Contact
Red Hot Cyber

Cybersecurity, Cybercrime News and Vulnerability Analysis

Home
Crowdstriker 970×120
    Supply Chain Attack: How Notepad++ Was Compromised via CVE-2025-15556
    Manuel Roccon | Cybercrime | 04/02/2026

    In cybersecurity, we often focus on finding complex bugs in source code, ignoring the fact that end-user trust is built on a much simpler foundation: a download link. The Notepad++ incident, now class...

    Microsoft Office under attack: the bug needs to be patched to prevent Russian espionage.
    Bajram Zeqiri | Cyber News | 03/02/2026

    In recent days, APT28 , a well-known Russian-linked hacker group, has intensified its attacks by exploiting a vulnerability in Microsoft Office. The flaw, classified as CVE-2026-21509, was disclosed b...

    Goodbye to NTLM! Microsoft is moving towards a new era of authentication with Kerberos
    Silvia Felici | Cyber News | 01/02/2026

    For over three decades, it has been a silent pillar of the Windows ecosystem. Now, however, NTLM ‘s time seems definitively over. Microsoft has decided to initiate a profound transition that marks the...

    The world’s first humanoid robot store has opened in China. Will we be ready?
    Carolina Vivianti | innovation | 30/01/2026

    At ten o’clock in the morning, in Wuhan, two 1.3-meter-tall humanoid robots begin moving with precision. They turn, jump, and follow a rhythm. It’s the opening signal for the country’s first 7S humano...

    Douglas Engelbart was born today: the man who saw and invented the digital future.
    Massimiliano Brolli | Culture | 30/01/2026

    Sometimes, when you think about it, you wonder how we take the world around us for granted. Like, we click, scroll, type, and it all seems so natural, as if it’s always been there. But no, there was s...

    WhatsApp gets a makeover: “Paranoia” mode arrives (and no, it’s not for everyone).
    Silvia Felici | Cyber News | 29/01/2026

    WhatsApp has decided to toughen up. Not for everyone, not always, but when needed. The decision comes against a backdrop of a now-familiar climate: increasing cyber attacks, espionage that no longer m...

    Beware of “I am not a robot”: the malware trap that uses Google Calendar.
    Bajram Zeqiri | Cybercrime | 29/01/2026

    A new threat is lurking, exploiting our greatest weakness: habit. How many times, in fact, do you find yourself clicking on verification boxes without thinking twice? Now, it seems that malicious peop...

    A blow to the heart of cybercrime: RAMP taken offline. The “temple” of ransomware falls!
    Bajram Zeqiri | Cybercrime | 28/01/2026

    The RAMP (Russian Anonymous Marketplace) forum, one of the main hubs of the international cybercrime underground, has been officially shut down and seized by US law enforcement . The news emerged afte...

    Digital Autonomy: France Says Goodbye to Teams and Zoom by 2027
    Silvia Felici | Cyberpolitics | 28/01/2026

    This isn’t the first initiative to emerge on this front recently. Indeed, we’ve heard several of them, one after the other. And it’s almost inevitable: technological autonomy and national security are...

    And let the phishing begin! Microsoft is taking action against a zero-day exploit already exploited in Office
    Pietro Melillo | Cyber News | 27/01/2026

    Once again, Microsoft was forced to quickly fix some flaws. The company has released unscheduled patches for Microsoft Office, addressing a dangerous zero-day vulnerability that has already been explo...

    Precedente Successivo

    Latest news

    AI Alignment: Where Does AI Learn Right and Wrong? Culture

    AI Alignment: Where Does AI Learn Right and Wrong?

    The other day on LinkedIn, I found myself having a conversation with someone who was seriously interested in the topic...
    Sergio Corpettini - October 14, 2025
    Microsoft Patch Tuesday: 175 vulnerabilities fixed and two zero-days exploited Cyber News

    Microsoft Patch Tuesday: 175 vulnerabilities fixed and two zero-days exploited

    In its latest update, the tech giant fixed 175 vulnerabilities affecting its core products and underlying systems, including two actively...
    Agostino Pellegrino - October 14, 2025
    Microsoft warns about uncontrolled use of ‘shadow’ AI in the workplace Cyber News

    Microsoft warns about uncontrolled use of ‘shadow’ AI in the workplace

    While Microsoft actively promotes its Copilot tools for businesses, the company also warns of the dangers of uncontrolled use of...
    Luca Vinciguerra - October 14, 2025
    A PNG containing a Trojan. Astaroth persistently abuses GitHub. Vulnerability

    A PNG containing a Trojan. Astaroth persistently abuses GitHub.

    McAfee researchers have reported new activity by the Astaroth banking trojan , which has started using GitHub as a persistent...
    Agostino Pellegrino - October 14, 2025
    Internet Explorer is “dead,” but it continues to infect PCs with its bugs via Edge Cybercrime

    Internet Explorer is “dead,” but it continues to infect PCs with its bugs via Edge

    While Internet Explorer has officially been out of support since June 2022, Microsoft recently faced a threat that exploited Internet...
    Luca Galuppi - October 14, 2025
    Nanochat: Create your own LLM, train it, and get it running on your PC for $100 Cyber News

    Nanochat: Create your own LLM, train it, and get it running on your PC for $100

    Developer Andrej Karpathy has unveiled nanochat , a minimalist, fully open-source version of ChatGPT that can be trained and run...
    Redazione RHC - October 14, 2025
    « Previous   Next »

    Digital Decay: When the Promised Future Becomes a Cage

    For decades, we have celebrated digital as the promise of a more connected, efficient, and democratic future. But today, looking around, a subtle and disturbing question arises: What if we...

    - August 6th, 2025

    Share on Facebook Share on LinkedIn Share on X

    With ToolShell, you can access the Internet information Services (IIS) Machine keys.

    In an article published on August 5, 2025, on the ISC SANS blog by Bojan Zdrnja, it is possible to steal "machine keys" from IIS servers. The author explores the...

    - August 6th, 2025

    Share on Facebook Share on LinkedIn Share on X

    SonicWall in the crosshairs: possible 0-day vulnerability, users at risk

    Last Sunday, Red Hot Cyber published an in-depth analysis of the increased malicious activity of the AKIRA ransomware, which appears to exploit an undocumented 0-day vulnerability in SonicWall devices with...

    - August 5th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Critical Bugs on NVIDIA Triton Allow Attackers to Compromise and Steal AI Model

    Critical vulnerabilities have been discovered in NVIDIA's Triton Inference Server, threatening the security of AI infrastructure on Windows and Linux. The open-source solution is designed for large-scale deployment and maintenance...

    - August 5th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Everyone’s talking about GPT-5. No one’s seen it. But the memes are already everywhere.

    GPT-5 hasn't even appeared yet, and internet users have started creating all kinds of memes to complain. Indeed, the rumors about GPT-5 haven't stopped in recent days. First, some internet...

    - August 5th, 2025

    Share on Facebook Share on LinkedIn Share on X

    PoisonSeed: How Phishing Attacks Bypass FIDO with WebAuthn

    The authors of the PoisonSeedphishing campaign have found a way to bypass FIDO (in this case, FIDO2 with WebAuthn) using the cross-device authentication mechanism implemented in WebAuthn. The attackers convince...

    - August 5th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Apple Develops Its Own Artificial Intelligence Engine to Power Siri

    Apple is developing its own AI engine for answering questions, similar to ChatGPT, according to Bloomberg. The project is managed by a new internal team called Answers, Knowledge and Information...

    - August 5th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Proxy Trickster: The Amateur Hackers Group That Wants to Own Servers Worldwide

    Specialists at Solar 4RAYS of Solar Group have discovered a new hacker group, Proxy Trickster, dedicated to cryptocurrency mining and proxyjacking (interception of server control for conversion and sale). Over...

    - August 5th, 2025

    Share on Facebook Share on LinkedIn Share on X

    Companies Go Bankrupt Due to Ransomware! Einhaus Group Shuts Down, Serving as a Warning to Everyone

    We discussed this in an article on the topic some time ago written by Massimiliano Brolli. Today, cybersecurity is no longer an option or an ancillary value: it is a...

    - August 4th, 2025

    Share on Facebook Share on LinkedIn Share on X

    What are Rootkits? Discovering one of the most insidious threats

    Rootkits are one of the most insidious and complex cyber threats in the digital security landscape. The term "rootkit" comes from the combination of two words: "root," which in Unix...

    - August 3rd, 2025

    Share on Facebook Share on LinkedIn Share on X

    Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE