Red Hot Cyber. The Cybersecurity Blog
SharePoint and CrowdStrike: Two Faces of the Same Digital Fragility
In recent days, the global digital landscape has been rocked by a cybersecurity bug that affected on-premise Microsoft SharePoint servers, exposing thousands of organizations to cyber attacks. This ev...
ToolShell: Microsoft SharePoint Zero-Day Vulnerability Has Been Under Attack Since Early July
According to cybersecurity experts, several Chinese hacker groups are exploiting a series of zero-day vulnerabilities in Microsoft SharePoint in their attacks. In particular, it emerged that attackers...
Red Hot Cyber Conference 2026. The fifth edition in Rome on Monday, May 18th and Tuesday, May 19th.
The Red Hot Cyber Conference is back! After the great success of the third and fourth editions, the free annual event created by the RHC community is back! An event designed to bring young people clos...
Patriotic Code: From DDoSia and NoName057(16) to CISM, the algorithm that shapes youth for Putin
In February 2025 we had already observed the functioning of DDoSIA, the crowd-hacking system promoted by NoName057(16): a client distributed via Telegram, DDoS attacks against European targets, reward...
Artificial Intelligence: History, Technology, Ethics, Regulations, and the Future
Artificial intelligence (AI) is software that can generate output (i.e., content, predictions, decisions, recommendations) capable of interacting with the environment and according to human objectives...
What are penetration tests, why are they done, who performs them, and the benefits for organizations.
Penetration testing is an increasingly widespread practice in the field of cybersecurity. It is a real simulation of a cyber attack, conducted by a team of security experts, in order to identify and a...
What is Identity and Access Management (IAM)? Let’s find out how to protect your online identities.
How does a large organization with millions of user credentials circulating between production servers, web applications, mobile apps, and workstations, connecting to countless profiles, keep proper r...
Sophos fixes five vulnerabilities in Sophos Firewall, two of which are rated critical
Sophos recently announced the fixes for five independent security vulnerabilities found in its firewalls, some critical and others high and medium. The vulnerabilities have been fixed via automaticall...
What is Secure Code Development? Discovering an essential practice in cybersecurity.
In the previous article on Patch Management, we started talking about 4 fundamental pillars in the world of Cybersecurity. These four pillars are Patch Management, Hardening, Secure Code Development, ...
Vulnerability in 7-Zip: Attackers can perform denial-of-service attacks
A critical security flaw related to memory corruption has been discovered in the popular 7-Zip archiver. This vulnerability can be exploited by attackers to cause denial-of-service conditions by creat...
Featured Articles

In recent days, the global digital landscape has been rocked by a cybersecurity bug that affected on-premise Microsoft SharePoint servers, exposing thousands of organizations to cyber attacks. This ev...

According to cybersecurity experts, several Chinese hacker groups are exploiting a series of zero-day vulnerabilities in Microsoft SharePoint in their attacks. In particular, it emerged that attackers...

The Red Hot Cyber Conference is back! After the great success of the third and fourth editions, the free annual event created by the RHC community is back! An event designed to bring young people clos...

In February 2025 we had already observed the functioning of DDoSIA, the crowd-hacking system promoted by NoName057(16): a client distributed via Telegram, DDoS attacks against European targets, reward...

Artificial intelligence (AI) is software that can generate output (i.e., content, predictions, decisions, recommendations) capable of interacting with the environment and according to human objectives...

What are zero-day brokers? Discovering the underground market of security vulnerabilities
Zeroday brokers are intermediaries who buy and sell software vulnerabilities that are unknown to the manufacturers and organizations that use them. These vulnerabilities, known as “zerodays,” are exploited by cybercriminals to attack companies’ computer systems and networks. Zeroday brokers seek

Apache Tomcat DoS Vulnerability: CVE-2025-53506 Under Analysis
The Apache team recently fixed a denial-of-service (DoS) vulnerability classified as high severity. There’s a new inconvenient guest in data centers around the world. It’s called CVE-2025-53506 and it doesn’t make noise like ransomware, it doesn’t manifest itself with disturbing

Magnus Carlsen beats ChatGPT at chess without losing a piece!
Magnus Carlsen beat ChatGPT at chess without losing a single piece, while his virtual opponent lost all his pawns. The Norwegian grandmaster posted screenshots of the game on the social network X on July 10. The artificial intelligence admitted defeat

Magnus Carlsen beats ChatGPT at chess without losing a piece!
Magnus Carlsen beat ChatGPT at chess without losing a single piece, while his virtual opponent lost all his pawns. The Norwegian grandmaster posted screenshots of the game on the social network X on July 10. The artificial intelligence admitted defeat

Putin imposes restrictions on foreign software that has “strangled” Russia
The Kremlin press office reported that Russian President Vladimir Putin has instructed the government to develop additional restrictions on software (including “communications services”)produced in hostile countries by September 1, 2025. The list of instructions was drawn up following a meeting

How an LLM Really Works: Costs, Infrastructure, and the Technical Choices Behind Big Language Models
In recent years, large language models (LLM, Large Language Models) such as GPT, Claude, or LLaMA have demonstrated extraordinary capabilities in understanding and generating natural language. However, behind the scenes, running an LLM is no child’s play: it requires significant

What is ICT Risk Management? A process that supports cybersecurity.
Redazione RHC - July 20th, 2025
ICT Risk Management is a process that identifies, assesses, and manages risks related to the use of information and communications technologies (ICT). It is a fundamental aspect for any organization...

How to Start a Cyber Security Program: The First Steps
Redazione RHC - July 20th, 2025
Cybersecurity has become a crucial component for protecting corporate information and sensitive data. Starting a cybersecurity program is not only a necessity, but a must for any organization that wants...

What are Side Channel Attacks? How they work and how to defend data from cyber threat physics.
Redazione RHC - July 20th, 2025
Side Channel Attacks represent a sophisticated category of cyber threats that focus on weaknesses in security systems. These attacks differ from traditional techniques based on brute force or software vulnerabilities,...

What is Phishing as a Service (PaaS). Let’s explore cybercrime services and access some underground resources.
Redazione RHC - July 20th, 2025
"Phishing as a service" (PaaS) is a type of service offered by cybercriminals or illicit service providers that simplifies and automates the entire process of creating and distributing phishing attacks...
Sign up for the newsletter