Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Search
2nd Edition GlitchZone RHC 320x100 2
LECS 970x120 1

Author: Redazione RHC

Cryptomixer Shut Down: Europol Cracks Down on $1.3B Bitcoin Mixing Service

Redazione RHC 02/12/2025

Law enforcement agencies in Switzerland and Germany have reported the dismantling of Cryptomixer , a major mixing service operating since 2016 that helped criminals launder illicitly obtained funds. According to Europol, the service has processed over €1.3 billion in Bitcoin (about $1.5 billion) in recent years. Operation Olympia took place in Zurich in late November. During the raids, which lasted from November 24 to 28, law enforcement agencies, with the support of Europol and Eurojust, seized three servers containing over 12 terabytes of data , blocked domains on the traditional internet and the Tor network, and confiscated €24 million (approximately $29 million)

ShadyPanda Malware Infects 4.3M Browsers with Chrome Edge Extensions

Redazione RHC 02/12/2025

Researchers at Koi Security described a multi-stage operation called ShadyPanda . Over the course of seven years, attackers released seemingly useful extensions for Chrome and Edge, built up an audience with positive comments and reviews. They then released an update containing malicious code . Researchers estimate that the total number of installations reached a remarkable 4.3 million downloads . The scheme is simple and unpleasant: “legitimate” extensions accumulate ratings, reviews, and trust badges for years, only to receive an update that contains malware, extracts arbitrary JavaScript, and executes it with full access to the browser . The code is obfuscated and becomes

Phishing Attacks Surge in Black Friday Season: Stay Vigilant

Redazione RHC 02/12/2025

This year, too, cybercriminals are taking advantage of seasonal shopping periods to spread phishing websites and fraudulent promotions, aiming to steal personal information and payment details . Gaming platforms remain a prime target throughout the year. In Spain, this trend is also reflected in the latest Cyber Security Report 2024 published by the National Institute for Cyber Security (INCIBE). Increase in fraud in the last 2 years According to this report, 2,122 cases related to fraudulent online stores were handled, in which users were redirected to websites imitating legitimate companies to steal personal or banking information. Additionally, the 017 cybersecurity helpline received

Human Washing Machine Launched: Japan’s Science Unveils Unique Device

Redazione RHC 01/12/2025

Japanese company Science has launched a washing machine for humans. The 2.30-meter-long capsule bathes a person in 15 minutes and attracted considerable interest at the recently concluded Osaka Expo. The device is modeled after the human washing machine presented at the 1970 Expo, also held in Osaka. As reported by the Indian news site NDTV , the president of Science is said to have seen this capsule as a child, which apparently left a lasting impression on him. Users lie on a bed inside the capsule and are then covered in foam and a fine mist. During the wash, relaxing music and

Brazilian Systems Targeted in Sophisticated OAST Exploit Campaign

Redazione RHC 01/12/2025

Security researchers have discovered a sophisticated exploit campaign that leverages a private out-of-band application security testing (OAST) service hosted on Google Cloud infrastructure. The campaign primarily targets systems in Brazil and exploits over 200 common vulnerabilities (CVEs). Attack method OAST endpoints typically help attackers verify the success of exploits for command execution, server-side request forgery (SSRF), and deserialization. Most attackers use publicly available OAST services such as toast.fun and interact.sh , but the authors of this threat operation operated a private domain called i-sh.detectors-testing.com. VulnCheck’s Canary threat intelligence system detected approximately 1,400 exploit attempts related to this infrastructure between October 12 and

Australian Man Jailed for Evil Twin Wi-Fi Scam Targeting Airline Passengers

Redazione RHC 01/12/2025

An Australian court has convicted a 44-year-old man who stole the personal data of airline passengers and airport visitors over several months . He was sentenced to seven years and four months in prison for creating fake Wi-Fi networks and then using the stolen information. This story began in April 2024, when employees of an Australian airline discovered a suspicious wireless network on board a plane. After contacting the Australian Federal Police (AFP) , law enforcement arrested the suspect, then 42 years old. A search of his carry-on luggage uncovered a Pineapple portable Wi-Fi device, a laptop, and a mobile phone. Police

KrakenBite Phishing Service Exposed

Redazione RHC 01/12/2025

The underground cybercrime market continues to evolve rapidly, fueled by specialized groups designing and selling tools for increasingly sophisticated digital scams. Among these, a particularly active player in recent weeks is KrakenBite , known for offering turnkey phishing services to cybercriminals around the world. In a recent announcement on their channels, spotted by Red Hot Cyber’s DarkLab group, the group said they had added five new phishing pages targeting Moroccan banks , bringing the total number of pages available in their “catalogue” to 115 . The Criminal Offer: Phishing Pages for Every Market The post presents a staggering list of targeted international

ADC Aerospace Hit by Play Ransomware Attack, Data Breach Feared

Redazione RHC 01/12/2025

American aviation and defense components manufacturer ADC Aerospace has found itself in the spotlight due to a possible cyber attack by the Play ransomware group, which appeared on their blog where criminal hackers claim to have compromised company data and customer documents. Disclaimer: This report includes screenshots and/or text from publicly available sources. The information provided is for threat intelligence and cybersecurity risk awareness purposes only. Red Hot Cyber condemns any unauthorized access, improper dissemination, or misuse of this data. It is currently not possible to independently verify the authenticity of the information reported, as the organization involved has not yet released

Calendar Subscriptions: A Hidden Danger in Your Digital Life

Redazione RHC 01/12/2025

Digital calendars have long been a convenient way to keep track of daily activities, but new research from Bitsight shows that this familiar tool can become a real attack channel. Bitsight researchers discovered over 390 abandoned domains associated with iCalendar sync , which received daily requests from approximately 4 million iOS and macOS devices. Anyone who re-registers these domains gains the ability to stealthily add events to users’ calendars, complete with links, files, and any other content. The problem is that third-party calendar subscriptions are typically created with a single click, for holidays, event calendars, discounts, or app reminders . But this

Airbus A320 Recall Due to ELAC System Failure Caused by Solar Flares

Redazione RHC 01/12/2025

Airbus has announced the recall of approximately 6,500 A320 aircraft due to potential failures in the ELAC control system caused by powerful solar flares. The recall followed a sudden loss of altitude during a flight from Cancun, Mexico, to Newark, which resulted in an emergency landing and 15 injuries to passengers. According to Reuters , the decision to recall the aircraft was made following an investigation into the JetBlue A320 crash. The investigation determined that the crash was caused by the ELAC subsystem’s incorrect response to intense solar flares. As a result, the system misinterpreted the movements of the control column .

Category