Red Hot Cyber, il blog italiano sulla sicurezza informatica
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Select language
Italian Spanish
Search
320x100 Itcentric
Crowdstriker 970×120

Category: Bug and vulnerability

The Race to 0day! China Advances in Offensive Cyberpower, While the US Is Forced to Chase

Redazione RHC 30/06/2025

China’s growing rise has prompted U.S. officials to strongly emphasize the need to improve its offensive cyber capabilities. However, some doubts remain about the ability to meet the challenge, given the heavy dependence on foreign suppliers and the lack of adequate cyber skills at the domestic level, which could negatively impact the availability of resources and manpower. Industry experts point out that China has now converted the East Asian security ecosystem into a unique opportunity for itself. Since 2016, Beijing has embarked on a strategy of purchasing and acquiring unique hacking tools, intended for military and intelligence purposes, precluding the United States

Critical Vulnerabilities Discovered in Hundreds of Brother and Other Printers

Redazione RHC 27/06/2025

Hundreds of printer models from Brother and other manufacturers (Fujifilm, Toshiba, Ricoh and Konica Minolta) have been found to be vulnerable to serious vulnerabilities discovered by researchers at Rapid7. For example, the printers come with a default administrator password that can be generated by remote attackers. In total, experts have identified eight different issues in Brother printers: CVE Description What does it affect? CVSS CVE-2024-51977 An unauthenticated attacker can cause the leak of sensitive information. HTTP (port 80), HTTPS (port 443), IPP (port 631) 5.3 points CVE-2024-51978 An unauthenticated attacker can generate a default password for the administrator. HTTP (port 80), HTTPS

Citrix: New Critical Vulnerability from 9.2 Affects NetScaler – Attacks Underway!

Redazione RHC 26/06/2025

Citrix has reported a new critical vulnerability in its NetScaler appliances, already actively exploited by attackers. The problem is identified with the identifier CVE-2025-6543 and affects the popular NetScaler ADC and NetScaler Gateway solutions used by companies for remote access and network perimeter protection. As reported in the official note from Citrix, exploits for this vulnerability have already been observed in real attacks. CVE-2025-6543 (CVSS score: 9.2) allows a remote, unauthenticated special request to be sent, resulting in device malfunction and unavailable operation. In particular, this isa complete disruption that can paralyze the functioning of the company’s infrastructure. The vulnerability affects versions of

Zero-Click Attack on Notepad++. HackerHood Tested the Exploit and It Really Works with Little

Redazione RHC 25/06/2025

A dangerous vulnerability has been discovered in the latest version of the popular text editor Notepad++ that allows an attacker togain complete control over the system. The vulnerability has been identified as CVE-2025-49144 and affects version 8.8.1 of the installer, released on May 5, 2025. The issue is related to the “binary file replacement” technique, where the installer accesses executable files from the current working directory without proper verification. Researchers have discovered that an attacker can install a malicious file, such as a modified regsvr32.exe file, in the same folder where the installer is located. Upon startup, the installer will automatically download the malicious

FortiGate Under Attack: Tools for Mass Exploitation of Exposed APIs for Sale

Redazione RHC 23/06/2025

A new and alarming development is shaking up the cybersecurity landscape: a malicious actor has advertised on the dark web a highly sophisticated exploit aimed at compromising FortiGate devices. A new exploit priced at $12,000 for FortiGate firewalls has appeared for sale on the popular underground forum Exploit. The post, published by a user with the pseudonym Anon-WMG, presents a tool capable of massively compromising Fortinet devices by exploiting exposed APIs. Technical features of the exploit Called “FortiGate API Dump Exploit (~7.2 and below)”, the tool is capable of interacting with over 170 FortiGate API endpoints, with declared compatibility for versions 6.x

Fortinet Issues Bulletin for Critical 9.8 Bug on FortiManager under Active Exploitation

Redazione RHC 24/10/2024

Recently, Fortinet disclosed a critical vulnerability, identified as CVE-2024-47575, affecting FortiManager. This is a missing authentication vulnerability for critical functions [CWE-306] in the FortiManager fgfmd daemon, which could allow an unauthenticated remote attacker to execute arbitrary code or commands via specially crafted requests. With a CVSS score of 9.8, this flaw poses a significant threat to organisations using these systems. Version Affected Solution FortiManager 7.6 7.6.0 Upgrade to 7.6.1 or above FortiManager 7.4 7.4.0 through 7.4.4 Upgrade to 7.4.5 or above FortiManager 7.2 7.2.0 through 7.2.7 Upgrade to 7.2.8 or above FortiManager 7.0 7.0.0 through 7.0.12 Upgrade to 7.0.13 or above FortiManager

Echelon Stealer: The Open Source Malware

Pietro Melillo 31/07/2024

Echelon Stealer is an infostealer malware that was first discovered in 2018 and is still active. Currently shared as an open-source tool on GitHub, Echelon Stealer offers various advanced features for extracting sensitive data. Despite being presented as an educational project, its potential for malicious use is significant. What is an Infostealer? An infostealer is a type of malware specifically designed to steal sensitive information from infected devices. These malware can gather a wide range of data, including: Infostealers are often distributed through phishing campaigns, malicious email attachments, compromised software downloads, and other social engineering techniques. Once installed, the infostealer collects data

Microsoft releases USB tool to fix CrowdStrike BSOD problem on Windows 10 and 11

Redazione RHC 23/07/2024

Microsoft has released a tool for system administrators to simplify the process of fixing the blue screen of death (BSOD) on Windows 10 and 11 computers. The solution involves the use of a bootable USB drive and a special script MsftRecoveryToolForCS.ps1. CrowdStrike had previously released a patch to correct a logic error that led to multiple BSOD instances. However, most computers do not automatically receive this fix due to their failed state. Restoring customers’ IT systems after a global outage of CrowdStrike software on Windows can take weeks. This is because system administrators are forced to manually restore PCs, servers, and laptops

PoC Released for SQL Injection Without Authentication on WordPress WZone Plugin

Pietro Melillo 19/07/2024

A proof of concept (PoC) for a critical vulnerability identified as CVE-2024-33544 has recently been released. This vulnerability involves an unauthenticated SQL injection, which poses a serious threat to the security of many web applications. The National Vulnerability Database (NVD) has published the details of this vulnerability, highlighting the importance of addressing the issue promptly. Vulnerability Details CVE-2024-33544 is an SQL Injection vulnerability that allows attackers to execute arbitrary SQL commands on a database without the need for authentication. This type of attack exploits gaps in the validation of user-provided input, allowing the manipulation of SQL queries sent to the database. When

Citrix Netscaler ADC and Gateway plagued by serious DOS and Open Redirect flaw

Redazione RHC 09/07/2024

Two vulnerabilities have been identified in NetScaler ADC and NetScaler Gateway. Affected Versions: The following supported versions of NetScaler ADC and NetScaler Gateway are vulnerable: These devices are widely used to enhance application performance and ensure controlled and secure access to sensitive data. Note: Version 12.1 of NetScaler ADC and NetScaler Gateway is now End Of Life (EOL) and therefore vulnerable. Customers are advised to upgrade their devices to supported versions. Vulnerability Summary: NetScaler ADC and NetScaler Gateway have the following vulnerabilities: Recommended Actions for Customers: Cloud Software Group strongly advises affected customers of NetScaler ADC and NetScaler Gateway to immediately install

Category