Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Search
Banner Ancharia Mobile 1
UtiliaCS 970x120

Author: Redazione RHC

Aisuru Botnet Unleashes 29.7 Tbps DDoS Attack, Cloudflare Mitigates

Redazione RHC 03/12/2025

A botnet service called Aisuru offers an army of compromised IoT devices and routers to launch high-traffic DDoS attacks. In just three months, the massive Aisuru botnet launched more than 1,300 DDoS attacks, one of which set a new record with a peak of 29.7 terabits per second. Since the beginning of the year, Cloudflare has neutralized a total of 2,867 Aisuru attacks , which were characterized by significant intensity, with nearly 45% of them classified as hypervolumetric, meaning attacks with a throughput greater than 1 Tbps, or 1 billion packets per second (Bpps). Cloudflare, a leading internet management and infrastructure company,

Critical Vulnerability in Iskra iHUB Devices Exposed

Redazione RHC 03/12/2025

A serious security vulnerability has been discovered in smart metering infrastructure, which could expose utility networks to remote takeover risks. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a security advisory warning of a critical vulnerability in the Iskra iHUB and iHUB Lite devices, which attackers could exploit to bypass authentication entirely. The vulnerability, identified as CVE-2025-13510 , has a base score of 9.1 (critical) in CVSS v3.1 and affects all versions of Iskra iHUB and iHUB Lite devices, typically used as smart metering gateways and data concentrators. The vulnerability stems from a fundamental flaw in the device’s security architecture:

Roblox Down Russia

Redazione RHC 03/12/2025

Today, the Roblox gaming platform went offline in Russia. However, international services that monitor network outages reported no issues during the same period. The main complaints concerned the inability to access the website or use the platform’s web app . According to data from Detector404 and Sboy.rf , the sharp increase in complaints about Roblox’s unavailability began around 11:30 a.m. Moscow time. However, as the Durova’s Code portal points out, international outage monitoring services have not recorded any problems. The resource’s correspondents outside Russia have also confirmed that access to Roblox is functioning normally. In comments about monitoring services, many users directly

Inside Lazarus! The fake candidate who fooled North Korean cyber spies

Redazione RHC 03/12/2025

A joint investigation by BCA LTD, NorthScan, and ANY.RUN has exposed one of North Korea’s most secretive hacking schemes. Under the guise of routine recruitment, the team monitored how operators from the Lazarus Group, a division of Famous Chollima , infiltrated companies around the world as remote IT workers with stolen identities. The operation was initiated by BCA LTD founder Mauro Eldritch , who joined forces with the NorthScan initiative and the interactive malware analysis service ANY.RUN . NorthScan specialists created a fictitious American developer , who was used by Heiner Garcia to communicate with a Lazarus recruiter under the alias Aaron

Kawasaki CORLEO Robot Quadrupede for Human Transport by 2035

Redazione RHC 03/12/2025

Kawasaki Heavy Industries plans to launch a quadruped robot capable of carrying humans in 2035. Kawasaki Heavy Industries announced on December 3 that it has begun production of ” CORLEO ,” a quadruped robot capable of carrying people. It is scheduled for market launch in 2035. The robot will be offered in conjunction with outdoor recreation services, with the company aiming to achieve sales of 300 billion yen by 2040. The company announced the news at a press conference held in Tokyo on the 3rd. President Yasuhiko Hashimoto said, “We hope to combine robotics and motorcycle technology to realize practical applications, creating

Candle Subsea Cable Revolutionizes Asia-Pacific Internet Connectivity

Redazione RHC 03/12/2025

70 million simultaneous 8K videos at 570 Tbps ! This is a staggering amount of transport power in a submarine cable and will change internet access in the Asia-Pacific region. Candle is more than just a submarine cable: it is the backbone of the Asia-Pacific digital economy . With its massive capacity of 570 Tbps , the extreme density of 24 fiber pairs, and the resilient ring route design , it has completely rewritten the rules of site selection, topology, energy, and data center business models. As Tomonori Uematsu, General Manager of NEC Submarine Networks, said, “Candle connects Asia’s isolated cyber islands

Google Chrome 143 Patch Fixes Critical V8 JavaScript Vulnerability

Redazione RHC 03/12/2025

Google has released Chrome 143 for Windows, macOS, and Linux; the release contains an important patch. The new version ( 143.0.7499.40 for Linux and 143.0.7499.40/41 for Windows and macOS) addresses 13 vulnerabilities, including a critical vulnerability in the JavaScript V8 engine, CVE-2025-13630, a type confusion issue. This is CVE-2025-13630, discovered by cybersecurity researcher Shreyas Penkar (@streypaws) and awarded a $11,000 bounty by Google. The bug is a favorite target for exploit writers, as such flaws sometimes allow exploits to escape the browser sandbox and execute third-party code. Therefore, the released patch is one of the most important of the release. In addition

Managing AI Agents: Mitigating Security Risks in Autonomous Systems

Redazione RHC 03/12/2025

The widespread adoption of artificial intelligence in businesses is profoundly transforming operational processes and, at the same time, introducing new security vulnerabilities . Companies are using these systems to increase productivity and strengthen competitiveness, but their increasing autonomy requires a rethinking of control and governance rules. AI-powered assistants no longer perform just support tasks, such as composing emails or writing summaries. In many organizations , they are now able to initiate work orders, analyze technical logs, manage accounts, and automatically respond to anomalies. These functions, typical of the new generation of ” agentive ” agents, allow systems to take direct action in

Mistral AI Unveils Powerful Open Source Models for Advanced AI Applications

Redazione RHC 03/12/2025

French company Mistral AI has unveiled its Mistral 3 line of models, making them fully open source under the Apache 2.0 license . The series includes several compact and dense models with 3, 8, and 14 billion parameters , as well as the flagship Mistral Large 3 model. This is a ” Mixture-of-Experts ” model with 41 billion active parameters and 675 billion shared parameters , which the company calls its most powerful solution to date. Mistral Large 3 was trained from scratch on approximately 3,000 NVIDIA H200 GPUs. After further training, the model achieved the level of the best open-source training

Maha Grass APT Group Unleashes StreamSpy Malware Attacks

Redazione RHC 03/12/2025

The Patchwork cyber espionage group — also known as Hangover or Dropping Elephant and internally tracked by QiAnXin as APT-Q-36 — has been active since 2009 and is believed to be close to South Asia. Over the years, it has targeted government agencies, the military, research institutions, diplomacy, industry, and educational institutions in several Asian countries, conducting large-scale intelligence gathering operations. The QiAnXin Threat Intelligence Center has identified a new Trojan attributed to the Maha Grass organization, which uses a combination of WebSocket and HTTP protocols to communicate with command and control servers. The malware, dubbed StreamSpy , retrieves instructions via a

Category