Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
320×100
TM RedHotCyber 970x120 042543

Red Hot Cyber. The Cybersecurity Blog

OpenAI Hiring Chief Security Officer to Mitigate AI Risks
Apple Supply Chain Hit by Cyberattack: Sensitive Data at Risk
Browser-in-the-Browser Phishing Attack: How to Protect Yourself
Critical WebKit Vulnerability Exposes iOS Devices to Code Execution
Xspeeder Devices Hit by AI-Discovered Zero-Day Vulnerability CVE-2025-54322
Job Scams on Social Media: How to Avoid Fake Remote Job Offers
Cyber Criminals Recruit Insiders: Companies at Risk of Internal Threats
Villager Framework: AI-Powered Penetration Testing Tool
A $500 Tool Claims to Kill EDRs at Kernel Level: Inside the NtKiller Underground Ad
Webrat Malware Targets Security Researchers with GitHub Exploit Traps
Previous Next

Ultime news

San Francisco Power Outage Exposes Waymo Self-Driving Car Vulnerabilities Cybercrime

San Francisco Power Outage Exposes Waymo Self-Driving Car Vulnerabilities

A massive power outage in San Francisco has disrupted self-driving vehicle traffic. Waymo self-driving vehicles have been spotted on city...
Redazione RHC - 22 December 2025
Microsoft Shifts Activation Process: What It Means for Air-Gapped Systems Cybercrime

Microsoft Shifts Activation Process: What It Means for Air-Gapped Systems

In the past, many users and system administrators have relied on Microsoft's telephone activation service to manage installations in specific...
Redazione RHC - 22 December 2025
PuTTY Under Siege: Hackers Exploit Popular Client for SSH Attacks Cybercrime

PuTTY Under Siege: Hackers Exploit Popular Client for SSH Attacks

Hackers love to exploit the most innocuous tools to infiltrate their targets' networks, and we all know this. And in...
Redazione RHC - 22 December 2025
OAuth Device Code Phishing: New Attack Vector for Account Takeover Cybercrime

OAuth Device Code Phishing: New Attack Vector for Account Takeover

Cybercriminals are getting smarter and have found a new way to exploit corporate security protocols. It seems incredible, but it's...
Redazione RHC - 22 December 2025
DIG AI: The Dark Web’s New AI Tool for Cybercrime Cybercrime

DIG AI: The Dark Web’s New AI Tool for Cybercrime

A new AI tool has appeared on the dark web and quickly attracted the attention of security experts, and not...
Redazione RHC - 21 December 2025
TikTok Accused of Illegally Tracking Users’ Data Across Apps Cybercrime

TikTok Accused of Illegally Tracking Users’ Data Across Apps

The popular video app TikTok has found itself at the center of a new scandal over violations of European data...
Redazione RHC - 21 December 2025
« Precedente   Successivo »

CyberVolk Ransomware Flawed: Free File Recovery Possible

- December 17th, 2025

This isn't the first time criminal hackers make mistakes, and it won't be the last. The pro-Russian hacktivist group CyberVolk launched the RaaS service VolkLocker (also known as CyberVolk 2.x)....
Share on Facebook Share on LinkedIn Share on X

OSINT Ethics and Legality: Navigating Open Source Intelligence

- December 17th, 2025

Open Source Intelligence (OSINT) has emerged in recent years as one of the most fascinating, yet most insidious, disciplines in the information and security landscape. Its essence is remarkably simple:...
Share on Facebook Share on LinkedIn Share on X

The Psychology of Passwords: Why Weak Passwords Persist

- December 17th, 2025

The psychology of passwords starts right here: trying to understand people before systems. Welcome to "The Mind Behind Passwords," the column that looks at cybersecurity. From a different perspective: that...
Share on Facebook Share on LinkedIn Share on X

Russian Cyber Operations Shift to Targeting Western Critical Infrastructure

- December 17th, 2025

New details emerge from an Amazon Threat Intelligence report that highlight an alarming shift in Russian government-backed cyber operations. High-level 0-day exploits, often attributed to state-sponsored actors, have seen a...
Share on Facebook Share on LinkedIn Share on X

Google Chrome Security Update Fixes Critical Vulnerabilities

- December 17th, 2025

A significant security update has been released by Google for the stable desktop channel, which addresses two very serious vulnerabilities that could expose users to potential memory leak attacks. As...
Share on Facebook Share on LinkedIn Share on X

Spiderman Phishing Kit Targets European Banks and Crypto Users

- December 17th, 2025

Varonis researchers have discovered a new PhaaS platform, called Spiderman, that targets users of European banks and cryptocurrency services. Attackers use the service to create copies of legitimate websites to...
Share on Facebook Share on LinkedIn Share on X

AI Smart Glasses for Police: Efficient Vehicle Checks in China

- December 17th, 2025

The Changsha traffic police have begun using AI-powered smart glasses in their daily patrols. This was confirmed by the city's Public Security Bureau , which has already distributed the new...
Share on Facebook Share on LinkedIn Share on X

Notepad++ 8.8.9 Released: Fixing Critical Update Vulnerability

- December 16th, 2025

A new version, 8.8.9, of the popular text editor Notepad++, has been released by its developers, fixing a flaw in the automatic update system . This issue came to light...
Share on Facebook Share on LinkedIn Share on X

Salt Typhoon Hackers Exposed: Cisco Training Led to Global Telecom Breaches

- December 16th, 2025

A recent study by SentinelLabs sheds new light on the roots of the hacker group known as “Salt Typhoon ,” which carried out one of the most audacious espionage operations...
Share on Facebook Share on LinkedIn Share on X

Critical Red Hat OpenShift GitOps Vulnerability Exposed

- December 16th, 2025

A critical flaw has been discovered in Red Hat OpenShift GitOps, putting Kubernetes clusters at risk by allowing users with reduced permissions to gain full control of them. OpenShift GitOps...
Share on Facebook Share on LinkedIn Share on X

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Featured Articles

Immagine del sitoCybercrime
OpenAI Hiring Chief Security Officer to Mitigate AI Risks
Redazione RHC - 30/12/2025

OpenAI, the developer of ChatGPT, has announced the search for a new Chief Security Officer . The position, with an annual salary of $555,000, will be directly responsible for mitigating risks associated with artificial intelligence…

Immagine del sitoCybercrime
Apple Supply Chain Hit by Cyberattack: Sensitive Data at Risk
Redazione RHC - 30/12/2025

During the first half of December, a Chinese company assembling devices for Apple was hit by an advanced cyberattack that may have exposed sensitive information related to a production line. The incident was reported by…

Immagine del sitoCybercrime
Browser-in-the-Browser Phishing Attack: How to Protect Yourself
Manuel Roccon - 29/12/2025

This article analyzes a recent and sophisticated phishing campaign that uses the Browser-in-the-Browser (BitB) technique to steal credentials, particularly those from services like Microsoft 365. The BitB attack is notable for its ability to generate…

Immagine del sitoCybercrime
Critical WebKit Vulnerability Exposes iOS Devices to Code Execution
Redazione RHC - 29/12/2025

A new report details a critical vulnerability discovered by security researcher Joseph Goydish in Apple’s WebKit engine. This security flaw, if exploited in conjunction with other exploits, could allow attackers to execute arbitrary code on…

Immagine del sitoCybercrime
Xspeeder Devices Hit by AI-Discovered Zero-Day Vulnerability CVE-2025-54322
Redazione RHC - 29/12/2025

When it comes to cybersecurity, it’s easy to fall into the trap of thinking that problems are always far away, that they only affect others. But the reality is that a vulnerability is always around…