Red Hot Cyber. The Cybersecurity Blog
Featured Articles
The scene is always the same: monitors lit, dashboards full of alerts, logs scrolling too quickly, an anxious customer on the other end of the call. You sit down, look around, and realize that, once a...
A well-known initial access broker (IAB) called ” Storm-0249 ” has changed its operational strategies, using phishing campaigns as well as highly targeted attacks, which exploit the very security ...
A tool has been released that allows for the discreet monitoring of WhatsApp and Signal user activity using just a phone number. The tracking mechanism covers over three billion accounts and allows fo...
MITRE has released its ranking of the 25 most dangerous software vulnerabilities predicted for 2025, based on data collected through the National Vulnerability Database. These vulnerabilities were ide...
The prospect of a four-day workweek, with a resulting three-day long weekend, may not be far off. This is according to Christopher A. Pissarides , a British-Cypriot economist and Nobel Prize winner, w...
DeadLock Ransomware Exploits Baidu Antivirus Vulnerability for EDR Bypass
VPN Credentials on the Dark Web: A Growing Cybersecurity Threat
Uncovering Russia’s Cyber Operations: CISM’s Role in DDoS Attacks
Microsoft Outlook RCE Vulnerability: Update Now to Prevent Attacks
Google Chrome Urgent Update Fixes Zero-Day Vulnerability
EtherRAT Malware Exploits React2Shell Vulnerability with Ethereum C2
DeadLock Ransomware Exploits Baidu Antivirus Vulnerability for EDR Bypass
Redazione RHC - December 10th, 2025
Cisco Talos has identified a new ransomware campaign called DeadLock : attackers are exploiting a vulnerable Baidu antivirus driver (CVE-2024-51324) to disable EDR systems using the Bring Your Own Vulnerable...
VPN Credentials on the Dark Web: A Growing Cybersecurity Threat
Redazione RHC - December 10th, 2025
In the darkest corners of the internet, the trafficking of stolen data and unauthorized access continues to thrive. A recent post on a closed underground forum shows 896 FortiSSL VPN...
Uncovering Russia’s Cyber Operations: CISM’s Role in DDoS Attacks
Redazione RHC - December 10th, 2025
What we wrote in the article " Patriotic Code: from DDoSia and NoName057(16) to CISM, the algorithm that shapes youth for Putin " on Red Hot Cyber on July 23rd...
Microsoft Outlook RCE Vulnerability: Update Now to Prevent Attacks
Redazione RHC - December 10th, 2025
A critical remote code execution (RCE) vulnerability in Outlook has been patched by Microsoft, potentially allowing attackers to run malicious code on vulnerable systems. The vulnerability, tracked under CVE-2025-62562, stems...
Google Chrome Urgent Update Fixes Zero-Day Vulnerability
Redazione RHC - December 10th, 2025
An urgent update has been released by Google for the stable version of the Desktop browser, in order to address an extremely serious vulnerability that is currently being exploited. This...
EtherRAT Malware Exploits React2Shell Vulnerability with Ethereum C2
Redazione RHC - December 10th, 2025
Just two days after the critical React2Shell vulnerability was discovered, Sysdig researchers discovered a new malware, EtherRAT, in a compromised Next.js application. The malware uses Ethereum smart contracts for communication...
Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE