Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
Enterprise BusinessLog 320x200 1
LECS 970x120 1

Red Hot Cyber. The Cybersecurity Blog

Undertow Vulnerability CVE-2025-12543 Exposes Java Ecosystem to Critical Security Risks
Iran Protests Escalate as Reza Pahlavi Calls for Action Against Government
Veeam Backup Vulnerability: Critical RCE Flaw Discovered – Update Now
When Attack Discovery Becomes Automated, Detection Stops Scaling
CVE-2026-21858: n8n Vulnerability Exposes Thousands of Servers to RCE
Disable Windows 11 AI Features Easily with RemoveWindowsAI Tool
DevSecOps: Integrating Security into Your Development Process
WhatsApp Device Fingerprinting: New Measures Against Privacy Threats
PS5 BootROM Key Leaked, Sony’s Security Compromised
Windows 11 Performance Test: Surprising Results with Windows 8.1
Previous Next

Ultime news

Alibaba Qwen3Max Dominates AI Market with Rapid Growth Cybercrime

Alibaba Qwen3Max Dominates AI Market with Rapid Growth

On November 24, Alibaba announced Qwen3Max, which had been in public beta for a week , and had already surpassed...
Redazione RHC - 24 November 2025
Digital Surveillance at Work: The Rise of Algorithmic Monitoring Cybercrime

Digital Surveillance at Work: The Rise of Algorithmic Monitoring

Remote work has given employees freedom , but with it has also come digital surveillance . We discussed this some...
Redazione RHC - 24 November 2025
Windows Server Vulnerability Exploited: ShadowPad Malware Deployed Cybercrime

Windows Server Vulnerability Exploited: ShadowPad Malware Deployed

A recently patched vulnerability in Microsoft’s Windows Server update services has led to a series of attacks using one of...
Redazione RHC - 24 November 2025
Salesforce Data Breach: ShinyHunters Hack Gainsight Integration Cybercrime

Salesforce Data Breach: ShinyHunters Hack Gainsight Integration

The growing data leak from the Salesforce ecosystem has taken a new turn after the ShinyHunters group announced its involvement...
Redazione RHC - 24 November 2025
BadAudio Discovered: Ghost Malware Used by APT24 for Three Years Undetected Cybercrime

BadAudio Discovered: Ghost Malware Used by APT24 for Three Years Undetected

Researchers at the Google Threat Intelligence Group (GTIG) have uncovered details of an espionage campaign conducted by the Chinese group...
Redazione RHC - 24 November 2025
Satoshi Nakamoto’s Net Worth Drops 34% as Cryptocurrency Crash Cybercrime

Satoshi Nakamoto’s Net Worth Drops 34% as Cryptocurrency Crash

The net worth of Satoshi Nakamoto, the mysterious figure known as the founder of Bitcoin, has dropped 34% in the...
Redazione RHC - 24 November 2025
« Precedente   Successivo »

Drones at Brussels Airport and Military Bases: Security at Risk

- November 4th, 2025

On Tuesday evening, due to the presence of a drone in the airspace, air traffic controller Skeyes ordered the temporary suspension of flights departing and arriving at Brussels Airport from...
Share on Facebook Share on LinkedIn Share on X

Does Microsoft use macOS to create Windows wallpapers? Probably!

- November 4th, 2025

On October 29, Microsoft released a wallpaper to commemorate the eleventh anniversary of the Windows Insider program, and it is speculated that it was created using macOS. Let us remember...
Share on Facebook Share on LinkedIn Share on X

Louvre Theft: Windows 2000 and Windows XP on Networks, as Well as Simple Passwords

- November 4th, 2025

As we know, the thieves in the "theft of the century" entered through a second-floor window of the Louvre Museum, but the museum had other problems besides unprotected windows. Although...
Share on Facebook Share on LinkedIn Share on X

SesameOp: The Malware That Uses OpenAI Assistants for Command and Control

- November 4th, 2025

Microsoft has discovered a new malware, dubbed SesameOp , and published details of how it works . This backdoor was unusual: its creators used the OpenAI Assistants API as a...
Share on Facebook Share on LinkedIn Share on X

Chinese hackers target European diplomatic agencies (including Italy)

- November 4th, 2025

The China-linked hacker group UNC6384 ( also known as Mustang Panda ) is conducting a large-scale cyberespionage campaign targeting European diplomatic and government agencies. According to Arctic Wolf and StrikeReady...
Share on Facebook Share on LinkedIn Share on X

Eight 0-days worth $35 million sold to Russia by US insiders

- November 4th, 2025

Former US defense contractor CEO Peter Williams has pleaded guilty to selling " eight sensitive, protected cyber exploits" to Russian zero-day broker Operation Zero. Court documents and a TechCrunch investigation...
Share on Facebook Share on LinkedIn Share on X

Trump refuses to export Nvidia chips. China responds: “Don’t worry, we’ll do it ourselves.”

- November 4th, 2025

Reuters reported that Trump told reporters during a pre-recorded interview on CBS's "60 Minutes" and on Air Force One during the return flight: "We're not going to let any country...
Share on Facebook Share on LinkedIn Share on X

Goodbye, malware! In 2025, criminal hackers will use legitimate accounts to remain invisible.

- November 4th, 2025

A FortiGuard report for the first half of 2025 shows that financially motivated attackers are increasingly eschewing sophisticated exploits and malware. Instead , they are using valid accounts and legitimate...
Share on Facebook Share on LinkedIn Share on X

Cyberstalking Against Women: Analysis and Legal Implications

- November 4th, 2025

This is the third in a series of articles analyzing gender-based violence in the digital context, in anticipation of November 25th, the International Day for the Elimination of Violence against...
Share on Facebook Share on LinkedIn Share on X

WSUS security update has broken hotpatches on Windows Server 2025

- November 3rd, 2025

A breakthrough patch fixed a security flaw in the Windows Server Update Service (WSUS), but apparently caused hotpatching to stop working on certain Windows Server 2025 servers. Microsoft Hotpatch is...
Share on Facebook Share on LinkedIn Share on X

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Featured Articles

Immagine del sitoCybercrime
Undertow Vulnerability CVE-2025-12543 Exposes Java Ecosystem to Critical Security Risks
Redazione RHC - 09/01/2026

A flaw has been discovered in the foundation of the Java web ecosystem. Undertow , the high-performance web server that powers enterprise heavyweights like WildFly and JBoss EAP , has been hit by a critical…

Immagine del sitoCybercrime
Iran Protests Escalate as Reza Pahlavi Calls for Action Against Government
Redazione RHC - 09/01/2026

Iranian protesters chanted and marched through the streets until Friday morning, following a call from exiled former Prince Reza Pahlavi to demonstrate, despite the Iranian theocracy cutting off the country from the internet and international…

Immagine del sitoCybercrime
Veeam Backup Vulnerability: Critical RCE Flaw Discovered – Update Now
Redazione RHC - 08/01/2026

Backups are generally considered the last line of defense, but this week Veeam reminded us that backup systems themselves can become entry points for attacks. The company released security updates for Backup & Replication ,…

Immagine del sitoCybercrime
When Attack Discovery Becomes Automated, Detection Stops Scaling
Alexander Rogan - 08/01/2026

For much of the past two decades, cybersecurity has been built on a simple assumption: malicious activity can be detected, analysed, and responded to before meaningful damage occurs. This assumption shaped everything from SOC design…

Immagine del sitoCybercrime
CVE-2026-21858: n8n Vulnerability Exposes Thousands of Servers to RCE
Redazione RHC - 08/01/2026

The vulnerability, identified as CVE-2026-21858, which we recently reported on, affects approximately 100,000 servers worldwide, threatening to expose proprietary API keys, customer databases, and AI workflows. The vulnerability, with a CVSS score of 10, has…