
Sandro Sana - November 10th, 2025
In the ever-evolving digital world, cybersecurity threats are becoming increasingly sophisticated and pervasive. Companies in every industry face a growing challenge in protecting their sensitive data and customer information. In...
Cyber Incident Mitigation Guide: The First Steps
Ricardo Nardini - November 10th, 2025
By definition, a security incident occurs when a computer system, network, or the data contained within them is compromised, breached, or damaged by malicious or unauthorized activity. These incidents can...
Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE