Red Hot Cyber. The Cybersecurity Blog
Featured Articles
A new version, 8.8.9, of the popular text editor Notepad++, has been released by its developers, fixing a flaw in the automatic update system . This issue came to light after some users and investigat...
A recent study by SentinelLabs sheds new light on the roots of the hacker group known as “Salt Typhoon ,” which carried out one of the most audacious espionage operations of the past decade. First...
Shannon acts as a penetration tester who doesn’t just report vulnerabilities, but launches actual exploits. Shannon’s goal is to breach your web application’s security before anyone with malicio...
The scene is always the same: monitors lit, dashboards full of alerts, logs scrolling too quickly, an anxious customer on the other end of the call. You sit down, look around, and realize that, once a...
A well-known initial access broker (IAB) called ” Storm-0249 ” has changed its operational strategies, using phishing campaigns as well as highly targeted attacks, which exploit the very security ...
Hyundai subsidiary HAEA data breach: Sensitive information at risk
Malware is a ticking time bomb! The threat to Siemens S7 PLCs begins in 2027.
The Illicit Distribution of Intimate Images: A Threat to Women’s Freedom
Vault7 with a Chinese twist: China’s secret global surveillance system exposed
Whisper Leak: The New Side-Channel Attack That Steals Messages with LLMs
QNAP fixes 7 critical NAS bugs discovered at Pwn2Own Ireland 2025
Hyundai subsidiary HAEA data breach: Sensitive information at risk
Redazione RHC - November 9th, 2025
HAEA, a subsidiary of South Korean Hyundai Motor Group and headquartered in California, USA, provides customized IT solutions and services for the automotive industry, particularly to Hyundai and Kia subsidiaries....
Malware is a ticking time bomb! The threat to Siemens S7 PLCs begins in 2027.
Redazione RHC - November 9th, 2025
Researchers discovered several libraries in the public NuGet registry containing code that will be activated in 2027 and 2028. The infected packages target three popular .NET data storage engines (Microsoft...
The Illicit Distribution of Intimate Images: A Threat to Women’s Freedom
Paolo Galdieri - November 9th, 2025
This is the fourth in a series of articles analyzing gender-based violence in the digital context, in anticipation of November 25, the International Day for the Elimination of Violence against...
Vault7 with a Chinese twist: China’s secret global surveillance system exposed
Redazione RHC - November 9th, 2025
Only the flag changes, but the result is always the same. In 2017, WikiLeaks published Vault7 , a leak that exposed the CIA's arsenal: toolkits for penetrating smartphones, smart TVs,...
Whisper Leak: The New Side-Channel Attack That Steals Messages with LLMs
Redazione RHC - November 9th, 2025
Microsoft has announced a new side-channel attack on remote language models. It allows a passive attacker, capable of viewing encrypted network traffic, to use artificial intelligence to determine the topic...
QNAP fixes 7 critical NAS bugs discovered at Pwn2Own Ireland 2025
Redazione RHC - November 9th, 2025
QNAP has fixed seven critical zero-day vulnerabilities in its Network Attached Storage (NAS) operating systems after a group of researchers successfully exploited them at Pwn2Own Ireland 2025 , held in...
Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE