Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
320x100 Itcentric
Banner Desktop

Red Hot Cyber. The Cybersecurity Blog

Previous Next

Ultime news

OSINT Ethics and Legality: Navigating Open Source Intelligence

Open Source Intelligence (OSINT) has emerged in recent years as one of the most fascinating, yet most insidious, disciplines in...
Alexandro Irace - 17 December 2025

The Psychology of Passwords: Why Weak Passwords Persist

The psychology of passwords starts right here: trying to understand people before systems. Welcome to "The Mind Behind Passwords," the...
Simone D'Agostino - 17 December 2025

Russian Cyber Operations Shift to Targeting Western Critical Infrastructure

New details emerge from an Amazon Threat Intelligence report that highlight an alarming shift in Russian government-backed cyber operations. High-level...
Redazione RHC - 17 December 2025

Google Chrome Security Update Fixes Critical Vulnerabilities

A significant security update has been released by Google for the stable desktop channel, which addresses two very serious vulnerabilities...
Redazione RHC - 17 December 2025

Spiderman Phishing Kit Targets European Banks and Crypto Users

Varonis researchers have discovered a new PhaaS platform, called Spiderman, that targets users of European banks and cryptocurrency services. Attackers...
Redazione RHC - 17 December 2025

AI Smart Glasses for Police: Efficient Vehicle Checks in China

The Changsha traffic police have begun using AI-powered smart glasses in their daily patrols. This was confirmed by the city's...
Redazione RHC - 17 December 2025

The Future of Work: 4-Day Week with AI and Tech Advances

The prospect of a four-day workweek, with a resulting three-day long weekend, may not be far off. This is according to Christopher A. Pissarides , a British-Cypriot economist and Nobel...
Share on Facebook Share on LinkedIn Share on X

ARTEMIS Leads in AI-Powered Pentesting, Outperforming Human Experts

Stanford researchers and their colleagues conducted an unusual experiment: they compared the performance of ten professional specialists and a set of autonomous AI agents in a real-world corporate pentest. The...
Share on Facebook Share on LinkedIn Share on X

Apple Patches Critical WebKit Vulnerabilities in iOS Update

Following the discovery of two critical zero-day vulnerabilities in the WebKit browser engine, Apple has urgently released security updates for iPhone and iPad users. Both vulnerabilities reside in WebKit ,...
Share on Facebook Share on LinkedIn Share on X

Kali Linux 2025.4: Discover the Power of Wayland and Enhanced Security Tools

The recent 2025.4 release of Kali Linux has been made available to the public, introducing significant improvements to the GNOME, KDE, and Xfce desktop environments . From now on, Wayland...
Share on Facebook Share on LinkedIn Share on X

French Interior Ministry Hit by Cyberattack, Data Security at Risk

The French Ministry of the Interior's email servers were targeted by a cyberattack. The hacker managed to access "several files," but no "serious compromise" has been detected so far. The...
Share on Facebook Share on LinkedIn Share on X

IRS.GOV: alleged data breach affects the accounts of 18 million citizens

An alleged database containing sensitive information on 18 million U.S. citizens over 65 has appeared for sale on a popular dark web forum. The advertiser, who uses the pseudonym "Frenshyny,"...
Share on Facebook Share on LinkedIn Share on X

Amnesty International Launches .onion Site for Secure Access to Human Rights Info

Amnesty International has launched its own website, accessible via the .onion domain on the Tor network, offering a new secure channel for accessing the organization's information and research. The initiative,...
Share on Facebook Share on LinkedIn Share on X

NANOREMOTE Trojan Uses Google Drive for Command and Control

A new multifunctional Windows Trojan called NANOREMOTE uses a cloud file storage service as its command center , making the threat harder to detect and giving attackers a persistent channel...
Share on Facebook Share on LinkedIn Share on X

Microsoft Azure OAuth Attack: ConsentFix Malware Steals Accounts

A new scheme called " ConsentFix " expands the capabilities of the already known ClickFix social media attack and allows Microsoft accounts to be hijacked without a password or multi-factor...
Share on Facebook Share on LinkedIn Share on X

Linux Foundation Launches Agentic AI Foundation with Key Tech Players

The establishment of the Agentic AI Foundation (AAIF), a dedicated fund under the auspices of the Linux Foundation , was jointly announced by several leading companies in the field of...
Share on Facebook Share on LinkedIn Share on X

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Featured Articles

Immagine del sito
Critical MongoDB Vulnerability Exposed: CVE-2025-14847
Redazione RHC - 23/12/2025

A critical vulnerability has been identified in MongoDB, one of the most widely used NoSQL database platforms globally. This security flaw, tracked under CVE-2025-14847, allows attackers to extract sensitive data from server memory without requiring…

Immagine del sito
RansomHouse Ransomware Upgraded: Enhanced Encryption Threat
Redazione RHC - 22/12/2025

The group behind RansomHouse, one of the most notorious ransomware distribution services, has strengthened the technical capabilities of its attacks. According to experts, the cybercriminals have added an updated encryption tool to their arsenal ,…

Immagine del sito
Cyber Attacks on the Rise: Wiper Malware and Data Destruction in 2025
Redazione RHC - 22/12/2025

According to BI.ZONE, by 2025, attackers will increasingly opt for total destruction of corporate infrastructure rather than encryption . This refers to scenarios in which, after penetrating a network, attackers use wipers, destructive tools that…

Immagine del sito
MS13-089 Ransomware: Double Extortion Without Encryption
Inva Malaj - 22/12/2025

MS13-089 opens a leak site on the dark web, exposes the first data and adopts a double extortion strategy without encryption. A brand built on an old Microsoft ID For years, “MS13-089” identified a 2013…

Immagine del sito
Microsoft Shifts Activation Process: What It Means for Air-Gapped Systems
Redazione RHC - 22/12/2025

In the past, many users and system administrators have relied on Microsoft’s telephone activation service to manage installations in specific contexts. During the Windows 8 era, MAK ( Multiple Activation Key) licenses were widely available.…