Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
Home
AGI: Google and Anthropic CEOs sound the alarm at Davos – the world won’t be ready!-A working browser built with AI using 3 million lines of code: breakthrough or illusion?-NoName057(16) hits Italy 487 times in the last 3 months: the DDoS wave does not stop-Undersea Cables: Ignored Warnings and Uncertain Trials. The Truth About Underwater Accidents-CISA Updates Vulnerability Catalog: New Cybersecurity Threats-AGI: Google and Anthropic CEOs sound the alarm at Davos – the world won’t be ready!-A working browser built with AI using 3 million lines of code: breakthrough or illusion?-NoName057(16) hits Italy 487 times in the last 3 months: the DDoS wave does not stop-Undersea Cables: Ignored Warnings and Uncertain Trials. The Truth About Underwater Accidents-CISA Updates Vulnerability Catalog: New Cybersecurity Threats
Banner Ancharia Mobile 1
HackTheBox 970x120 1

Author: Agostino Pellegrino

Agostino Pellegrino

He is a freelancer, teacher and expert in Computer Forensics, Cyber Security and Ethical Hacking and Network Management. He has collaborated with leading educational institutions internationally and has practiced teaching and mentorship in advanced Offensive Security techniques for NATO obtaining major awards from the U.S. Government. His motto is "Study. Always."

Profilo LinkedIn
Areas of Expertise Incident Response, Malware Analysis, Penetration Testing, Red Teaming

WSUS security update has broken hotpatches on Windows Server 2025

- November 3rd, 2025

A breakthrough patch fixed a security flaw in the Windows Server Update Service (WSUS), but apparently caused hotpatching to stop working on certain Windows Server 2025 servers. Microsoft Hotpatch is...
Share on Facebook Share on LinkedIn Share on X

Hikvision Exploiter: The open-source tool for attacking IP cameras

- October 31st, 2025

A new open-source tool, known as HikvisionExploiter, was recently updated. This tool is designed to automate cyberattacks against vulnerable Hikvision IP cameras . Designed to facilitate penetration testing operations, this...
Share on Facebook Share on LinkedIn Share on X

Malware alert: Critical WordPress plugin vulnerabilities actively exploited

- October 29th, 2025

Wordfence is raising the alarm about a large-scale malware campaign in which attackers are exploiting critical vulnerabilities in the popular WordPress plugins GutenKit and Hunk Companion . The company blocked...
Share on Facebook Share on LinkedIn Share on X

Apache Tomcat Vulnerability: Update Now to Avoid Security Risks

- October 28th, 2025

Many web applications rely on Apache Tomcat, a widely used open-source Java servlet container. On October 27, 2025, Apache disclosed two vulnerabilities: CVE-2025-55752 and CVE-2025-55754, affecting several versions of Tomcat....
Share on Facebook Share on LinkedIn Share on X

Criminal Hackers Breach US Nuclear Weapons Production Facilities

- October 27th, 2025

Government hackers breached a nuclear weapons component manufacturing facility in the United States by exploiting vulnerabilities in Microsoft SharePoint. The incident affected the Kansas City National Security Campus (KCNSC) ,...
Share on Facebook Share on LinkedIn Share on X

Critical RCE exploit in Microsoft WSUS actively exploited. CISA warns: imminent risk

- October 25th, 2025

A global alert has been issued by the United States Cybersecurity and Infrastructure Security Agency (CISA) regarding the active exploitation of a critical remote code execution (RCE) flaw in Microsoft’s...
Share on Facebook Share on LinkedIn Share on X

$792,750 in one day! 56 zerodays detected at Pwn2Own Ireland 2025

- October 24th, 2025

On the second day of the Pwn2Own Ireland 2025 competition, participants achieved impressive success, discovering 56 new zero-day vulnerabilities and earning a total of $792,750. This is the second phase...
Share on Facebook Share on LinkedIn Share on X

Online PoC for 7-Zip flaws: Exploit allows arbitrary code execution

- October 18th, 2025

A proof-of-concept exploit has been developed for two critical vulnerabilities in the popular 7-Zip archiving software. These vulnerabilities could be exploited by attackers to remotely execute arbitrary code by sending...
Share on Facebook Share on LinkedIn Share on X

Apache ActiveMQ NMS AMQP Vulnerability in 9.8: Urgent Update Required

- October 17th, 2025

An untrusted data deserialization vulnerability has been identified in the Apache ActiveMQ NMS AMQP client, exposing systems to potential attacks from malicious servers. The flaw, tracked as CVE-2025-54539, has a...
Share on Facebook Share on LinkedIn Share on X

F5 Suffers Security Breach: Source Code and Sensitive Data Stolen

- October 16th, 2025

A serious security incident has been reported by F5, a leading provider of application security and delivery solutions. A complex nation-state threat actor had gained long-term access to internal systems,...
Share on Facebook Share on LinkedIn Share on X
Category