Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Search
TM RedHotCyber 320x100 042514
TM RedHotCyber 970x120 042543

Category: Cybercrime

WatchGuard Firewall Zero-Day Vulnerability CVE-2025-14733 Exploited

Redazione RHC 19/12/2025

A critical zero-day vulnerability, identified as CVE-2025-14733, has left network administrators on their knees, forcing them into a race against time to secure their systems. This flaw, with a CVSS score of 9.3 found on WatchGuard firewalls, is truly dangerous: it allows unauthenticated attackers to execute arbitrary code and take control of corporate firewalls. And the fact that threat actors are already attempting to exploit this vulnerability only adds to the alarm. So, let’s take a closer look at what’s happening and how this vulnerability can be exploited by attackers. The iked process, which handles IKEv2 (Internet Key Exchange) negotiations for VPNs,

Google and Apple Embrace Interoperability with Android iOS Data Transfer

Redazione RHC 19/12/2025

Users looking to switch from an iOS to Android ecosystem or vice versa often face less of a challenge than easily transferring photos, conversation logs, and archives from previous devices. However, thanks to Google’s technological advances and increasing regulatory pressure from the European Union , the barriers between ecosystems that have existed for years are about to be overcome like never before. Google recently enabled the Pixel 10 series to wirelessly share data with iPhones. This comes after Chinese brands like Vivo and OPPO enabled AirDrop- like file sharing between Android and iPhone using custom solutions. The Mountain View company is now

Ink Dragon Targets Europe: Exploiting SharePoint and IIS Vulnerabilities

Sandro Sana 19/12/2025

This news comes to us from Recorded Future (Insikt Group) News & Research feed: Check Point Research has documented a new wave of activity attributed to the China-linked threat actor Ink Dragon , with a more marked expansion towards European government networks (no longer “just” Southeast Asia and South America). And this is where it gets awkward: when it comes to “government targets in Europe,” Italy isn’t a bizarre exception. It’s a natural target: central and local governments, defense/suppliers, telcos, and all those related industries that thrive on intranets, portals, document management, and “SharePoint, which is internal anyway.” Spoiler alert: it often

Bypassing AI Safety: EchoGram Exposes Vulnerabilities in LLM Defenses

Redazione RHC 19/12/2025

Large language models are typically released with security constraints : separate AIs from the main LLM ensure that malicious suggestions aren’t passed as input and malicious responses aren’t produced as output. But HiddenLayer researchers have shown that these constraints can be circumvented with one or two odd query strings : sometimes, simply adding something like “=coffee” to the end of the prompt is enough. The HiddenLayer team developed a technique called EchoGram . It specifically targets the defensive patterns that precede the main LLM and decide whether or not to allow a request to be executed. Essentially, it’s a way to simplify

E-Note Shutdown: Major Blow to Cybercrime and Ransomware

Redazione RHC 19/12/2025

When we talk about cybercrime, we often think of something far away, something that doesn’t concern us. But the truth is that cyberattacks can happen to anyone and have devastating consequences. Just think of the hackers who have targeted hospitals and critical infrastructure, putting people’s lives at risk. Precisely for this reason, it is important that authorities take drastic measures to stop these criminals. In the United States, Germany, and Finland, law enforcement agencies have joined forces to shut down a cryptocurrency platform used by cybercriminals to launder money. The platform in question was E-Note, a service that, according to the U.S.

French Police Arrest Suspect in Cyberattack on Interior Ministry

Redazione RHC 18/12/2025

French law enforcement has arrested a 22-year-old man suspected of carrying out a recent cyberattack on the Ministry of the Interior. The attack occurred in mid-December and targeted the agency’s internal email servers. The Paris prosecutor’s office said the arrest took place on December 17 as part of an investigation conducted by a specialized IT unit. According to investigators, the defendant gained unauthorized access to an automated personal data processing system, which constitutes a crime committed within the framework of an organized crime . The maximum penalty for such an act in France is up to ten years in prison. The inmate

Rise of AI Degrees: Students Shift from Computer Science to AI

Redazione RHC 18/12/2025

A marked shift in college student preferences is taking place in the United States. More and more young people are choosing degrees in artificial intelligence, abandoning traditional computer science, which is considered less career-secure than in the past. The phenomenon is evident at major universities. At MIT, the three-year program in “Artificial Intelligence and Decision Making,” launched in 2022, has become the university’s second-most popular program in just three years, after Computer Science. By 2025, enrollment is expected to reach approximately 330 students. Other universities are following suit. The University of South Florida launched an Artificial Intelligence and Cybersecurity Institute with over

SonicWall SMA1000 Vulnerability: Critical Security Patch Released

Redazione RHC 18/12/2025

Researchers have discovered a vulnerability, identified as CVE-2025-40602, affecting SonicWall’s SMA1000 series of secure access gateways. This flaw is particularly concerning because it could allow an attacker to escalate their privileges within a system without necessarily being present on it. The issue has been officially classified with a CVSS score of 6.6, but the real danger lies in how attackers could exploit it. In fact, the vulnerability has been described as a ” local privilege escalation vulnerability due to insufficient authorization in the SonicWall SMA1000 Appliance Management Console (AMC).” This vulnerability could significantly impact the security of organizations using these devices to

HPE OneView Vulnerability CVE-2025-37164: Critical Security Update Required

Redazione RHC 18/12/2025

Cybersecurity is a serious issue, especially when it comes to vulnerabilities that can compromise an entire system. Well, Hewlett Packard Enterprise (HPE) has just raised the alarm about a truly worrying security flaw in its flagship software, OneView . This vulnerability, identified as CVE-2025-37164, has a maximum CVSS score of 10.0, meaning it’s a very critical bug. In short, failing to update your systems puts you at significant risk, and this is recommended before cybercriminals can gain access to your systems and cause cybersecurity incidents. OneView is the brains of data centers, managing servers, storage, and networking, and is the automation engine

CISA Warns of Critical Vulnerabilities in Cisco, SonicWall, and ASUS Devices

Redazione RHC 18/12/2025

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert including three new vulnerabilities in its catalog of exploited cyber threats (KEVs), highlighting that these flaws are currently being actively exploited by hackers. Among these is CVE-2025-20393, a critical zero-day vulnerability affecting Cisco Secure Email Gateway (SEG) and Web Manager (SEWM) devices, with a CVSS score of 10/10. This vulnerability, rated “maximum severity,” allows unauthenticated attackers to bypass all defenses and execute commands of their choosing with root privileges. The source of the issue lies in an incorrect input validation procedure in the Spam Quarantine feature, which is exposed to

Category