Cybercrime & Darknet - Red Hot Cyber

Red Hot Cyber

Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.

Category: Cybercrime

Microsoft Windows LNK Vulnerability Exploited by Hackers

Redazione RHC 06/12/2025

Experts have discovered that in the summer of 2025, Microsoft patched a dangerous vulnerability in Windows that had been actively exploited by at least 11 hacker groups, including North Korean APTs and large groups like Evil Corp. This is CVE-2025-949, which allowed attackers to hide malicious commands within LNK files and execute malware undetected on a compromised device. The root of the problem lies in the way Windows handles LNK links. Attackers padded the Target field in the LNK file with spaces to hide malicious command line arguments . The file properties only show the first 260 characters of the Target field,

Apache Tika Vulnerability CVE-2025-66516: Critical XXE Attack Risk

Redazione RHC 06/12/2025

A critical vulnerability has been published in Apache Tika that could allow an XML external entity injection attack, known as XXE . The vulnerability, classified as CVE-2025-66516, has a CVE severity rating of 10.0, indicating maximum severity. CVE-2025-66516 is believed to be identical to CVE-2025-54988 (CVSS score: 8.4), another XXE flaw in the content detection and analysis framework, which was fixed by the project maintainers in August 2025. The new CVE, the Apache Tika team said, broadens the scope of affected packages in two ways. The critical flaw exists in the Apache Tika modules, specifically tika-core (versions 1.13 to 3.2.1), tika-pdf-module (versions

China Accuses US of Cyber Attacks, Denies Involvement in Brickstorm Malware

Redazione RHC 06/12/2025

A spokesperson for the Chinese Embassy in Canada responded to a reporter’s question about the outcry in Canada over so-called “Chinese cyber attacks.” A reporter asked : Recently, the Canadian Cyber Security Centre, along with the U.S. Cybersecurity and Infrastructure Security Agency and the National Security Agency, jointly released an analysis report stating that Chinese government-backed cyber threat actors used the Brickstorm malware to infiltrate the systems of government agencies, facilities, and IT organizations. What is China’s comment? As we all know, the United States is the true “hacker empire,” the master of cyber attacks and the greatest threat to global cybersecurity.

AI Browser Attack: Google Drive Wiper Threat Exposed

Redazione RHC 06/12/2025

Researchers at Striker STAR Labs have described a new agent-based browser attack that can turn a regular email into a near-complete wiper of your Google Drive inbox. The attack targets Comet , an AI-powered browser from Perplexity that can automatically manage a user’s email and cloud. The technique, called Google Drive Wiper, is a ” zero-click ” attack: the user doesn’t have to click on a malicious link or open an attachment. It works by connecting the browser to Gmail and Google Drive via OAuth. The user grants the agent one-time permission to read emails, view files, and perform actions on them

NATO Cyber Coalition Exercise: Enhancing Cyber Defense with 1,300 Experts

Redazione RHC 06/12/2025

NATO held its largest-ever cyber defense exercise, Cyber Coalition, in Estonia, involving approximately 1,300 specialists . The goal was to practice protecting critical infrastructure from large-scale cyber attacks, simulating scenarios involving power plants, refueling terminals, commercial satellites, and military communications networks. Cyber Coalition was conceived from the outset not as a basic cybersecurity exercise, but as a platform for simulating complex, multi-layered incidents. The scenarios are based on the experience of real conflicts in various regions of the world , including attempts to destabilize social conditions, disrupt energy supplies and communications , limit the capabilities of the armed forces, and weaken public

Microsoft 365 Price Hike: What You Need to Know About the 2026 Increase

Redazione RHC 06/12/2025

Starting July 1, 2026, Microsoft 365 and Office 365 subscription prices for business and government customers will increase by 8% to 33% , depending on the plan. This price adjustment will apply to both new contracts and renewals. For example, the Microsoft 365 Business Basic plan will increase from $6 to $7 per month (a 17% increase), while Microsoft 365 E3, one of the most popular plans among large companies, will increase from $23 to $26 (a 13% increase). Government subscriptions are also subject to a similar price increase. Note that these prices do not include Microsoft Copilot, the generative AI service,

React2Shell Vulnerability Exploited by China-Linked Hackers, Patch Now

Redazione RHC 06/12/2025

We often discuss on this site that the window between the publication of an exploit and the launch of active attacks is drastically shrinking. For this reason, it’s increasingly crucial to increase attention to system patching, adopting timely and rigorous update processes to minimize the risk of compromise. Two hacker groups with ties to China began exploiting a critical vulnerability in React Server components just hours after it was publicly disclosed . The vulnerability, CVE-2025-55182, has a maximum vulnerability rating of 10 and has been nicknamed ” React2Shell ” by the community. It allows remote code execution without authentication on the vulnerable

FreeBSD 15.0: Discover the Power of This Unix-like Operating System

Redazione RHC 06/12/2025

Behind many of the digital applications and services we take for granted every day lies a silent giant: FreeBSD . Known primarily to insiders, this Unix-like operating system has become the beating heart of some of the most sophisticated networking infrastructures in the world. Its stability, exceptional performance, and flexibility in network optimization make it the preferred choice for mission-critical and high-traffic environments. Yet, few know that FreeBSD is behind the smooth operation of platforms like WhatsApp , some components of Netflix , Sony PlayStation consoles, and even Juniper Networks firewalls and routers. Thanks to its ability to handle large volumes of

Cloudflare Blocks AI Bots: The Future of Internet Economy at Stake

Redazione RHC 05/12/2025

Since July 1st, Cloudflare has blocked 416 billion requests from artificial intelligence bots attempting to extract content from its customers’ websites. According to Matthew Prince, co-founder and CEO of Cloudflare, efforts to protect resources from unwanted crawling are already having a noticeable impact and could transform the traditional internet economy. The impetus for these measures was provided by the Content Independence Day initiative, launched by Cloudflare this summer in collaboration with major publishers and AI companies. Its essence is to block AI crawlers’ access to content by default, unless the model’s developers have entered into a separate paid agreement. Since July 2024,

React2Shell Vulnerability: 8.7M Servers at Risk – CVE-2025-55182

Redazione RHC 05/12/2025

In 2025, the IT and security communities are buzzing with excitement over a single name: ” React2Shell .” With the disclosure of a new vulnerability, CVE-2025-55182, classified as CVSS 10.0, developers and security experts around the world are warning of its severity, even using the term “2025 Log4Shell.” This threat affects approximately 8,777,000 servers worldwide, including approximately 87,000 in Italy. This suggests that, with a severity score of 10, this could be one of the most significant threats of the year, and it’s becoming “active.” The new Log4Shell of 2025 Indeed, it has been confirmed that the Chinese hacker community has already