Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Search
TM RedHotCyber 320x100 042514
TM RedHotCyber 970x120 042543

Author: Redazione RHC

Cloudflare Just Broke the Internet… Again. Centralization Risks Exposed

Redazione RHC 05/12/2025

Cloudflare is back in the spotlight after a new wave of outages that, on December 5, 2025, is affecting several components of the platform. In addition to the Dashboard and API issues already reported by users around the world, the company confirmed that it is also working on a significant increase in errors related to Cloudflare Workers , the serverless service used by thousands of developers to automate critical functions of their applications. Another piece that adds to a mosaic of significant critical issues. As numerous cybersecurity experts have been pointing out for years, entrusting the web’s core infrastructure to a handful

Chinese Cyber Spies Use Brickstorm Malware to Infiltrate Critical Networks

Redazione RHC 05/12/2025

Chinese cyber spies have been lurking in the networks of critical organizations for years, infecting infrastructure with sophisticated malware and stealing data, government agencies and private experts warn. According to a joint advisory from CISA, the NSA, and the Canadian Cyber Security Centre, at least eight government agencies and IT companies have fallen victim to the Brickstorm backdoor , which operates on Linux, VMware, and Windows environments. The statement from CISA spokesperson Nick Andersen also underscores the scale of the problem: he says the actual number of victims is likely higher and that Brickstorm itself is an “extremely advanced” platform that allows

Splunk Enterprise Vulnerability: CVE-2025-20386 and CVE-2025-20387

Redazione RHC 05/12/2025

Security researchers have discovered two high-risk vulnerabilities (CVE-2025-20386 and CVE-2025-20387, with CVSS severity 8.0) affecting the Splunk Enterprise platform and Universal Forwarder components. These vulnerabilities result from incorrect permissions on configuration files during software deployment on Windows systems , allowing non-administrative users to access the Splunk installation directory and its entire contents. This vulnerability is not a traditional remote code execution vulnerability, but rather expands the attack surface through local security degradation. In the affected versions: Splunk has released a fixed version and users are advised to update immediately: For users who cannot upgrade immediately, you can run the following commands using

Apache HTTP Server Update Fixes Critical Security Vulnerabilities

Redazione RHC 05/12/2025

The Apache Software Foundation has released a significant update for its popular Apache HTTP Server , addressing a total of five separate security vulnerabilities. Administrators are recommended to apply this update as soon as possible to ensure their web infrastructure is protected against the identified vectors. The newly released version 2.4.66 represents a comprehensive fix for issues including both infinite loops during certificate renewal and possible NTLM credential leaks on Windows operating systems. Two of the identified vulnerabilities, rated “moderate,” pose specific risks to shared hosting configurations using suexec and Windows environments, while the remaining three are labeled “low” severity. Among the

Cyber Insurance: Why Basic Hygiene Matters

Redazione RHC 05/12/2025

Cyber insurance has become a topic of discussion on management committees. It’s no longer an add-on, but rather an essential consideration in corporate risk management. Yet many companies rely on a security net that can fail just when they need it most—not because of advanced attacks, but because of fundamental flaws that remain unresolved. The false sense of false protection Cybersecurity insurance policies are designed to mitigate the financial impact of an incident, but they aren’t a blank check. In practice, many companies receive only partial payments or even have their claims rejected. The reason is usually a failure to meet the

Meta AI WhatsApp Investigation

Redazione RHC 05/12/2025

Nine months after its implementation in Europe, Meta’s conversational artificial intelligence (AI) tool, integrated directly into WhatsApp, will be investigated by the European Commission . Two officials from the Brussels institution told the British newspaper The Financial Times . The news has not yet been officially confirmed, but it could be in the coming days, according to the same sources. Antitrust regulations at play The government will have to determine whether Meta violated European antitrust regulations by integrating its artificial intelligence into its messaging service. Represented by a blue and purple circle in the app, this feature is described as “an optional

Leroy Merlin Cyberattack Exposes Personal Data of French Customers

Redazione RHC 04/12/2025

A cyberattack has affected Leroy Merlin, involving the personal data of numerous customers in France, impacting hundreds of thousands of individuals. Leroy Merlin assures that “additional security measures have been implemented” with enhanced surveillance. “Data protection is a top priority for the brand,” adds the management, specifying that the CNIL (National Commission for Information Technology and Civil Liberties) has also been informed of the situation. The stolen data primarily includes contact information, such as dates of birth, phone numbers, email addresses, names, addresses, and loyalty program information. This information is enough to support highly credible phishing campaigns, tailored frauds, and social engineering

Anonymity for Sale: Russian SIM Card Market Thrives Amid Regulations

Redazione RHC 04/12/2025

Efforts by legislators and law enforcement to combat money laundering and more complex SIM card verification procedures have not significantly weakened the position of anonymous number dealers. This conclusion emerges from a study of supply in Moscow’s electronics markets. Despite the introduction of new SIM card registration procedures in the Russian Federation, obtaining an anonymous number remains simple, including the option to reinstate it later. To circumvent these requirements, vendors use corporate SIM cards registered with fictitious companies. As Izvestia found out, such a SIM card can be purchased without any particular obstacles. Advertisements for sale are usually found on social media

Hackers Compromise 120k IP Cameras for Pornographic Videos

Redazione RHC 04/12/2025

South Korean police have reported the arrest of four individuals who, presumably independently, compromised over 120,000 IP cameras. According to investigators, at least two of them did so to steal video from places like gynecological practices. They then edited the footage into pornographic videos and sold them online. According to local media , two of the four suspects (whose names have been withheld) were office workers, while the others were listed as unemployed or self-employed. Just two of those arrested were responsible for the majority of the cyberattacks: approximately 63,000 and 70,000 compromised devices, installed in private homes and commercial properties. Adult

Microsoft Fixes Old Windows LNK Vulnerability Exploited in Attacks

Redazione RHC 04/12/2025

Microsoft has quietly patched a long-standing Windows vulnerability that has been exploited in real-world attacks for several years. The update was released on November’s Patch Tuesday, despite the company having previously been slow to address the issue. This information was revealed by 0patch , which indicated that the flaw had been actively exploited by various groups since 2017. The issue, designated CVE-2025-9491, affects Windows’ handling of LNK shortcuts. A user interface error caused part of the command embedded in the shortcut to remain hidden when viewing its properties. This allowed malicious code to run as a harmless file . Experts observed that

Category