Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
Home
AGI: Google and Anthropic CEOs sound the alarm at Davos – the world won’t be ready!-A working browser built with AI using 3 million lines of code: breakthrough or illusion?-NoName057(16) hits Italy 487 times in the last 3 months: the DDoS wave does not stop-Undersea Cables: Ignored Warnings and Uncertain Trials. The Truth About Underwater Accidents-CISA Updates Vulnerability Catalog: New Cybersecurity Threats-AGI: Google and Anthropic CEOs sound the alarm at Davos – the world won’t be ready!-A working browser built with AI using 3 million lines of code: breakthrough or illusion?-NoName057(16) hits Italy 487 times in the last 3 months: the DDoS wave does not stop-Undersea Cables: Ignored Warnings and Uncertain Trials. The Truth About Underwater Accidents-CISA Updates Vulnerability Catalog: New Cybersecurity Threats
Crowdstrike 320×100
HackTheBox 970x120 1

Author: Agostino Pellegrino

Agostino Pellegrino

He is a freelancer, teacher and expert in Computer Forensics, Cyber Security and Ethical Hacking and Network Management. He has collaborated with leading educational institutions internationally and has practiced teaching and mentorship in advanced Offensive Security techniques for NATO obtaining major awards from the U.S. Government. His motto is "Study. Always."

Profilo LinkedIn
Areas of Expertise Incident Response, Malware Analysis, Penetration Testing, Red Teaming

Critical Windows PowerShell Vulnerability CVE-2025-54100: Update Now

- December 12th, 2025

An urgent security update has been released to address a critical vulnerability in Windows PowerShell that allows attackers to execute malicious code on affected systems. This security flaw, designated CVE-2025-54100,...
Share on Facebook Share on LinkedIn Share on X

NetSupport RAT Malware Campaign Uncovered: Expert Analysis

- December 11th, 2025

Securonix specialists have discovered a multi-layered malware campaign aimed at secretly installing the NetSupport RAT remote access tool . The attack involves a series of carefully hidden stages, each designed...
Share on Facebook Share on LinkedIn Share on X

Microsoft Outlook RCE Vulnerability: Update Now to Prevent Attacks

- December 11th, 2025

A critical remote code execution (RCE) vulnerability in Outlook has been patched by Microsoft, potentially allowing attackers to run malicious code on vulnerable systems. The vulnerability, tracked under CVE-2025-62562, stems...
Share on Facebook Share on LinkedIn Share on X

EtherRAT Malware Exploits React2Shell Vulnerability with Ethereum C2

- December 11th, 2025

Just two days after the critical React2Shell vulnerability was discovered, Sysdig researchers discovered a new malware, EtherRAT, in a compromised Next.js application. The malware uses Ethereum smart contracts for communication...
Share on Facebook Share on LinkedIn Share on X

Ivanti Endpoint Manager Vulnerabilities: Update Now to Prevent RCE

- December 10th, 2025

Ivanti has released an urgent update for its Endpoint Manager (EPM) platform, addressing a set of significant vulnerabilities that could allow attackers to execute code of their choosing or hijack...
Share on Facebook Share on LinkedIn Share on X

Windows Cloud Files Mini Filter Vulnerability Under Active Exploitation

- December 10th, 2025

A zero-day vulnerability in the Windows Cloud Files Mini Filter driver (cldflt.sys) is currently being actively exploited. Microsoft has released urgent security updates to address this vulnerability. The vulnerability is...
Share on Facebook Share on LinkedIn Share on X

SAP Security Update Fixes Critical Code Injection Vulnerability in Solution Manager

- December 9th, 2025

SAP has just released its latest annual security update, which contains 14 new security bug fixes. Among them is a A critical “code injection” flaw in SAP Solution Manager poses...
Share on Facebook Share on LinkedIn Share on X

Intellexa Exploits Zero-Day Vulnerabilities with Spyware

- December 8th, 2025

Despite significant geopolitical challenges, the mercenary spyware industry remains a resilient and persistent threat; in this context, the well-known vendor Intellexa continues to expand its arsenal. A recent report from...
Share on Facebook Share on LinkedIn Share on X

React2Shell Vulnerability Exploited by China-Linked Hackers, Patch Now

- December 6th, 2025

We often discuss on this site that the window between the publication of an exploit and the launch of active attacks is drastically shrinking. For this reason, it's increasingly crucial...
Share on Facebook Share on LinkedIn Share on X

React2Shell Vulnerability: 8.7M Servers at Risk – CVE-2025-55182

- December 5th, 2025

In 2025, the IT and security communities are buzzing with excitement over a single name: " React2Shell ." With the disclosure of a new vulnerability, CVE-2025-55182, classified as CVSS 10.0,...
Share on Facebook Share on LinkedIn Share on X
Category