Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Search
LECS 320x100 1
970x20 Itcentric

Category: Cybercrime and Darknet

OpenAI Faces Fierce Competition from Google’s Gemini 3

Redazione RHC 01/12/2025

OpenAI, a company valued at around $500 billion, is facing increasingly fierce technical competition . Google’s latest version of Gemini 3 , in particular, outperforms OpenAI’s GPT-5 in several areas. “The world today is profoundly different from the situation two years ago, when OpenAI was ahead of everyone else,” Thomas Wolf, co-founder and chief scientific officer of the artificial intelligence platform Hugging Face, told the Financial Times . OpenAI CEO Sam Altman himself recently admitted in a leaked memo to staff that the company must prepare for a period of intense competition. Just a year ago, Google’s position seemed less favorable, but

Leonardo’s Michelangelo Dome: AI-Powered Defense Against Hypersonic Threats

Redazione RHC 30/11/2025

Italian defense company Leonardo has unveiled its new Michelangelo Dome system . According to the company, it is designed to counter hypersonic missiles and mass drone attacks . During the technical presentation to the Italian Minister of Defense and Chiefs of Staff, CEO Roberto Cingolani announced plans to begin deployment as early as 2026 and reach full operational capability by 2028. The name says it all, and the resemblance to Israel’s famous Iron Dome is clearly intentional. The Israeli system, operational since 2011, served as a model. But Michelangelo Dome goes much further: it is not conceived as a single weapons system,

Windows 11 Password Issue: Microsoft Warns of Invisible Icon Bug

Redazione RHC 30/11/2025

Microsoft has warned users of a Windows 11 glitch: after the release of updates starting in August 2025 , the password-based sign-in button may disappear from the lock screen. While the feature itself still works, the icon simply becomes invisible. As Microsoft explained in its updated guide, the issue affects devices with multiple sign-in methods enabled: PIN, security key, password, fingerprint, etc. Hovering your mouse over the icon’s previous location displays an invisible hotspot . Clicking it opens the password entry field. There are currently no workarounds other than relying on your intuition. Microsoft has stated that it is working on a

CISA Warns of OpenPLC ScadaBR Vulnerability Exploitation

Redazione RHC 30/11/2025

The Cybersecurity and Infrastructure Security Agency (CISA) has expanded its list of exploited vulnerabilities (KEVs), reporting a new vulnerability affecting OpenPLC ScadaBR , due to ongoing active exploitation indications. This security flaw, identified as CVE-2021-26829 with a CVSS score of 5.4, affects Windows and Linux versions of the software due to a cross-site scripting (XSS) vulnerability in the system_settings.shtm page. Just over a month after Forescout reported that a pro-Russian hacktivist group known as TwoNet had targeted its honeypot in September 2025, mistaking it for a water treatment plant, the security flaw was added to the KEV catalog. Affected versions include: “The

The Power of A* Algorithm in Artificial Intelligence and Robotics

Redazione RHC 30/11/2025

Nearly everything artificial intelligence does today is based on a simple but fundamental idea: any problem can be reduced to finding a path from a starting point to a goal. The computer considers several states, evaluates which are closest to the result, and proceeds in sequence until it finds a solution. The most obvious comparison is navigation. When a person plots a route on the London Underground, say from Bond Street to King’s Cross, they mentally consider the options: the Central Line to Oxford Circus, a transfer to the Victoria Line, Warren Street, Euston, and finally the final destination. A computer does

WhatsApp Messages Contain Hidden GPS Data, Expert Warns

Redazione RHC 30/11/2025

According to computer forensics expert Elom Daniel, WhatsApp messages can contain hidden geolocation data even when the user hasn’t intentionally shared their location. He claimed to have received a routine WhatsApp message from a friend on September 3rd and subsequently had his smartphone analyzed during a forensic analysis. During this process, the device revealed the sender’s exact coordinates at the time the message was sent. “Imagine receiving a regular WhatsApp message and then discovering that it secretly contains a person’s exact location, even though they never sent it,” Daniel wrote on social media platform X. He claims that neither he nor the

DeepSeekMath-V2 Revolutionizes Math with AI-Powered Proof Verification

Redazione RHC 30/11/2025

The Chinese company DeepSeek has introduced a new specialized model for solving mathematical problems , DeepSeekMath-V2. This large-scale language model, specifically designed for theorem proving and Olympiad problems, is unique in that it not only produces answers but also verifies the correctness of its own reasoning. DeepSeekMath-V2 essentially answers an age-old question in artificial intelligence: how to ensure that a model has arrived at the correct solution fairly, rather than guessing the outcome or finding a shortcut that is incorrect . Most modern models are trained to arrive at the correct final answer more frequently, for which they are rewarded with a

Shai-Hulud Attack: npm Supply Chain Compromised Again

Redazione RHC 30/11/2025

The npm ecosystem is once again at the center of a large-scale supply chain attack attributed to the Shai-Hulud campaign. This wave has led to the release of hundreds of seemingly legitimate packages , but altered with malicious code, involving libraries used in popular services such as Zapier, ENS Domains, PostHog, and Postman. According to initial analyses, the attackers’ primary goal was to steal developer credentials and tokens used in continuous integration and deployment (CI/CD) processes. The stolen information was then automatically sent to GitHub in encrypted form. To date, over 27,600 records related to this operation have been identified on GitHub.

ChatGPT to Introduce Targeted Ads, Changing Monetization Strategy

Redazione RHC 29/11/2025

Until now, ChatGPT has been ad-free: no banners, no hidden promotions. Even the paid versions worked without pushy offers. But that could change soon. As reported by user X (formerly of Twitter) under the pseudonym Tibor , references to a new advertising feature appeared in the beta version of the Android app ChatGPT (1.2025.329) . The code contained phrases such as “advertising feature”, “bazaar content”, as well as ” search ad” and “search ad carousel”. For now, it looks like ads will only appear in integrated searches, such as when artificial intelligence accesses the internet to answer a query. But over time,

GitLab Security Updates Fix High-Severity Vulnerabilities CVE-2024-9183

Redazione RHC 29/11/2025

GitLab has released critical security updates for its Community Edition (CE) and Enterprise Edition (EE) to address several high-severity vulnerabilities . The newly released patches 18.6.1, 18.5.3, and 18.4.5 address security vulnerabilities that could allow attackers to bypass authentication, steal user credentials, or launch denial-of-service (DoS) attacks on compromised servers . GitLab security experts and administrators are encouraged to update their self-hosted instances immediately . GitLab.com has completed the patch rollout to protect users. Title Severity Race condition issue in CI/CD cache impacts GitLab CE/EE High Denial of Service issue in JSON input validation middleware impacts GitLab CE/EE High Authentication bypass issue

Category