Two significant elevation of privilege vulnerabilities affecting Windows BitLocker encryption have been addressed by Microsoft. These flaws, identified as CVE-2025-54911 and CVE-2025-54912, have been classified as high severity. These vulnerabilities...
Adobe has reported a critical bug (CVE-2025-54236) affecting the Commerce and Magento platforms. Researchers have called this vulnerability SessionReaper and describe it as one of the most serious in the...
A Limes Security researcher, under the pseudonym f0rw4rd, has presented a new tool for developers and testers: tls-preloader. This is a universal library that allows you to completely disable TLS...
Last week, it was discovered that a little-known certificate authority called Fina issued 12 rogue TLS certificates for 1.1.1.1 (a popular Cloudflare DNS service) between February 2024 and August 2025,...
A security flaw has been discovered in Fortinet's FortiDDoS-F product line that could allow a privileged attacker to execute prohibited commands. The vulnerability, classified as CVE-2024-45325, involves an operating system...
Microsoft Corporation, according to Datacenter Dynamics, has joined the World Nuclear Association (WNA), an international nonprofit organization based in London that promotes nuclear energy. The World Nuclear Association was founded...
An independent researcher named Alexander Popov has presented a new technique for exploiting a critical vulnerability in the Linux kernel, assigned the identifier CVE-2024-50264. This use-after-free error in the AF_VSOCK...
Google wants to make it easier for users to access AI Mode by allowing them to set it as their default search (instead of traditional links). AI Mode is a...
Manuel Roccon, leader of Red Hot Cyber's HackerHood ethics team, has created a detailed video demonstration on YouTube that demonstrates in a practical way how the exploit based on the...
eSentire has reported the discovery of a new botnet called NightshadeC2, which uses unconventional methods to bypass protection and sandboxes. The malware is distributed via counterfeit versions of legitimate programs...
Stay updated with the latest cybersecurity news in real time, including critical vulnerability alerts, zero-day exploits, software patches and data breach reports. Expert analysis on global cyber threats, hacking campaigns, malware and ransomware activities, curated by the Red Hot Cyber editorial team to provide timely insights, context and awareness for security professionals and organizations worldwide.
