Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Search
Banner Ancharia Mobile 1
Crowdstriker 970×120

Category: Cybercrime

How Profanity Varies Across Social Media and Cultures

Redazione RHC 15/12/2025

Americans are the most likely to swear on social media, but Australians are more creative in their use of the infamous “f” swear word. This is the conclusion reached by researchers at the University of Eastern Finland after analyzing the behavior of nearly half a million users in the United States, the United Kingdom, and Australia . They found that people swear more among acquaintances than among close friends and rarely swear on smaller social networks. The authors of the study, described in a published paper , analyzed user updates and connections on Twitter from 2006 to 2023, supplementing them with metadata

GhostFrame Phishing Kit: New Stealthy PhaaS Threat Emerges

Redazione RHC 14/12/2025

Barracuda has released details of a new stealthy, evasive phishing-as-a-service (PhaaS) kit that hides malicious content within web page iframes to evade detection and maximize resilience. This is the first time Barracuda has detected a complete phishing framework built around the iframe technique. Threat analysts have been monitoring the new PhaaS since September 2025 and have dubbed it GhostFrame . To date, over a million attacks have been attributed to this kit. Barracuda’s technical analysis shows that GhostFrame’s functionality is deceptively simple, yet highly effective. Unlike most phishing kits, GhostFrame uses a simple, seemingly innocuous HTML file, with all the malicious activity

WhatsApp: all it takes is a phone number to know when you sleep, go out, or come home

Redazione RHC 14/12/2025

A tool has been released that allows for the discreet monitoring of WhatsApp and Signal user activity using just a phone number. The tracking mechanism covers over three billion accounts and allows for the reconstruction of a person’s daily routine with alarming accuracy: the time of return home, periods of active smartphone use, hours of sleep, travel, and prolonged periods of disconnection from the internet. An additional side effect is accelerated battery and mobile data consumption, which goes unnoticed by the device owner. The method is based on the specifications of message delivery protocols in popular messaging apps. The algorithm relies on

Cyber Geopolitics: How Tech Becomes a Global Battleground

Roberto Villani 14/12/2025

Over the past two years, cyber has ceased to be a ” technical ” dimension of the conflict and has become a strategic infrastructure. The consequence is a domino effect: it begins with the US-China competition over semiconductors and AI, passes through the Russia-Ukraine war ( and the Black Sea energy corridors ), and reaches European governance, which is trying to restore order through regulation and compliance while the threat accelerates. This article proposes a mechanism-oriented (not narrative-oriented ) reading of OSINT, with practical indicators useful for those working in cybersecurity, risk, and economic intelligence. US–China: AI chip supply chain a battleground

SOAP Vulnerability in .NET Framework Allows Remote Code Execution

Redazione RHC 14/12/2025

Security researchers have discovered a vulnerability in .NET that could affect several enterprise products and lead to remote code execution. The issue stems from the way Microsoft .NET-based applications handle SOAP messages , and Microsoft, according to researchers, is refusing to fix the issue , shifting the blame onto developers and users. Piotr Bazydło of watchTowr reported the discovery at the Black Hat Europe conference. He said that several commercial and internal solutions are vulnerable to remote code execution (RCE) attacks due to errors in the handling of SOAP messages in .NET applications. The key issue was the SoapHttpClientProtocol class. The researcher

CVE-2025-55182 React Server Components Vulnerability Exploited

Redazione RHC 13/12/2025

A recent report from the Google Threat Intelligence Group (GTIG) illustrates the chaotic results of this information dissemination, highlighting how savvy adversaries have already gained a foothold within targeted networks. A critical vulnerability, identified as CVE-2025-55182, was reported to the security community on December 3, 2025, affecting React Server Components (RSC). This security flaw, with a maximum CVSS score of 10.0, allows attackers to execute arbitrary code on a server by sending a single, specially crafted HTTP request, without requiring authentication. The cyber community reacted swiftly. Immediately after the public announcement, numerous threat clusters were widely exploited, as noted by the Google

Top 25 Software Vulnerabilities 2025: MITRE CWE Ranking and Security Tips

Redazione RHC 13/12/2025

MITRE has released its ranking of the 25 most dangerous software vulnerabilities predicted for 2025, based on data collected through the National Vulnerability Database. These vulnerabilities were identified by analyzing 39,080 Common Vulnerabilities and Exposures (CVE) records reported this year to identify the root causes. The rise in cyber threats has heightened the importance of the annual ranking, which, based on real CVE data, allows for more effective identification and reduction of risks within organizations. Attackers can take control of systems, steal sensitive data, or compromise applications due to these pervasive flaws, which are often easily discovered and exploited. Vulnerability CWE CVEs

Kali Linux 2025.4: Discover the Power of Wayland and Enhanced Security Tools

Redazione RHC 12/12/2025

The recent 2025.4 release of Kali Linux has been made available to the public, introducing significant improvements to the GNOME, KDE, and Xfce desktop environments . From now on, Wayland will be the default window management system, representing a significant improvement over previous versions. The latest update builds on the previous 2025.3 release from September and boasts refined desktop experiences, enhanced VM guest support on Wayland, and a range of new offensive security tools. Desktop Environment Updates It’s important to note that GNOME has completely dropped support for X11, prompting Kali to adopt Wayland as its only Windows server. Kali developers describe

French Interior Ministry Hit by Cyberattack, Data Security at Risk

Redazione RHC 12/12/2025

The French Ministry of the Interior’s email servers were targeted by a cyberattack. The hacker managed to access “several files,” but no “serious compromise” has been detected so far. The news, revealed by BFMTV , was confirmed by Interior Minister Laurent Nuñez on RTL radio. ” There was a cyberattack ,” he said. “An attacker managed to access several files .” The nature and number of files involved are not yet known, according to Laurent Nuñez, who specified that he has no ” signs of serious compromise ” at this stage. Standard security procedures have been implemented and security has been strengthened,

IRS.GOV: alleged data breach affects the accounts of 18 million citizens

Redazione RHC 12/12/2025

An alleged database containing sensitive information on 18 million U.S. citizens over 65 has appeared for sale on a popular dark web forum. The advertiser, who uses the pseudonym “Frenshyny,” claims to have stolen the data directly from the government portal irs.gov , which handles, among other things, tax records and 401(k) retirement plan information. Disclaimer: This report includes screenshots and/or text from publicly available sources. The information provided is for threat intelligence and cybersecurity risk awareness purposes only. Red Hot Cyber condemns any unauthorized access, improper dissemination, or misuse of this data. It is currently not possible to independently verify the

Category