Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Search
Banner Ransomfeed 320x100 1
LECS 970x120 1

Category: Cybercrime

Malicious VSCode Extensions Steal Crypto Wallets and Browser Sessions

Redazione RHC 10/12/2025

Two malicious extensions have been discovered that infect developers’ computers with stealer programs on Microsoft’s Visual Studio Code marketplace. The malware can take screenshots, steal passwords and cryptocurrency wallets, and even hijack browser sessions. Researchers at Koi Security have discovered the malicious extensions Bitcoin Black and Codo AI, which masquerade as a theme and AI assistant. Both malware were released under the developer name BigBlack . At the time of the researchers’ report, Codo AI was still available on the store, although it had fewer than 30 downloads. Bitcoin Black had only one installation. According to experts, Bitcoin Black uses the “*”

Windows Cloud Files Mini Filter Vulnerability Under Active Exploitation

Redazione RHC 10/12/2025

A zero-day vulnerability in the Windows Cloud Files Mini Filter driver (cldflt.sys) is currently being actively exploited. Microsoft has released urgent security updates to address this vulnerability. The vulnerability is classified as high, according to the CVSS v3.1 base score of 7.8; furthermore, according to the advisory released by Microsoft, it appears that attackers are using working exploits on the machines in order to gain SYSTEM privileges. A wide range of Windows operating systems, from the latest versions of Windows 11, such as 25H2, and Windows Server 2025, up to Windows 10 version 1809, are affected by this privilege escalation (PLE) vulnerability.

The Dark Side of AI: How Technology is Being Used to Control Humans

Sandro Sana 10/12/2025

Cory Doctorow says it with the clarity of someone who has studied the consequences of digital capitalism for years: AI, as it’s sold today, isn’t about enhancing humans. It’s about using them. And that’s a huge difference. Doctorow talks about centaurs and reverse-centaurs . The centaur is the romantic image of technology that amplifies man: the half-human, half-machine being who, thanks to hybridization, becomes more competent, faster, more effective. The reverse-centaur, on the other hand, is the modern nightmare: the machine in command and the human relegated to the role of corrective appendage , the organic element necessary only for: And this,

Gartner Warns: AI-Powered Browsers Pose Significant Security Risks to Businesses

Redazione RHC 10/12/2025

Gartner analysts have urged businesses to temporarily stop using browsers with built-in artificial intelligence (AI) capabilities . In a recent advisory, the company emphasizes that such tools pose unnecessary risks to corporate security and that their default settings are more focused on convenience than data protection. Gartner explains that AI-powered browsers include solutions like Perplexity’s Comet and OpenAI’s ChatGPT Atlas, which feature a sidebar with automated web page analysis capabilities, as well as mechanisms that allow the program to independently navigate websites and perform actions in authorized sessions. According to the report’s authors, this approach results in the content of active tabs,

Asus Hacked: Everest Ransomware Group Claims Data Breach

Redazione RHC 10/12/2025

Asus announced that one of its suppliers had been hacked. Meanwhile, the Everest ransomware group claimed to have stolen a terabyte of data from three companies: Asus, Qualcomm, and ArcSoft. According to the criminal hackers, the data leak involved not only documents, but also the source code for the smartphone’s camera software, artificial intelligence models, and internal software. Asus representatives say the issue only affected one of the company’s suppliers: the attackers managed to access part of the phone’s camera software source code. However, the company insists that no damage was caused to its systems, products, or customer data. Disclaimer: This report

Fortinet Vulnerability: Critical FortiOS, FortiWeb, FortiProxy, FortiSwitchManager Update

Redazione RHC 10/12/2025

A critical vulnerability affecting the FortiOS, FortiWeb, FortiProxy , and FortiSwitchManager product lines has been reported by Fortinet via an urgent security advisory. This advisory was issued in connection with security flaws affecting these products. An attacker could gain unauthorized administrative access to the device by crafting a targeted SAML message if the vulnerability is exploited. This vulnerability is caused by the device’s inability to properly verify SAML message signatures. Fortinet recommends its customers update to the latest versions below. For organizations unable to apply the patches immediately, a workaround has been made available. By disabling the FortiCloud access feature, administrators can

Cybersecurity Certifications: Boost Your Career with CompTIA Security+

Matteo Schirinzi 10/12/2025

The cybersecurity landscape in Europe and Italy is rapidly evolving: increasing digitalization, regulations such as GDPR and NIS2, and the exponential increase in cyberattacks make it essential to invest in vertical cybersecurity expertise. In this article, we analyze and create a useful and effective roadmap for a career in cyber, from entry level to C-Level, with a focus and specific resources on CompTIA Security+ and the courses offered by the RedHot Cyber Academy. Entry-Level Certifications The ideal certifications for those starting out and/or wanting to start working in the cyber world: We highlight how the RedHot Cyber Academy’s Cybersecurity for Beginners course

US Allows Nvidia to Sell Advanced AI Chips to China, Easing Export Restrictions

Redazione RHC 09/12/2025

It seems the White House isn’t entirely clear … at least judging by yet another change of heart regarding the sale of Nvidia’s advanced chips to China, with the Trump administration having decided to once again authorize exports of the H200 to select customers after months of restrictions. US President Donald Trump has authorized Nvidia to resume sales of its advanced H200 chip to select customers in China , following months of restrictions imposed amid tech tensions between Washington and Beijing. The announcement came on December 8 in a message posted by the president on social media , in which he reiterated

Taiwan Cracks Down on Submarine Cable Sabotage with New Laws

Redazione RHC 09/12/2025

In recent years, Taiwan’s underwater infrastructure—electricity cables, gas pipelines, and water systems—has been damaged on several occasions, particularly communications cables. On December 9, the Legislative Yuan passed a third reading of a series of amendments to the Electricity Law , the Natural Gas Activities Law , and the Water Supply Law , part of a legislative package known as the “Seven Undersea Cable Laws.” The new rules establish harsher penalties for those who intentionally tamper with such infrastructure: imprisonment of up to seven years, with a maximum fine of NT$10 million. The new rules also provide for the confiscation of any vessels

Ransomware Attacks Decline in 2024, But Threat Remains High with $734M in Ransom

Redazione RHC 09/12/2025

According to a recently released report by the Financial Crimes Enforcement Network (FinCEN) , global ransomware activity peaked in 2023, only to plummet in 2024. This decline is attributed to successive attacks on large-scale ransomware groups, including ALPHV (BlackCat) and LockBit, through collaborative international investigations. FinCEN analyzed thousands of reports under the Bank Secrecy Act (BSA) filed by financial institutions between January 2022 and December 2024, identifying 4,194 cases of ransomware and over $2.1 billion in ransoms. This figure is nearly equal to the total reported in the eight-year period from 2013 to 2021. $4.5 billion: The ransomware economy between 2013 and

Category