Red Hot Cyber. The Cybersecurity Blog
Red Hot Cyber Conference 2026: Sponsorships Open for the Fifth Edition in Rome
The Red Hot Cyber Conference has become a regular event for the Red Hot Cyber community and for anyone working in or interested in the world of digital technologies and cybersecurity. The fifth editio...
Hexstrike AI unleashes chaos! Zero-days exploited in record time
The release of Hexstrike-AI marks a turning point in the cybersecurity landscape. The framework, billed as a next-generation tool for red teams and researchers, is capable of orchestrating over 150 sp...
LockBit 5.0: Signs of a New and Possible “Rebirth”?
LockBit represents one of the longest-running and most structured ransomware gangs of recent years, with a Ransomware-as-a-Service (RaaS) model that has profoundly impacted the criminal ecosystem. Fol...
The KING of DDoS! Cloudflare blocks a monstrous 11.5 terabit-per-second attack.
The record for the largest DDoS attack ever recorded in June 2025 has already been broken. Cloudflare said it recently blocked the largest DDoS attack in history, which peaked at 11.5 Tbps. “Cloudflar...
Palo Alto Networks Also Compromised via Salesforce and Drift
In early September 2025, Palo Alto Networks confirmed it had been the victim of a data breach. The compromise did not affect its core products or services, but rather some internally used Salesforce i...
Was there terror on Ursula von der Leyen’s flight? Let’s clear things up!
On August 31, 2025, flight AAB53G, operated by a Dassault Falcon 900LX registered OO-GPE and carrying European Commission President Ursula von der Leyen, took off from Warsaw and landed safely at Plov...
Zscaler Data Breach: Lessons Learned About the Evolution of SaaS Threats
Zscaler’s recent confirmation of a data breach resulting from a supply chain attack provides a case study in the evolution of threats against complex SaaS ecosystems. The attack, attributed to the APT...
Critical Linux Vulnerability: CVSS 8.5 Vulnerability Discovered in UDisks Daemon
A critical security flaw in the Linux UDisks daemon was recently discovered, allowing potential unprivileged attackers to access files belonging to highly privileged users. The vulnerability, classifi...
Let the hunt begin! Hackers exploit Citrix flaw to infiltrate global systems
A critical zero-day flaw, classified as CVE-2025-6543, has been discovered in Citrix NetScaler systems. This vulnerability has been actively exploited by malicious hackers since May 2025, several mont...
Phishing on Teams: at least the hacker responds faster than the real help desk!
In recent months, as previously reported on Red Hot Cyber, a new front has emerged in the corporate phishing landscape: Microsoft Teams attacks in which attackers impersonate IT or help desk personnel...
Featured Articles

The Red Hot Cyber Conference has become a regular event for the Red Hot Cyber community and for anyone working in or interested in the world of digital technologies and cybersecurity. The fifth editio...

The release of Hexstrike-AI marks a turning point in the cybersecurity landscape. The framework, billed as a next-generation tool for red teams and researchers, is capable of orchestrating over 150 sp...

LockBit represents one of the longest-running and most structured ransomware gangs of recent years, with a Ransomware-as-a-Service (RaaS) model that has profoundly impacted the criminal ecosystem. Fol...

The record for the largest DDoS attack ever recorded in June 2025 has already been broken. Cloudflare said it recently blocked the largest DDoS attack in history, which peaked at 11.5 Tbps. “Cloudfl...

In early September 2025, Palo Alto Networks confirmed it had been the victim of a data breach. The compromise did not affect its core products or services, but rather some internally used Salesforce i...
Transparency and Resilience: NIST Publishes Meta-Framework to Change Supply Chain Management
LilyGO T-Embed CC1101 and Bruce Firmware, the community makes studying Rolling Code possible
New AI-powered stethoscope now delivers cardiac diagnoses in 15 seconds
WhatsApp wins $167 million lawsuit against NSO and its Pegasus spyware
IBM and AMD Create New Architectures Between Quantum Computing and High-Performance Computing (HPC)
DarkMirror H1 2025 Released: Dark Lab’s Ransomware Threat Report

Zscaler Data Breach: Lessons Learned About the Evolution of SaaS Threats
Ada Spinelli - September 2nd, 2025
Zscaler's recent confirmation of a data breach resulting from a supply chain attack provides a case study in the evolution of threats against complex SaaS ecosystems. The attack, attributed to...

Zscaler Suffers Data Breach: Supply Chain Attack Via Salesloft Drift
Redazione RHC - September 2nd, 2025
A large-scale cyberattack has targeted security firm Zscaler, which has officially confirmed it was the victim of a supply chain breach. This attack exposed customer contact data due to compromised...

The new cybersecurity battlefield? Your brain!
Daniela Farina - September 2nd, 2025
Welcome to the first installment of our series, a three-week journey exploring the extraordinary dance between coevolution, cybersecurity, and the humanities, with a focus on coaching. Each week, we'll tackle...

Wikipedia under the US Congress’s scrutiny: when freedom of expression becomes “under special surveillance”
Sandro Sana - September 2nd, 2025
On August 27, 2025, the Wikimedia Foundation, which operates Wikipedia, received an official letter from the Committee on Oversight and Government Reform of the United States House of Representatives.The letter,...
Sign up for the newsletter