Cybercrime & Darknet - Red Hot Cyber

Red Hot Cyber

Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.

Category: Cybercrime

Embracing Vulnerability for Authentic Leadership and Team Growth

Daniela Linda 09/12/2025

We’re connected, connected to everything, hyperconnected. Our professional and social lives are dictated by extremely tight deadlines and a constantly rising bar; we must push. We tacitly demand that we be perfect machines, infallible systems, active, proactive, always alert. But wait a moment: human beings are not machines and, without a doubt, are not perfect. In an operating system or complex software, we know that, at some point, a system bug or structural weakness will likely be found and immediate action will be taken to repair or prevent damage or potential damage. So why do we accept fragility in the systems we

CISA Warns: Avoid Personal VPNs for Secure Mobile Communications

Redazione RHC 09/12/2025

In new mobile communications advisories, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a stern warning to smartphone owners : avoid using personal VPN services. The document, aimed at iPhone and Android users, states that such services often don’t mitigate risks, but simply change the focus of threats. According to CISA, personal VPNs transfer residual risks from the ISP to the VPN provider, often increasing the attack surface. The user effectively transfers trust to the VPN service, and many of these providers, according to the agency, have questionable security and privacy policies. The warning is part of a broader campaign

SAP Security Update Fixes Critical Code Injection Vulnerability in Solution Manager

Redazione RHC 09/12/2025

SAP has just released its latest annual security update, which contains 14 new security bug fixes. Among them is a A critical “code injection” flaw in SAP Solution Manager poses a high risk to the integrity of enterprise systems, with a severity rating very close to maximum. This vulnerability, which has a CVSS score of 9.9, is labeled “Critical.” Its cause lies in the lack of proper input sanitization, which allows an authenticated attacker to execute malicious code by calling a function module that can be enabled remotely. In this collection of fixes, two other critical notes emerge: One of the most

Passwordless Authentication: The Future of Secure Online Access

Redazione RHC 09/12/2025

Using passwords to access online accounts is no longer as secure as it once was. In fact, passwords are now one of the most common vulnerabilities used by cybercriminals to gain access to our data. Many users use the same password for multiple services or choose passwords that are too simple. Others save them insecurely so they can remember them. The result? A single breach can put multiple accounts at risk simultaneously. A staggering figure: 244 million leaked passwords were found on a single criminal forum. And half of the world’s internet users were exposed to attacks based on credential reuse. For

Critical PromptPwnd Vulnerability Exposes AI-Powered GitLab, GitHub Pipelines

Redazione RHC 09/12/2025

A critical vulnerability, identified as “PromptPwnd,” affects AI agents that are integrated into the GitLab CI/CD and GitHub Actions pipelines. Through this vulnerability, attackers are able to inject malicious commands via unsafe user input . This tricks AI models into performing operations with elevated privileges, which could lead to the disclosure of confidential information or modification of workflows. Agents like Gemini CLI, Anthropic’s Claude Code, OpenAI Codex, and GitHub AI Inference then process these inputs alongside high-privilege tools, including gh issue edit or shell commands that access GITHUB_TOKEN , API keys, and cloud tokens. The attack chain discovered by Aikido Security begins

LLM-Powered Malware: The Future of Autonomous Cyber Threats

Redazione RHC 09/12/2025

Researchers at Netskope Threat Labs have just published a new analysis on the possibility of creating autonomous malware built exclusively from Large Language Models (LLMs), eliminating the need to encode detectable instructions. LLMs have rapidly revolutionized the industry, becoming valuable tools for automation, coding assistance, and research. However, their widespread adoption raises a number of critical cybersecurity challenges. It is now possible to have malware interact with GPT-3.5-Turbo and GPT-4, which establishes the possibility of an autonomous threat powered by LLMs. Netskope Threat Labs set out to test the feasibility and reliability of fully autonomous malware generated by LLMs. Their tests confirmed

Intellexa Exploits Zero-Day Vulnerabilities with Spyware

Redazione RHC 08/12/2025

Despite significant geopolitical challenges, the mercenary spyware industry remains a resilient and persistent threat; in this context, the well-known vendor Intellexa continues to expand its arsenal. A recent report from the Google Threat Intelligence Group (GTIG) highlights how the company, famous for its “Predator” spyware, is not only resisting US sanctions , but is also actively circumventing restrictions to continue to thrive , by exploiting a steady stream of zero-day vulnerabilities. Intellexa has built a formidable reputation in the surveillance market. According to a Google analysis , the vendor has “solidified its position as one of the most prolific, if not the

Malaysia Cracks Down on Bitcoin Mining Thefts

Redazione RHC 08/12/2025

Thieves usually target tangible assets: cash or non-cash, jewelry, cars. But with cryptocurrencies, things are much stranger. Malaysian police are hunting down around 14,000 illegal Bitcoin mining companies that have stolen approximately $1.1 billion in electricity from the country’s grid over the past five years. To detect these underground mining operations, law enforcement agencies are forced to deploy drones and use handheld sensors to detect anomalous energy consumption . The result is a virtual cat-and-mouse game of espionage , clearly demonstrating how profitable cryptocurrency mining can be when someone else pays for the electricity. Bitcoin’s price surged this year, reaching a new

Australia Bans Social Media for Under 16s: What You Need to Know

Redazione RHC 08/12/2025

Australia is soon to introduce groundbreaking legislation banning social media access for children under 16, an initiative that will set a precedent worldwide. A similar measure will soon be adopted in Malaysia, Denmark, and Norway, which will follow Australia’s lead, while the European Union, with a recently approved resolution, has expressed its intention to introduce similar restrictions. As the legislation comes into force on December 10, millions of Australian teenagers and their families are anxiously awaiting its implementation, wondering what the actual implications of this ban will be. The Australian government’s new initiative to limit teens’ access to social media is already

Palo Alto Networks VPN Vulnerability Exploited by Hackers

Redazione RHC 08/12/2025

An increasingly aggressive campaign, directly targeting remote access infrastructure, has prompted threat actors to actively attempt to exploit vulnerabilities in Palo Alto Networks’ GlobalProtect VPN portals . On December 5, Palo Alto Networks issued an urgent advisory, urging customers to adopt multi-factor authentication (MFA) , limit portal exposure through firewalls, and apply the latest patches. Organizations using the popular VPN solution to secure remote work have been put on high alert, according toGrayNoise ’s monitoring report, which detected scans and exploitation efforts from over 7,000 unique IP addresses globally . Targeting observed by Ip (Source: GreyNoise) Starting in late November 2025, attacks