Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Search
LECS 320x100 1
Redhotcyber Banner Sito 970x120px Uscita 101125

Author: Redazione RHC

Microsoft Fixes Old Windows LNK Vulnerability Exploited in Attacks

Redazione RHC 04/12/2025

Microsoft has quietly patched a long-standing Windows vulnerability that has been exploited in real-world attacks for several years. The update was released on November’s Patch Tuesday, despite the company having previously been slow to address the issue. This information was revealed by 0patch , which indicated that the flaw had been actively exploited by various groups since 2017. The issue, designated CVE-2025-9491, affects Windows’ handling of LNK shortcuts. A user interface error caused part of the command embedded in the shortcut to remain hidden when viewing its properties. This allowed malicious code to run as a harmless file . Experts observed that

Critical React Server Vulnerability: Update Now to Prevent RCE Attacks

Redazione RHC 04/12/2025

Developers and administrators around the world are urgently updating their servers following the discovery of a critical vulnerability in React Server, which allows attackers to remotely execute unauthenticated code with a single HTTP request. The exploit is now publicly available , and the issue has received the highest severity rating, 10 out of 10, on CVSS. React is actively used on servers to accelerate JavaScript and content rendering: instead of completely reloading the page with each request, it only redraws the modified parts of the interface. This significantly saves resources and improves application performance. React is estimated to be used by approximately

Critical Vulnerability in King Addons for Elementor Exploited

Redazione RHC 04/12/2025

During the registration process, a critical security flaw (CVE-2025-8489) in the King Addons WordPress Elementor plugin was exploited by attackers, allowing them to gain administrative privileges via a privilege escalation vulnerability. A third-party add-on called King Addons extends the functionality of Elementor , a popular visual web page builder plugin for WordPress sites. Estimated to be used on approximately 10,000 websites, it provides a range of widgets, templates, and additional features. Threat activity began on October 31, just one day after the issue was disclosed. So far, the Wordfence security scanner from Defiant, a company that provides security services for WordPress websites,

Google Discover AI Headlines: Revolutionizing News Feed or Clickbait Nightmare?

Redazione RHC 04/12/2025

Google is testing AI-generated headlines in its Discover feed, replacing original news headlines with original ones. Sean Hollister, editor-in-chief of The Verge, reported this , noting that short and often misleading AI-generated headlines had begun appearing in his smartphone feed instead of newspaper headlines. The experiment involved the Google Discover news feed on Samsung Galaxy and Google Pixel smartphones. Hollister noted that the system attempts to reduce the meaning of a post to a few words, but the results are often skewed. Posts about Baldur’s Gate 3 are receiving headlines accusing players of child exploitation, while articles about the Qi2 standard are

Storm-0900 Phishing Campaign Spreads XWorm Malware

Redazione RHC 04/12/2025

Over the holiday season, a coordinated attack was detected and blocked by Microsoft Threat Intelligence security analysts, involving tens of thousands of emails crafted to deceive recipients. The cybercriminal group known as Storm-0900 launched a large-scale phishing campaign, targeting users across the United States. The campaign exploited two main social engineering themes : fake parking ticket notifications and fraudulent medical test results. Microsoft Threat Intelligence analysts and security researchers discovered that this campaign led to the spread of XWorm, a widespread modular remote access malware used by many threat actors across the cyber threat landscape. In connection with the Thanksgiving holiday, attackers

Windows 10 Still Running on 1 Billion PCs, Upgrade to Windows 11 Urged

Redazione RHC 04/12/2025

Windows 10 has been officially retired, but it still runs on approximately one billion personal computers worldwide. A significant number of devices are technically ready to upgrade to Windows 11, increasing the risk of cyberattacks and proving that updating the operating system is more difficult than it seems . According to Jeff Clark, vice president and chief operating officer of Dell Technologies, of the approximately 1.5 billion PCs installed, more than 1 billion have not yet been upgraded to Windows 11 or are too old to do so. Approximately 500 million devices meet the requirements for the new version but have not

Secure AI Integration in OT Systems: Key Principles and Best Practices

Redazione RHC 04/12/2025

Since ChatGPT’s public release in November 2022, artificial intelligence (AI) has been integrated into many aspects of human society. For owners and operators of critical infrastructure, AI can be used to increase efficiency and productivity, improve decision-making, reduce costs, and enhance customer experience. Despite its many benefits, integrating AI into operational technology (OT) environments that manage essential public services also introduces significant risks —such as OT process model drift over time or security process circumvention—that owners and operators must carefully manage to ensure the availability and reliability of critical infrastructure. The Australian Signals Directorate, through the Australian Cyber Security Centre, together with

Aisuru Botnet Unleashes 29.7 Tbps DDoS Attack, Cloudflare Mitigates

Redazione RHC 03/12/2025

A botnet service called Aisuru offers an army of compromised IoT devices and routers to launch high-traffic DDoS attacks. In just three months, the massive Aisuru botnet launched more than 1,300 DDoS attacks, one of which set a new record with a peak of 29.7 terabits per second. Since the beginning of the year, Cloudflare has neutralized a total of 2,867 Aisuru attacks , which were characterized by significant intensity, with nearly 45% of them classified as hypervolumetric, meaning attacks with a throughput greater than 1 Tbps, or 1 billion packets per second (Bpps). Cloudflare, a leading internet management and infrastructure company,

Critical Vulnerability in Iskra iHUB Devices Exposed

Redazione RHC 03/12/2025

A serious security vulnerability has been discovered in smart metering infrastructure, which could expose utility networks to remote takeover risks. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a security advisory warning of a critical vulnerability in the Iskra iHUB and iHUB Lite devices, which attackers could exploit to bypass authentication entirely. The vulnerability, identified as CVE-2025-13510 , has a base score of 9.1 (critical) in CVSS v3.1 and affects all versions of Iskra iHUB and iHUB Lite devices, typically used as smart metering gateways and data concentrators. The vulnerability stems from a fundamental flaw in the device’s security architecture:

Roblox Down Russia

Redazione RHC 03/12/2025

Today, the Roblox gaming platform went offline in Russia. However, international services that monitor network outages reported no issues during the same period. The main complaints concerned the inability to access the website or use the platform’s web app . According to data from Detector404 and Sboy.rf , the sharp increase in complaints about Roblox’s unavailability began around 11:30 a.m. Moscow time. However, as the Durova’s Code portal points out, international outage monitoring services have not recorded any problems. The resource’s correspondents outside Russia have also confirmed that access to Roblox is functioning normally. In comments about monitoring services, many users directly

Category