Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
Home
And let the phishing begin! Microsoft is taking action against a zero-day exploit already exploited in Office-ServiceNow Under Attack: How an Email Can Open the Doors to Your Business-Shocking Discovery on Instagram: Private Posts Accessible Without Login!-Email Security Under Pressure: Phishing Kits to Double in 2025-How a simple Visual Studio Code file can become a backdoor for state-run hackers-And let the phishing begin! Microsoft is taking action against a zero-day exploit already exploited in Office-ServiceNow Under Attack: How an Email Can Open the Doors to Your Business-Shocking Discovery on Instagram: Private Posts Accessible Without Login!-Email Security Under Pressure: Phishing Kits to Double in 2025-How a simple Visual Studio Code file can become a backdoor for state-run hackers
320x100 Itcentric
970x120 Olympous

Red Hot Cyber. The Cybersecurity Blog

    149 Million Accounts Exposed: The Database No One Should Have Seen
    Massimiliano Brolli | Cybercrime | 26/01/2026

    A recent leak revealed 149 million logins and passwords exposed online , including accounts for financial services, social media, gaming, and dating sites. The discovery was made by researcher Jeremia...

    When Malware Hides in Videos! The PixelCode Technique Breaks the Rules
    Marcello Filacchioni | Cybercrime | 26/01/2026

    PixelCode began as a research project exploring a hidden technique for storing binary data within images or videos . Instead of leaving a plaintext executable, the file is converted into pixel data, t...

    CISA alert: Exploit underway against VMware vCenter. Risk of RCE without authentication.
    Manuel Roccon | Cyber News | 25/01/2026

    The critical vulnerability recently added to the Cybersecurity and Infrastructure Security Agency (CISA) catalog of known exploited vulnerabilities (KEVs) affects the Broadcom VMware vCenter Server an...

    “I Stole 120,000 Bitcoins”: The Confession of the Bitfinex Hacker Who Now Wants to Defend Cyberspace
    Agostino Pellegrino | Cyber News | 25/01/2026

    The story ofIlya Lichtenstein, the hacker responsible for one of the largest cyber attacks ever carried out against cryptocurrencies, reads like an episode of a TV series, yet it is absolutely real. A...

    NoName057(16) hits Italy 487 times in the last 3 months: the DDoS wave does not stop
    Marcello Filacchioni | Cyber News | 24/01/2026

    Italy has confirmed itself as one of the main targets of the DDoS attack campaign carried out by the hacktivist group NoName057(16) . According to what was declared directly by the collective, our cou...

    Nearly 2,000 bugs in 100 dating apps: How your data can be stolen
    Agostino Pellegrino | Cyber News | 23/01/2026

    A study of 100 dating apps revealed a disturbing picture: nearly 2,000 vulnerabilities were detected, 17% of which were classified as critical. The analysis was conducted by AppSec Solutions. The stud...

    MacSync: The macOS malware that empties your wallet… after weeks
    Massimiliano Brolli | Cyber News | 23/01/2026

    A new malware campaign has emerged in the macOS world, one that relies not on sophisticated exploits, but on good old-fashioned social engineering. It’s powered by the MacSync malware, distributed usi...

    PurpleBravo’s Contagious Interview: Malware Campaign Targets Global Firms
    Sandro Sana | Cyber News | 22/01/2026

    For over a year, the North Korean group PurpleBravo has been running a targeted malware campaign called “Contagious Interview,” using fake job interviews to attack companies in Europe, Asia, the Middl...

    KONNI Malware Targets Crypto Developers with AI-Powered Attacks
    Stefano Gazzella | Cyber News | 22/01/2026

    Check Point Research recently discovered a sophisticated phishing campaign orchestrated by KONNI , a threat group linked to North Korea . Historically focused on diplomatic targets in South Korea, the...

    Cisco Zero-Day Vulnerability CVE-2026-20045 Actively Exploited
    Agostino Pellegrino | Vulnerability | 22/01/2026

    A critical zero-day remote code execution (RCE) vulnerability, identified as CVE-2026-20045, has been discovered by Cisco and is being actively exploited in active attacks. Cisco has urged immediate p...

    Precedente Successivo

    Ultime news

    China Bans Western Cybersecurity Software, Cites Security Fears Cyber News

    China Bans Western Cybersecurity Software, Cites Security Fears

    Chinese authorities have begun quietly eliminating Western solutions from corporate networks in the country. According to Reuters sources, Chinese companies...
    Agostino Pellegrino - 22 January 2026
    Vulnerabilities discovered in Foxit PDF Editor, Epic Games Store, and MedDream PACS Cyber News

    Vulnerabilities discovered in Foxit PDF Editor, Epic Games Store, and MedDream PACS

    Recently, the Cisco Talos vulnerability research and discovery team identified a number of vulnerabilities in various software. Specifically, three vulnerabilities...
    Massimiliano Brolli - 22 January 2026
    Larva-25012 Proxyjacking Campaign Targets South Korea with Notepad++ Malware Cyber News

    Larva-25012 Proxyjacking Campaign Targets South Korea with Notepad++ Malware

    A sophisticated proxyjacking campaign is targeting systems in South Korea, attributed to the actor Larva-25012 , which distributes proxyware disguised...
    Redazione RHC - 22 January 2026
    OpenAI API Logs Vulnerability Exposed: Data Exfiltration Risk Cyber News

    OpenAI API Logs Vulnerability Exposed: Data Exfiltration Risk

    Imagine your chatbot worked properly and didn't display a malicious response to the user. But a leak still occurred later,...
    Redazione RHC - 22 January 2026
    PurpleBravo’s Contagious Interview: Malware Campaign Targets Global Firms Cyber News

    PurpleBravo’s Contagious Interview: Malware Campaign Targets Global Firms

    For over a year, the North Korean group PurpleBravo has been running a targeted malware campaign called “Contagious Interview,” using...
    Sandro Sana - 22 January 2026
    KONNI Malware Targets Crypto Developers with AI-Powered Attacks Cyber News

    KONNI Malware Targets Crypto Developers with AI-Powered Attacks

    Check Point Research recently discovered a sophisticated phishing campaign orchestrated by KONNI , a threat group linked to North Korea...
    Stefano Gazzella - 22 January 2026
    « Precedente   Successivo »

    Elon Musk Sues OpenAI for $134 Billion Over AI Betrayal

    Elon Musk has filed a staggering $134 billion in damages in a malicious lawsuit against OpenAI and Microsoft. According to Bloomberg , the latest lawsuit accuses OpenAI of betraying its...

    - January 19th, 2026

    Share on Facebook Share on LinkedIn Share on X

    Net-NTLMv1 Exploitation: Rainbow Tables for Modern Attacks

    Mandiant has released a large set of rainbow tables dedicated to Net-NTLMv1 with the aim of concretely demonstrating how insecure this authentication protocol has become. Although Net-NTLMv1 has been deprecated...

    - January 18th, 2026

    Share on Facebook Share on LinkedIn Share on X

    Critical Vulnerability in Modular DS WordPress Plugin – Update Now

    A high-severity security vulnerability has been identified in the WordPress plugin "Modular DS (Modular Connector)," and numerous security reports suggest that this vulnerability is being exploited in real-world attacks. The...

    - January 18th, 2026

    Share on Facebook Share on LinkedIn Share on X

    Your paycheck is zero! Congratulations, someone answered the phone wrong

    No worker would accept their paycheck disappearing without explanation. It was precisely from a series of internal reports of this nature that an organization began investigating an apparently administrative anomaly,...

    - January 18th, 2026

    Share on Facebook Share on LinkedIn Share on X

    Two Ukrainians Suspected in Black Basta Ransomware Attacks

    When it comes to cybersecurity, it's not uncommon to come across news stories that seem straight out of a science fiction movie. Yet, the reality is even more surprising and...

    - January 17th, 2026

    Share on Facebook Share on LinkedIn Share on X

    From Zero-Day Exploits to Hidden Tunnels: How UAT-8837 Operates

    Since early 2025, Cisco Talos specialists have detected the activity of the UAT-8837 group, which they attribute to China based on techniques and infrastructure similar to other well-known operators in...

    - January 17th, 2026

    Share on Facebook Share on LinkedIn Share on X

    Gootloader Malware Returns with Enhanced Evasion Techniques

    After a long period of silence, the Gootloader downloader malware has returned to the forefront. Last November, the Huntress team detected a new campaign signaling the return of a developer...

    - January 17th, 2026

    Share on Facebook Share on LinkedIn Share on X

    US Considers Ramping Up Cyber Offensive Ops to Counter China Threats

    U.S. authorities are actively discussing the need to strengthen offensive cyber activities in the face of ongoing attacks on the country's critical infrastructure . During a hearing of the House...

    - January 17th, 2026

    Share on Facebook Share on LinkedIn Share on X

    French Police Cyberattack Exposed: Weak Passwords Led to Data Breach

    During a hearing in the French Senate, Interior Minister Laurent Nuñez detailed the details of the cyberattack that hit his ministry, immediately clarifying that some of the information remains covered...

    - January 17th, 2026

    Share on Facebook Share on LinkedIn Share on X

    Cisco Zero-Day Vulnerability Exploited: Secure Email Gateway Under Attack

    Cisco has confirmed that a critical zero-day security flaw, allowing remote code execution, is currently being actively exploited in its Secure Email Gateway and Secure Email and Web Manager devices....

    - January 16th, 2026

    Share on Facebook Share on LinkedIn Share on X

    Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

    Featured Articles

    Immagine del sitoCyber News
    And let the phishing begin! Microsoft is taking action against a zero-day exploit already exploited in Office
    Redazione RHC - 27/01/2026

    Once again, Microsoft was forced to quickly fix some flaws. The company has released unscheduled patches for Microsoft Office, addressing a dangerous zero-day vulnerability that has already been exploited in cyberattacks. The issue, identified as…

    Immagine del sitoCyber News
    ServiceNow Under Attack: How an Email Can Open the Doors to Your Business
    Redazione RHC - 27/01/2026

    The recent discovery of a vulnerability in ServiceNow’s AI platform has shaken the cybersecurity industry. This flaw, characterized by an extremely high severity score, allowed unauthenticated attackers to impersonate any corporate user. To launch the…

    Immagine del sitoCybercrime
    149 Million Accounts Exposed: The Database No One Should Have Seen
    Massimiliano Brolli - 26/01/2026

    A recent leak revealed 149 million logins and passwords exposed online , including accounts for financial services, social media, gaming, and dating sites. The discovery was made by researcher Jeremiah Fowler and shared with ExpressVPN.…

    Immagine del sitoCybercrime
    When Malware Hides in Videos! The PixelCode Technique Breaks the Rules
    Marcello Filacchioni - 26/01/2026

    PixelCode began as a research project exploring a hidden technique for storing binary data within images or videos . Instead of leaving a plaintext executable, the file is converted into pixel data, transforming each byte…

    Immagine del sitoCyber News
    How a simple Visual Studio Code file can become a backdoor for state-run hackers
    Redazione RHC - 26/01/2026

    Security researchers have recently observed a worrying evolution in the offensive tactics attributed to North Korean-linked actors as part of the campaign known as Contagious Interview : no longer simple fake job interview scams, but…