Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Search
Redhotcyber Banner Sito 320x100px Uscita 101125
Banner Ransomfeed 970x120 1

Category: Cybercrime and Darknet

Rise of AI Degrees: Students Shift from Computer Science to AI

Redazione RHC 18/12/2025

A marked shift in college student preferences is taking place in the United States. More and more young people are choosing degrees in artificial intelligence, abandoning traditional computer science, which is considered less career-secure than in the past. The phenomenon is evident at major universities. At MIT, the three-year program in “Artificial Intelligence and Decision Making,” launched in 2022, has become the university’s second-most popular program in just three years, after Computer Science. By 2025, enrollment is expected to reach approximately 330 students. Other universities are following suit. The University of South Florida launched an Artificial Intelligence and Cybersecurity Institute with over

SonicWall SMA1000 Vulnerability: Critical Security Patch Released

Redazione RHC 18/12/2025

Researchers have discovered a vulnerability, identified as CVE-2025-40602, affecting SonicWall’s SMA1000 series of secure access gateways. This flaw is particularly concerning because it could allow an attacker to escalate their privileges within a system without necessarily being present on it. The issue has been officially classified with a CVSS score of 6.6, but the real danger lies in how attackers could exploit it. In fact, the vulnerability has been described as a ” local privilege escalation vulnerability due to insufficient authorization in the SonicWall SMA1000 Appliance Management Console (AMC).” This vulnerability could significantly impact the security of organizations using these devices to

HPE OneView Vulnerability CVE-2025-37164: Critical Security Update Required

Redazione RHC 18/12/2025

Cybersecurity is a serious issue, especially when it comes to vulnerabilities that can compromise an entire system. Well, Hewlett Packard Enterprise (HPE) has just raised the alarm about a truly worrying security flaw in its flagship software, OneView . This vulnerability, identified as CVE-2025-37164, has a maximum CVSS score of 10.0, meaning it’s a very critical bug. In short, failing to update your systems puts you at significant risk, and this is recommended before cybercriminals can gain access to your systems and cause cybersecurity incidents. OneView is the brains of data centers, managing servers, storage, and networking, and is the automation engine

CISA Warns of Critical Vulnerabilities in Cisco, SonicWall, and ASUS Devices

Redazione RHC 18/12/2025

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert including three new vulnerabilities in its catalog of exploited cyber threats (KEVs), highlighting that these flaws are currently being actively exploited by hackers. Among these is CVE-2025-20393, a critical zero-day vulnerability affecting Cisco Secure Email Gateway (SEG) and Web Manager (SEWM) devices, with a CVSS score of 10/10. This vulnerability, rated “maximum severity,” allows unauthenticated attackers to bypass all defenses and execute commands of their choosing with root privileges. The source of the issue lies in an incorrect input validation procedure in the Spam Quarantine feature, which is exposed to

Critical Windows Admin Center Flaw CVE-2025-64669 Exposes Servers to Attack

Redazione RHC 18/12/2025

A security flaw has been discovered in Microsoft’s Windows Admin Center (WAC) . Essentially, a permissions error could allow any standard user to take control of a server. The Cymulate Research Labs team has published a new report detailing the discovery of CVE-2025-64669, a Local Privilege Escalation (LPE) vulnerability (CVSS 7.8). This vulnerability affects the most popular versions of the infrastructure management tool. In short, it’s a vulnerability that could jeopardize server security. The news came after an in-depth analysis by the research team, which focused on the issue. Apparently, the security flaw is a guest star in the most popular versions

Ink Dragon Hackers Uncovered: Sophisticated Cyber Espionage Operation

Redazione RHC 18/12/2025

It was only a matter of time. Governments around the world have now put their security systems on high alert. Indeed, a large-scale espionage operation conducted by a group of Chinese hackers known as Ink Dragon has recently been discovered. The goal? To transform hacked government servers into a distributed command-and-control network. In short, to use the victims as part of their command-and-control infrastructure. A modus operandi that has left security experts speechless. Ink Dragon has been active since early 2023, targeting government, telecommunications, and public sector organizations in Southeast Asia and South America. Even more disturbingly, it has increased its activity

Google Discontinues Dark Web Report, Shifts to Active Protection

Luca Galuppi 17/12/2025

No more useless alerts. No more passive monitoring. Less than two years after its launch, Google has decided to shut down one of the most talked-about digital security tools: the Dark Web Report . The feature, designed to help users find out if their personal data has ended up on the dark web, will cease to exist on February 16, 2026 , while scans for new breaches will stop as early as January 15, 2026 . According to the tech giant, the report “offered general information, but user feedback showed it didn’t provide concrete guidance on what to do.” Google now promises

CyberVolk Ransomware Flawed: Free File Recovery Possible

Redazione RHC 17/12/2025

This isn’t the first time criminal hackers make mistakes, and it won’t be the last. The pro-Russian hacktivist group CyberVolk launched the RaaS service VolkLocker (also known as CyberVolk 2.x). However, security researchers discovered that the malware’s developers made several flaws that allowed victims to recover their files for free. SentinelOne researchers report that the attackers embedded the master encryption key directly into the malware binary and saved it as a plain text file in the %TEMP% folder. The file is called system_backup.key, and everything needed to decrypt the data can be easily extracted from it. Researchers speculate that it’s some sort

OSINT Ethics and Legality: Navigating Open Source Intelligence

Alexandro Irace 17/12/2025

Open Source Intelligence (OSINT) has emerged in recent years as one of the most fascinating, yet most insidious, disciplines in the information and security landscape. Its essence is remarkably simple: extracting and analyzing data from public sources—whether it’s a post on X, a financial statement filed with the Chamber of Commerce, or a scientific article—to transform it into concrete, actionable intelligence. What was once a technique reserved exclusively for government agencies is now a daily tool for investigators, journalists, threat intelligence analysts, and, inevitably, even malicious individuals. And it is precisely this democratization that forces us to ask a fundamental question: where

The Psychology of Passwords: Why Weak Passwords Persist

Simone D'Agostino 17/12/2025

The psychology of passwords starts right here: trying to understand people before systems. Welcome to “The Mind Behind Passwords,” the column that looks at cybersecurity. From a different perspective: that of people. In the digital world, we count everything: attacks, patches, CVEs, indicators. Yet the most crucial element continues to elude metrics: human behavior. Passwords prove it every day. They aren’t created in a lab, but in our heads: through memories, habits, shortcuts, anxieties, good intentions, and that hint of the belief that we’re “unpredictable” while we’re actually doing the exact opposite. Inside a password lies hidden routine, affection, nostalgia, moments of

Category