Curiosity, that old rascal. It’s the kind of thing that’s been making people click links or open attachments in a decidedly reckless manner for a long time. After all, it’s one of those tricks cybercriminals know well and have no qualms about incorporating into phishing campaigns. And it works damn well , especially when the fishing nets are cast on a large number of recipients. After all, as long as a method works, why change it? Of course, over time, it’s all about designing the right bait through social engineering techniques. But what matters is crafting a good bait that attracts attention,

A group of scientists has developed a new way to attack large language models : a method called LatentBreak . Unlike previous techniques, it doesn’t use complex hints or unusual characters that are easily detected by defense systems. LatentBreak instead modifies the query at the level of the hidden representations of the model, choosing formulations that seem innocuous but actually trigger a forbidden response. Previously, methods like GCG, GBDA, SAA, and AutoDAN attempted to trick AI with strange or confusing suffixes that distorted the original suggestion. Such attacks increase the so-called perplexity, a measure of how “natural” the text appears to the

A new post on the dark web offers full access to thousands of MySQL servers and databases owned by Italian shared hosting providers. In the last few hours, a new thread appeared on an underground forum with the unequivocal title: “Italian hosting service sites – 9 more 40 servers – 526193 site’s backup – 4631 hosting customer – 6546 MySQL db’s”. Disclaimer: This report includes screenshots and/or text from publicly available sources. The information provided is for threat intelligence and cybersecurity risk awareness purposes only. Red Hot Cyber condemns any unauthorized access, improper dissemination, or misuse of this data. It is currently

A serious security incident has been reported by F5, a leading provider of application security and delivery solutions. A complex nation-state threat actor had gained long-term access to internal systems, leading to the exfiltration of sensitive files. The compromised data included source code and information about previously undisclosed vulnerabilities. According to the company’s official statement, the actor downloaded files containing proprietary source code for its flagship BIG-IP software, which manages load balancing and security for millions of enterprise applications worldwide. While F5 has stated that no critical exploits or active attacks against its customers have been identified, the breach highlights vulnerabilities inherent

A software update released last weekend for Jeep 4xe hybrid models caused a serious malfunction: the vehicles stopped working, leaving owners literally stranded. The problem occurred after a failed over-the-air update to the uConnect system on October 10th. The issue blocked the telematics module, rendering the vehicles unusable. On the evening of October 10, reports of widespread failures began appearing on Jeep owner forums. A customer support representative, who went by the name Kori, warned users to refrain from installing the update and promised that the file had already been discontinued. However, for many drivers, it was too late: they had already

This year, OpenAI announced a series of projects with foreign governments to create “sovereign AI” systems. According to the company, some of these agreements are currently being negotiated with U.S. authorities. The goal is to give national leaders greater control over technology that has the potential to transform their economies. In recent months, “sovereign AI” has become a buzzword in Washington and Silicon Valley . Advocates believe it’s crucial that systems developed in democratic countries be actively deployed globally, especially as Chinese models are increasingly being exported. In its July AI Action Plan, the Trump administration framed this idea as follows: the

A sophisticated attack campaign dubbed “Operation Zero Disk” has recently been detected, where threat actors are actively exploiting a critical vulnerability in the Cisco Simple Network Management Protocol (SNMP) to install Linux rootkits on vulnerable network devices. Beginning in October 2025, the campaign impacted corporate networks, highlighting persistent risks in legacy infrastructure. The primary vulnerability, detailed in Cisco’s security advisory, stems from a buffer overflow in the SNMP authentication framework on Cisco IOS XE software. Trend Micro observed an operation exploiting CVE-2025-20352, which allows remote code execution (RCE) and grants persistent unauthorized access, primarily targeting older Cisco switches that lack modern protections.

The Australian Signals Directorate (ASD) has issued a new warning about the growing activity of Chinese Communist Party-sponsored hacker groups, accused of conducting digital espionage and data theft operations against Australian institutions. The Cyber Threat Report 2024-2025 , released on Tuesday, highlights that over the past year the ASD managed 1,200 cybersecurity incidents , marking an 11% increase over the previous year. APT40: Beijing’s cyber spy The document attributes much of the intrusions to the APT40 group, linked to China’s Ministry of State Security (MSS) . The group is believed to be involved in infiltration campaigns aimed at gathering strategic information from

OpenAI is preparing a major change to ChatGPT’s rules: starting in December, age-verified users will be able to interact with adult content, including erotica. The company’s CEO, Sam Altman, announced the change, emphasizing his commitment to respecting adult users. This change will be part of the age restriction system that OpenAI intends to fully implement by the end of the year. The company had previously announced its intention to allow the development of ChatGPT apps with adult content, subject to all required controls and age verification. It’s now clear that this isn’t just about external developments: the platform itself will begin supporting

Harvard University has confirmed that it was hit by a recent campaign that exploited a vulnerability in Oracle’s E-Business Suite (EBS). In a statement to Recorded Future News, the university said it was investigating recent hacker reports that data was stolen from the system. Officials confirmed that the incident “impacted a limited number of individuals associated with a small administrative unit.” “Harvard is aware of reports that data associated with the University was obtained due to a zero-day vulnerability in the Oracle E-Business Suite system. This issue has impacted many Oracle E-Business Suite customers and is not unique to Harvard,” a university