Contact
Red Hot Cyber
Cybersecurity, Cybercrime News and Vulnerability Analysis
Home
TM RedHotCyber 970x120 042543

Author: Massimiliano Brolli

Massimiliano Brolli

Responsible for the RED Team of a large Telecommunications company and 4G/5G cyber security labs. He has held managerial positions ranging from ICT Risk Management to software engineering to teaching in university master's programs.

Profilo LinkedIn
Areas of Expertise Bug Hunting, Red Team, Cyber Intelligence & Threat Analysis, Disclosure, Cyber Warfare and Geopolitics, Ethical Hacking

Massimiliano Brolli is a cybersecurity professional with a long-standing career in the IT and cybersecurity fields. He currently holds leadership roles in security, Cyber Threat Intelligence, and 0-day research within a major Italian technology group.

Current Positions

  • Head of Red Team, 0-day Research & Network Penetration Testing at TIM, a large Italian telecommunications company, responsible for offensive security operations, threat intelligence activities, and the discovery of previously undocumented vulnerabilities.

  • Founder of the Red Hot Cyber community, a project launched in 2019 to promote cybersecurity awareness and risk culture, engaging professionals, students, and international communities.

Core Skills

  • Cybersecurity & Cyber Threat Intelligence: leadership of technical teams and advanced research on threats and vulnerabilities.

  • Security Research (0-day): design and execution of research programs focused on identifying vulnerabilities in complex infrastructures.

  • Leadership & Innovation: creation and growth of community-driven initiatives and technical knowledge-sharing projects.

Initiatives & Contributions

  • Red Hot Cyber: a cybersecurity awareness and community project with over 140 active members, including initiatives such as the RHC Conference, an annual industry event.

  • Ongoing dissemination of technical content and digital risk awareness for both professionals and the broader public.

Professional Vision

He strongly believes in knowledge sharing and ethical hacking as key drivers to bring more people closer to cybersecurity and to help prepare the next generation of security professionals.

Massimiliano Brolli is a recognized reference figure within the Italian cybersecurity landscape, combining strong technical expertise with a clear strategic and educational vision.

Risorse web

Numero di articoli trovati: 70

Fezbox Malware: The NPM Package That Steals Cookies with QR Codes

Researchers discovered a malicious package called fezbox in npm that steals victims' cookies. To ensure the malicious activity remains undetected, QR codes are used to download the malware from the...

- September 26th, 2025

Share on Facebook Share on LinkedIn Share on X

First malware with integrated GPT-4 discovered: MalTerminal arrives

SentinelLABS researchers have discovered what they describe as the first known example of malware with integrated LLM functionality , dubbed MalTerminal . The discovery was presented at LABScon 2025 ,...

- September 22nd, 2025

Share on Facebook Share on LinkedIn Share on X

Critical vulnerability in Microsoft Login ID: risk of total takeover

Microsoft has closed a critical bug that could have severely compromised its cloud environments: Dutch researcher Dirk-Jan Mollema discovered two interconnected flaws in the Entra ID (formerly Azure Active Directory)...

- September 19th, 2025

Share on Facebook Share on LinkedIn Share on X

Supply Chain Wormable? NPM Packages with Self-Propagating Malware Arrive

Security researchers have discovered the compromise of over 180 npm packages, infected with a self-propagating malware designed to infect other packages. The campaign, dubbed Shai-Hulud, likely began with the hack...

- September 18th, 2025

Share on Facebook Share on LinkedIn Share on X

Google Chrome: Urgent patch for exploited 0day. Critical vulnerabilities fixed.

Google has taken immediate security action for Chrome browser users globally, targeting four critical vulnerabilities, one of which, a zero-day vulnerability, is currently being actively exploited. Users are therefore urged...

- September 18th, 2025

Share on Facebook Share on LinkedIn Share on X

EvilAI: Malware that uses artificial intelligence to bypass security

A new EvilAI malware campaign tracked by Trend Micro has demonstrated how artificial intelligence is increasingly becoming a tool for cybercriminals. In recent weeks, dozens of infections have been reported...

- September 15th, 2025

Share on Facebook Share on LinkedIn Share on X

Critical BitLocker Vulnerabilities: Microsoft Patches Two Security Holes

Two significant elevation of privilege vulnerabilities affecting Windows BitLocker encryption have been addressed by Microsoft. These flaws, identified as CVE-2025-54911 and CVE-2025-54912, have been classified as high severity. These vulnerabilities...

- September 11th, 2025

Share on Facebook Share on LinkedIn Share on X

QNAP releases security patches for critical vulnerabilities in VioStor NVR systems.

QNAP Systems has released security updates to address several vulnerabilities in the QVR firmware of its VioStor Network Video Recorder (NVR) systems. On August 29, 2025, two serious security vulnerabilities...

- September 1st, 2025

Share on Facebook Share on LinkedIn Share on X

What is Wetware: The Future of Brain Enhancement Through Hardware and Software

By definition, wetware refers to technology that combines hardware and software to enhance biological life forms. Steve M. Potter, an associate professor at the Neuroengineering Laboratory at the University of...

- August 29th, 2025

Share on Facebook Share on LinkedIn Share on X

Critical vulnerability in Docker Desktop: host system compromise

A critical vulnerability in the desktop version of Docker for Windows and macOS allowed a host system to be compromised by running a malicious container, even with Enhanced Container Isolation...

- August 27th, 2025

Share on Facebook Share on LinkedIn Share on X
Banner