Contact
Red Hot Cyber

Cybersecurity, Cybercrime News and Vulnerability Analysis

Home
Banner Desktop
    Supply Chain Attack: How Notepad++ Was Compromised via CVE-2025-15556
    Manuel Roccon | Cybercrime | 04/02/2026

    In cybersecurity, we often focus on finding complex bugs in source code, ignoring the fact that end-user trust is built on a much simpler foundation: a download link. The Notepad++ incident, now class...

    Microsoft Office under attack: the bug needs to be patched to prevent Russian espionage.
    Bajram Zeqiri | Cyber News | 03/02/2026

    In recent days, APT28 , a well-known Russian-linked hacker group, has intensified its attacks by exploiting a vulnerability in Microsoft Office. The flaw, classified as CVE-2026-21509, was disclosed b...

    Goodbye to NTLM! Microsoft is moving towards a new era of authentication with Kerberos
    Silvia Felici | Cyber News | 01/02/2026

    For over three decades, it has been a silent pillar of the Windows ecosystem. Now, however, NTLM ‘s time seems definitively over. Microsoft has decided to initiate a profound transition that marks the...

    The world’s first humanoid robot store has opened in China. Will we be ready?
    Carolina Vivianti | innovation | 30/01/2026

    At ten o’clock in the morning, in Wuhan, two 1.3-meter-tall humanoid robots begin moving with precision. They turn, jump, and follow a rhythm. It’s the opening signal for the country’s first 7S humano...

    Douglas Engelbart was born today: the man who saw and invented the digital future.
    Massimiliano Brolli | Culture | 30/01/2026

    Sometimes, when you think about it, you wonder how we take the world around us for granted. Like, we click, scroll, type, and it all seems so natural, as if it’s always been there. But no, there was s...

    WhatsApp gets a makeover: “Paranoia” mode arrives (and no, it’s not for everyone).
    Silvia Felici | Cyber News | 29/01/2026

    WhatsApp has decided to toughen up. Not for everyone, not always, but when needed. The decision comes against a backdrop of a now-familiar climate: increasing cyber attacks, espionage that no longer m...

    Beware of “I am not a robot”: the malware trap that uses Google Calendar.
    Bajram Zeqiri | Cybercrime | 29/01/2026

    A new threat is lurking, exploiting our greatest weakness: habit. How many times, in fact, do you find yourself clicking on verification boxes without thinking twice? Now, it seems that malicious peop...

    A blow to the heart of cybercrime: RAMP taken offline. The “temple” of ransomware falls!
    Bajram Zeqiri | Cybercrime | 28/01/2026

    The RAMP (Russian Anonymous Marketplace) forum, one of the main hubs of the international cybercrime underground, has been officially shut down and seized by US law enforcement . The news emerged afte...

    Digital Autonomy: France Says Goodbye to Teams and Zoom by 2027
    Silvia Felici | Cyberpolitics | 28/01/2026

    This isn’t the first initiative to emerge on this front recently. Indeed, we’ve heard several of them, one after the other. And it’s almost inevitable: technological autonomy and national security are...

    And let the phishing begin! Microsoft is taking action against a zero-day exploit already exploited in Office
    Pietro Melillo | Cyber News | 27/01/2026

    Once again, Microsoft was forced to quickly fix some flaws. The company has released unscheduled patches for Microsoft Office, addressing a dangerous zero-day vulnerability that has already been explo...

    Precedente Successivo

    Latest news

    Highly advanced, adaptive malware uses AI to confuse security defenses Cyber News

    Highly advanced, adaptive malware uses AI to confuse security defenses

    Based on a recent analysis by the Google Threat Intelligence Group (GTIG), a shift has been identified among threat actors...
    Massimiliano Brolli - November 7, 2025
    An AI extension for VS Code turns your PC into a digital hostage Cybercrime

    An AI extension for VS Code turns your PC into a digital hostage

    Secure Annex researchers found a malicious extension in the Visual Studio Code Marketplace extension catalog for VS Code that features...
    Redazione RHC - November 7, 2025
    The Louvre’s security myth crumbles! Between audits, ridiculous passwords, and outdated cameras. Cyber News

    The Louvre’s security myth crumbles! Between audits, ridiculous passwords, and outdated cameras.

    The recent theft at the Louvre Museum, located in the heart of Paris, has shocked not only the art world...
    Pietro Melillo - November 7, 2025
    Double-dealing: employees of a company that resolved ransomware attacks were launching them themselves Cyber News

    Double-dealing: employees of a company that resolved ransomware attacks were launching them themselves

    Three former DigitalMint employees, who investigated ransomware incidents and negotiated with ransomware groups, are accused of hacking into the networks...
    Redazione RHC - November 7, 2025
    Cybersecurity is democratic: the same virus hits multinationals and housewives Cybercrime

    Cybersecurity is democratic: the same virus hits multinationals and housewives

    The same malware that yesterday blocked the servers of a major bank today encrypts Mrs. Pina's photos on her home...
    Fabrizio Saviano - November 7, 2025
    Microsoft apologizes to 3 million Australian users for unfair business practices Cyber News

    Microsoft apologizes to 3 million Australian users for unfair business practices

    Microsoft has apologised to nearly 3 million Australian users and offered them refunds for subscriptions to its new, more expensive...
    Redazione RHC - November 6, 2025
    « Previous   Next »

    Critical vulnerability in Microsoft Login ID: risk of total takeover

    Microsoft has closed a critical bug that could have severely compromised its cloud environments: Dutch researcher Dirk-Jan Mollema discovered two interconnected flaws in the Entra ID (formerly Azure Active Directory)...

    - September 19th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Qilin Ransomware Strikes Deep into South Korean Finance

    Imagine waking up one morning and discovering that your sensitive financial data—contracts, customer lists, investment strategies—is exposed on a hidden site on the dark web, with a timer threatening to...

    - September 19th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Ready for AI-powered Notepad? Coming soon to Windows 11 with PC Copilot+!

    Windows 11 users with PC Copilot+ will be able to take advantage of advanced artificial intelligence features, now an integral part of the Notepad application, thanks to an update that...

    - September 19th, 2025

    Share on Facebook Share on LinkedIn Share on X

    ShadowLeak Arrives: A 0-Click Bug in ChatGPT Leads to Sensitive Data Exfiltration

    A new threat is beginning to emerge in the IT world: the world of artificial intelligence agents. ShadowLeak is a recently discovered clickless indirect prompt injection (IPI) vulnerability that occurs...

    - September 19th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Generative Artificial Intelligence: Explosive Growth and Security Challenges

    By Umberto Pirovano, Senior Manager Technical Solutions at Palo Alto Networks Generative Artificial Intelligence (GenAI) is redefining the technology and business landscape at an astonishing rate. According to Palo Alto...

    - September 19th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Supply Chain Wormable? NPM Packages with Self-Propagating Malware Arrive

    Security researchers have discovered the compromise of over 180 npm packages, infected with a self-propagating malware designed to infect other packages. The campaign, dubbed Shai-Hulud, likely began with the hack...

    - September 18th, 2025

    Share on Facebook Share on LinkedIn Share on X

    The KING of RaidForums remains in limbo. The battle between the US and Portugal over his extradition continues.

    The High Court in London has overturned the decision to extradite Portuguese citizen Diogo Santos Coelho to the United States. The young man, known by the pseudonym Omnipotent, was the...

    - September 18th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Google Chrome: Urgent patch for exploited 0day. Critical vulnerabilities fixed.

    Google has taken immediate security action for Chrome browser users globally, targeting four critical vulnerabilities, one of which, a zero-day vulnerability, is currently being actively exploited. Users are therefore urged...

    - September 18th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Phishing with style! Cybercriminals attach superhero GIFs to malware.

    F6 analysts have published a study on a new phishing campaign active from spring 2025. The group, dubbed ComicForm, sent emails containing malicious attachments to Russian, Belarusian, and Kazakh companies...

    - September 18th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Will this latest article “against” ChatControl be absolutely useless?

    We had already discussed the proposed "ChatControl" regulation almost two years ago, but given the roadmap currently underway, we find ourselves embarrassed to have to discuss it again. It feels...

    - September 18th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE