According to a Kaspersky Lab report, the use of vulnerabilities increased significantly in the second quarter of 2025: almost every subsystem of modern computers was attacked, from UEFI to browser drivers, operating systems, and applications. As before, attackers continue to exploit these vulnerabilities in real-world attacks to gain access to users’ devices and actively combine them with C2 frameworks in complex targeted operations. An analysis of CVE statistics over the past five years shows a steady increase in the total number of registered vulnerabilities. While there were around 2,600 at the beginning of 2024, this figure exceeded 4,000 by January 2025. The

A recent Cyber Threat Intelligence (CTI) analysis conducted by DREAM has revealed details of a complex spear-phishing campaign that occurred in August 2025. The attack, attributed to an Iran-aligned group known as Homeland Justice, leveraged already compromised infrastructure to reach sensitive targets globally. The peculiarity of this operation lies in the use of a compromised email account belonging to the Omani Ministry of Foreign Affairs, which provided a cover of legitimacy for the malicious communications. The phishing emails contained a malicious attachment, a Microsoft Word document, which represented the first link in the infection chain. This file hid a VBA (Visual Basic

China has unveiled KylinOS11, the largest update to its national operating system, which the government called a major step forward in creating an independent technology ecosystem. The new version runs on the Linux kernel 6.6 and is compatible with AMD and Intel processors, as well as eight Chinese CPUs, many of which use proprietary command architectures. The system also supports seven domestic graphics cards and can work with AMD and Nvidia accelerators. The launch immediately covered the desktop and server versions, adding a built-in AI assistant, model context protocol support, cloud integration, and advanced security features. According to KylinSoft President Chen Zhihua,

The project “A basic model for cancer vaccine design” has been shortlisted for an award from the UK government’s prestigious AI Research Resource (AIRR) initiative, led by the Department for Science, Innovation and Technology (DSIT) and UK Research and Innovation (UKRI). The project will receive 10,000 GPU hours on the Dawn Supercomputer, one of the UK’s fastest AI supercomputers. Dr. Lennard Lee, Associate Professor at the Centre for Immuno-Oncology and co-lead of the project, said: “We believe Oxford can lead a new era of discovery in cancer care, making treatments safer, more precise, and more effective through the use of cutting-edge technologies.

Chinese scientists have unveiled a compact space launcher, initially designed to remove dangerous space debris, but which could potentially be used as a weapon. The project was conceived by engineers from Nanjing, Shanghai, and Shenyang, and the results were published in the peer-reviewed journal Acta Aeronautica et Astronautica Sinica. The system is based on the principle of gunpowder ejection, known in China since the 9th century, but reworked for the space age. Unlike conventional weapons, which create flashes, vibrations, and clouds of smoke, the new system operates silently and cleanly: no light, no smoke, and almost no vibration. This was made possible

Anthropic has raised the alarm about a new threat related to “smart” browser extensions: Websites can infiltrate hidden commands that an AI agent will execute without thinking. Anthropic has released a research version of the Claude extension for Chrome and simultaneously published internal test results: When run in a browser, models are susceptible to command injections in 23.6% of unprotected test cases. This data has sparked a debate about the safety of integrating autonomous AI agents into web browsers. The extension opens a sidebar with constant context of what’s happening in tabs and, on demand, provides access to specific actions, from recording

In Stavropol, Russian Federation, the race for the regional robotics championship for younger students has officially begun. Applications can be submitted starting August 25th, with a window that will remain open until September 28th. The initiative, promoted by the Ministry of Education of the Stavropol Territory and organized by the regional center “Sirius 26,” aims to involve children in primary and secondary schools, from first to eighth grade. The championship will be divided into two phases. The initial selection will take place online, with participants asked to submit a two- to five-minute video demonstrating how their robot works. The final stage will

In recent months, as previously reported on Red Hot Cyber, a new front has emerged in the corporate phishing landscape: Microsoft Teams attacks in which attackers impersonate IT or help desk personnel. Taking advantage of the platform’s basic features, such as external communication allowed by default, attackers engage users with messages, calls, or screen-sharing requests, often intruding unsuspectingly into Teams chat. The effectiveness of these tactics has grown alongside the widespread adoption of Teams as the primary collaborative work tool. The damage can occur when the victim, believing they are helping an internal technician, accesses remote control sharing or tools (such as

The United States and several allied countries have issued a joint warning about a growing cyber offensive conducted by actors sponsored by the People’s Republic of China. According to a new Cybersecurity Advisory released by the FBI, CISA, NSA, and numerous security agencies in Europe and Asia, Beijing’s APT groups are compromising critical networks and infrastructure globally, aiming to fuel a vast espionage system. The operation is not limited to US cyberspace: targeted attacks have also been reported in Canada, Australia, the United Kingdom, Germany, Japan, and other partner countries, with particular attention to the government sector, transportation, telecommunications, and other sectors

Researchers from Reichman University (Israel) have detailed in an article in the journal Nature Electronics the growing risks and threats posed by natural and man-made factors to undersea communications cables, which form the backbone of the global internet infrastructure and transmit over 95% of international data traffic. Among the examples they cited are a volcanic eruption in 2022 that caused a tsunami and underwater shock waves that severed the fiber-optic link between the Kingdom of Tonga and the Republic of Fiji, plunging the island nation into digital isolation. Over the past year and a half, several new incidents have highlighted the vulnerability