Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Search
Banner Ancharia Mobile 1
970x120

Category: Cybercrime and Darknet

DeepSeekMath-V2 Revolutionizes Math with AI-Powered Proof Verification

Redazione RHC 30/11/2025

The Chinese company DeepSeek has introduced a new specialized model for solving mathematical problems , DeepSeekMath-V2. This large-scale language model, specifically designed for theorem proving and Olympiad problems, is unique in that it not only produces answers but also verifies the correctness of its own reasoning. DeepSeekMath-V2 essentially answers an age-old question in artificial intelligence: how to ensure that a model has arrived at the correct solution fairly, rather than guessing the outcome or finding a shortcut that is incorrect . Most modern models are trained to arrive at the correct final answer more frequently, for which they are rewarded with a

Shai-Hulud Attack: npm Supply Chain Compromised Again

Redazione RHC 30/11/2025

The npm ecosystem is once again at the center of a large-scale supply chain attack attributed to the Shai-Hulud campaign. This wave has led to the release of hundreds of seemingly legitimate packages , but altered with malicious code, involving libraries used in popular services such as Zapier, ENS Domains, PostHog, and Postman. According to initial analyses, the attackers’ primary goal was to steal developer credentials and tokens used in continuous integration and deployment (CI/CD) processes. The stolen information was then automatically sent to GitHub in encrypted form. To date, over 27,600 records related to this operation have been identified on GitHub.

ChatGPT to Introduce Targeted Ads, Changing Monetization Strategy

Redazione RHC 29/11/2025

Until now, ChatGPT has been ad-free: no banners, no hidden promotions. Even the paid versions worked without pushy offers. But that could change soon. As reported by user X (formerly of Twitter) under the pseudonym Tibor , references to a new advertising feature appeared in the beta version of the Android app ChatGPT (1.2025.329) . The code contained phrases such as “advertising feature”, “bazaar content”, as well as ” search ad” and “search ad carousel”. For now, it looks like ads will only appear in integrated searches, such as when artificial intelligence accesses the internet to answer a query. But over time,

GitLab Security Updates Fix High-Severity Vulnerabilities CVE-2024-9183

Redazione RHC 29/11/2025

GitLab has released critical security updates for its Community Edition (CE) and Enterprise Edition (EE) to address several high-severity vulnerabilities . The newly released patches 18.6.1, 18.5.3, and 18.4.5 address security vulnerabilities that could allow attackers to bypass authentication, steal user credentials, or launch denial-of-service (DoS) attacks on compromised servers . GitLab security experts and administrators are encouraged to update their self-hosted instances immediately . GitLab.com has completed the patch rollout to protect users. Title Severity Race condition issue in CI/CD cache impacts GitLab CE/EE High Denial of Service issue in JSON input validation middleware impacts GitLab CE/EE High Authentication bypass issue

Apache SkyWalking Vulnerability Exposes Users to XSS Attacks

Redazione RHC 29/11/2025

A vulnerability was recently discovered in Apache SkyWalking , a popular application performance monitoring tool, that attackers could exploit to execute malicious scripts and launch cross-site scripting (XSS) attacks . The vulnerability, identified as CVE-2025-54057 , affects all versions of SkyWalking, up to version 10.2.0. This vulnerability falls under the category of ” stored cross-site scripting (XSS) .” This means that an attacker can inject malicious code into a web page, and when other users view that web page, the code will be executed in their browsers. This could lead to a variety of security issues, including the theft of login credentials

Bloody Wolf Attacks Central Asia with NetSupport RAT via Java Exploits

Redazione RHC 29/11/2025

Group-IB specialists have recorded new attacks by the Bloody Wolf hacker group, which has been targeting Kyrgyzstan since June 2025 and has expanded its operations to Uzbekistan since October. The financial sector, government agencies, and IT companies are at risk. According to researchers, the attackers are impersonating the Kyrgyz Ministry of Justice, using fake PDF documents and seemingly legitimate domains, but are actually distributing Java archives (JARs) containing the NetSupport RAT malware. Bloody Wolf has been active since at least the end of 2023. Previously, the group targeted Kazakhstan and Russia, distributing STRRAT and NetSupport via phishing attacks. The group’s geographic reach

WhatsApp Blocked in Russia: Messaging App Faces Crackdown

Redazione RHC 28/11/2025

The Russian Federation’s Roskomnadzor has announced that it continues to impose systematic restrictions on the messaging app WhatsApp due to violations of Russian law. According to the agency, the service is being used to organize and carry out terrorist attacks in Russia, recruit terrorists, and commit fraud and other crimes against citizens. The report states that WhatsApp fails to comply with requirements aimed at preventing and combating crime in Russia. The regulator emphasized that, under such circumstances, restrictions on the messaging service will be extended, and if it continues to violate Russian law, the service could be completely blocked in the country.

CEO Scam: How to Protect Your Company from Business Email Compromise

Redazione RHC 28/11/2025

This morning, Paragon Sec was contacted by an Italian company that had been the victim of a new fraud attempt known as the CEO Scam . The accounting department received an urgent email, apparently from their CEO, requesting immediate payment of a €4,000 invoice. The message, accompanied by a seemingly authentic invoice, indicated the need for an immediate transfer. The employee in charge of payments, believing he was following a direct order from his manager, made the transfer without further verification . Only later did the bank discover that the IBAN indicated was associated with a fraudulent entity and promptly blocked the

Shai-Hulud Worm Spreads Beyond npm, Attacks Maven

Redazione RHC 28/11/2025

The Shai-Hulud worm has spread beyond the npm ecosystem and was discovered in Maven . Socket specialists noticed an infected package on Maven Central containing the same malicious components used in the second wave of Shai-Hulud attacks. Experts have identified the org.mvnpm:posthog-node:4.18.1 package on Maven Central, which contains two components characteristic of Shai-Hulud: the setup_bun.js loader and the main payload bun_environment.js. Currently, this is the only Java package found containing this malware. “The PostHog project was compromised in both the JavaScript/npm and Java/Maven ecosystems, with the same payload, Shai-Hulud v2, being used in all cases,” the researchers write. It’s important to note

11.7% of jobs could be replaced by artificial intelligence

Redazione RHC 28/11/2025

Artificial intelligence is currently capable of performing work equivalent to 11.7% of US employment . And not just in theory: in terms of monetary value, this value is already comparable to the salaries of human workers. An MIT study , developed as part of Project Iceberg , shows that, at the current level of technological development, it is possible to automate tasks worth approximately 1.2 trillion dollars, a market share in which artificial intelligence can already perform the same functions as humans, while costing less. Unlike previous estimates, which were based on assumptions about the “susceptibility of professions to automation,” the researchers

Category