Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
Home
AGI: Google and Anthropic CEOs sound the alarm at Davos – the world won’t be ready!-A working browser built with AI using 3 million lines of code: breakthrough or illusion?-NoName057(16) hits Italy 487 times in the last 3 months: the DDoS wave does not stop-Undersea Cables: Ignored Warnings and Uncertain Trials. The Truth About Underwater Accidents-CISA Updates Vulnerability Catalog: New Cybersecurity Threats-AGI: Google and Anthropic CEOs sound the alarm at Davos – the world won’t be ready!-A working browser built with AI using 3 million lines of code: breakthrough or illusion?-NoName057(16) hits Italy 487 times in the last 3 months: the DDoS wave does not stop-Undersea Cables: Ignored Warnings and Uncertain Trials. The Truth About Underwater Accidents-CISA Updates Vulnerability Catalog: New Cybersecurity Threats
Banner Ransomfeed 320x100 1
970x20 Itcentric

Author: Agostino Pellegrino

Agostino Pellegrino

He is a freelancer, teacher and expert in Computer Forensics, Cyber Security and Ethical Hacking and Network Management. He has collaborated with leading educational institutions internationally and has practiced teaching and mentorship in advanced Offensive Security techniques for NATO obtaining major awards from the U.S. Government. His motto is "Study. Always."

Profilo LinkedIn
Areas of Expertise Incident Response, Malware Analysis, Penetration Testing, Red Teaming

Splunk Enterprise Vulnerability: CVE-2025-20386 and CVE-2025-20387

- December 5th, 2025

Security researchers have discovered two high-risk vulnerabilities (CVE-2025-20386 and CVE-2025-20387, with CVSS severity 8.0) affecting the Splunk Enterprise platform and Universal Forwarder components. These vulnerabilities result from incorrect permissions on...
Share on Facebook Share on LinkedIn Share on X

Critical React Server Vulnerability: Update Now to Prevent RCE Attacks

- December 4th, 2025

Developers and administrators around the world are urgently updating their servers following the discovery of a critical vulnerability in React Server, which allows attackers to remotely execute unauthenticated code with...
Share on Facebook Share on LinkedIn Share on X

Anthropic Releases Claude Opus 4.5: AI Model for Enhanced Productivity

- November 24th, 2025

Anthropic has released Claude Opus 4.5 , its new flagship model, which the company says is the most powerful version yet and ranks at the top of the class for...
Share on Facebook Share on LinkedIn Share on X

Windows Server Vulnerability Exploited: ShadowPad Malware Deployed

- November 24th, 2025

A recently patched vulnerability in Microsoft’s Windows Server update services has led to a series of attacks using one of the most notorious espionage tools of recent years. The incidents...
Share on Facebook Share on LinkedIn Share on X

Oracle under attack: Pre-auth RCE vulnerability discovered that compromises entire systems

- November 22nd, 2025

A vulnerability, designated CVE-2025-61757, was made public by Searchlight Cyber last Thursday. Company researchers discovered the issue and notified Oracle, which led to its disclosure. Oracle fixed CVE-2025-61757 with the...
Share on Facebook Share on LinkedIn Share on X

A bug in ImunifyAV antivirus leads to RCE. 56 million sites at risk.

- November 14th, 2025

A vulnerability has been discovered in the Linux hosting ecosystem : the ImunifyAV malware scanner has been found to be vulnerable to remote code execution (RCE). The issue affects the...
Share on Facebook Share on LinkedIn Share on X

Microsoft fixes 63 vulnerabilities, including an actively exploited zero-day

- November 13th, 2025

On November's Patch Tuesday, Microsoft fixed 63 vulnerabilities , including a critical zero-day vulnerability that had already been exploited in attacks. This time, the fixes affected a wide range of...
Share on Facebook Share on LinkedIn Share on X

QNAP fixes 7 critical NAS bugs discovered at Pwn2Own Ireland 2025

- November 10th, 2025

QNAP has fixed seven critical zero-day vulnerabilities in its Network Attached Storage (NAS) operating systems after a group of researchers successfully exploited them at Pwn2Own Ireland 2025 , held in...
Share on Facebook Share on LinkedIn Share on X

CISA Warns! New Bugs in Gladinet, Control Web Panel, and WordPress Expose Systems

- November 5th, 2025

Two vulnerabilities related to Gladinet and Control Web Panel (CWP) have been added to the U.S. Cybersecurity and Infrastructure Security Agency (CISA) catalog of known exploited vulnerabilities (KEVs), due to...
Share on Facebook Share on LinkedIn Share on X

Chinese hackers target European diplomatic agencies (including Italy)

- November 4th, 2025

The China-linked hacker group UNC6384 ( also known as Mustang Panda ) is conducting a large-scale cyberespionage campaign targeting European diplomatic and government agencies. According to Arctic Wolf and StrikeReady...
Share on Facebook Share on LinkedIn Share on X
Category