Contact
Red Hot Cyber
Cybersecurity, Cybercrime News and Vulnerability Analysis
Home
970x120 Olympous

Author: Massimiliano Brolli

Massimiliano Brolli

Responsible for the RED Team of a large Telecommunications company and 4G/5G cyber security labs. He has held managerial positions ranging from ICT Risk Management to software engineering to teaching in university master's programs.

Profilo LinkedIn
Areas of Expertise Bug Hunting, Red Team, Cyber Intelligence & Threat Analysis, Disclosure, Cyber Warfare and Geopolitics, Ethical Hacking

Massimiliano Brolli is a cybersecurity professional with a long-standing career in the IT and cybersecurity fields. He currently holds leadership roles in security, Cyber Threat Intelligence, and 0-day research within a major Italian technology group.

Current Positions

  • Head of Red Team, 0-day Research & Network Penetration Testing at TIM, a large Italian telecommunications company, responsible for offensive security operations, threat intelligence activities, and the discovery of previously undocumented vulnerabilities.

  • Founder of the Red Hot Cyber community, a project launched in 2019 to promote cybersecurity awareness and risk culture, engaging professionals, students, and international communities.

Core Skills

  • Cybersecurity & Cyber Threat Intelligence: leadership of technical teams and advanced research on threats and vulnerabilities.

  • Security Research (0-day): design and execution of research programs focused on identifying vulnerabilities in complex infrastructures.

  • Leadership & Innovation: creation and growth of community-driven initiatives and technical knowledge-sharing projects.

Initiatives & Contributions

  • Red Hot Cyber: a cybersecurity awareness and community project with over 140 active members, including initiatives such as the RHC Conference, an annual industry event.

  • Ongoing dissemination of technical content and digital risk awareness for both professionals and the broader public.

Professional Vision

He strongly believes in knowledge sharing and ethical hacking as key drivers to bring more people closer to cybersecurity and to help prepare the next generation of security professionals.

Massimiliano Brolli is a recognized reference figure within the Italian cybersecurity landscape, combining strong technical expertise with a clear strategic and educational vision.

Risorse web

Numero di articoli trovati: 70

DriverFixer0428: macOS Credential Stealer Linked to North Korea

A thorough static and dynamic analysis has led to the identification of a macOS malware called DriverFixer0428 , classified as a credential stealer and attributed with a medium-high confidence level...

- December 25th, 2025

Share on Facebook Share on LinkedIn Share on X

54 Arrested in $Multi-Million ATM Jackpotting Scheme Linked to Tren de Aragua

A federal grand jury in the District of Nebraska has indicted a total of 54 people accused of participating in a vast criminal operation that used malware to steal millions...

- December 20th, 2025

Share on Facebook Share on LinkedIn Share on X

CyberVolk Ransomware Flawed: Free File Recovery Possible

This isn't the first time criminal hackers make mistakes, and it won't be the last. The pro-Russian hacktivist group CyberVolk launched the RaaS service VolkLocker (also known as CyberVolk 2.x)....

- December 17th, 2025

Share on Facebook Share on LinkedIn Share on X

Notepad++ 8.8.9 Released: Fixing Critical Update Vulnerability

A new version, 8.8.9, of the popular text editor Notepad++, has been released by its developers, fixing a flaw in the automatic update system . This issue came to light...

- December 16th, 2025

Share on Facebook Share on LinkedIn Share on X

VS Code Extensions Infected with Sophisticated Malware via Typosquatting

A sophisticated malware campaign has been detected within the Visual Studio Code (VS Code) marketplace. Researchers at ReversingLabs (RL) have identified 19 malicious extensions that successfully evaded standard detection methods...

- December 15th, 2025

Share on Facebook Share on LinkedIn Share on X

NANOREMOTE Trojan Uses Google Drive for Command and Control

A new multifunctional Windows Trojan called NANOREMOTE uses a cloud file storage service as its command center , making the threat harder to detect and giving attackers a persistent channel...

- December 12th, 2025

Share on Facebook Share on LinkedIn Share on X

Fortinet Vulnerability: Critical FortiOS, FortiWeb, FortiProxy, FortiSwitchManager Update

A critical vulnerability affecting the FortiOS, FortiWeb, FortiProxy , and FortiSwitchManager product lines has been reported by Fortinet via an urgent security advisory. This advisory was issued in connection with...

- December 10th, 2025

Share on Facebook Share on LinkedIn Share on X

CISA Warns: Avoid Personal VPNs for Secure Mobile Communications

In new mobile communications advisories, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a stern warning to smartphone owners : avoid using personal VPN services. The document, aimed...

- December 9th, 2025

Share on Facebook Share on LinkedIn Share on X

Critical PromptPwnd Vulnerability Exposes AI-Powered GitLab, GitHub Pipelines

A critical vulnerability, identified as "PromptPwnd," affects AI agents that are integrated into the GitLab CI/CD and GitHub Actions pipelines. Through this vulnerability, attackers are able to inject malicious commands...

- December 9th, 2025

Share on Facebook Share on LinkedIn Share on X

Microsoft Fixes Old Windows LNK Vulnerability Exploited in Attacks

Microsoft has quietly patched a long-standing Windows vulnerability that has been exploited in real-world attacks for several years. The update was released on November's Patch Tuesday, despite the company having...

- December 4th, 2025

Share on Facebook Share on LinkedIn Share on X
Banner