Critical vulnerabilities and CVE: latest security flaws, patches and exploits

Red Hot Cyber

Cybersecurity, Cybercrime News and Vulnerability Analysis

Category: Vulnerability

ragno spider malware Constant monitoring of security vulnerabilities and bugs, focusing on the latest critical CVEs and risks to systems and digital infrastructure. Guides, patches, updates, and expert advice to prevent attacks and safeguard data. Red Hot Cyber provides in-depth analysis and expert content for IT professionals, organizations, and cybersecurity enthusiasts seeking to stay secure.

Numero di articoli trovati: 12

Linux Under Fire: Just 4 Bytes Are Enough for Root Access

A newly discovered vulnerability, tracked as CVE-2026-31431 and nicknamed Copy Fail, stands out as one of the most insidious Linux kernel bugs identified in recent years. The issue originates in...

From CVSS 9.8 to 7.0: What Happened to the Telegram Bug?

Yesterday, a critical vulnerability affecting the Telegram messenger was reported in the registry of the Zero Day Initiative (ZDI), identified as ZDI-CAN-30207. The issue was discovered by Michael DePlante, a...

Just one Telegram sticker can hack you: the critical 9.8 RCE vulnerability still has no patch

There is something deeply unsettling about this vulnerability: no click is required, nothing needs to be opened. Simply receiving the content is enough. Researchers from the Trend Micro Zero Day...

A RCE vulnerability in Wing FTP Server rated 10 opens the door to 10,000 companies.

Huntress researchers have detected active exploitation of a critical vulnerability in Wing FTP Server, just one day after its public disclosure. The vulnerability CVE-2025-47812 has been assigned the highest severity...

Critical Vulnerabilities Discovered in Hundreds of Brother and Other Printers

Hundreds of printer models from Brother and other manufacturers (Fujifilm, Toshiba, Ricoh and Konica Minolta) have been found to be vulnerable to serious vulnerabilities discovered by researchers at Rapid7. For...

Echelon Stealer: The Open Source Malware

Echelon Stealer is an infostealer malware that was first discovered in 2018 and is still active. Currently shared as an open-source tool on GitHub, Echelon Stealer offers various advanced features...

PoC Released for SQL Injection Without Authentication on WordPress WZone Plugin

A proof of concept (PoC) for a critical vulnerability identified as CVE-2024-33544 has recently been released. This vulnerability involves an unauthenticated SQL injection, which poses a serious threat to the...

Dangerous 0day Windows LPE Vulnerability for Sale in the Underground

A malicious actor, under the name "tikila", has posted an advertisement on a hacking forum for the sale of a local privilege escalation (LPE) vulnerability for Windows. According to the...

Critical Apache Tomcat Vulnerability CVE-2024-34750 Could Bring Your Server to a Halt!

The vulnerability CVE-2024-34750 in Apache Tomcat, as described in the security bulletin AL01/240705/CSIRT-ITA, concerns an issue that can be exploited to overload the server's computing resources, leading to a Denial...

Serious Vulnerability in Windows Systems: Here’s How an Attacker Can Gain Complete Control of Your PC

A severe security vulnerability has been discovered in MSI Center, a widely used software on Windows systems. This flaw, classified as CVE-2024-37726 and with a CVSS score of 7.8 (high), allows a low-privileged attacker...