Vulnerabilities and CVE: Latest Critical Security Flaws

Red Hot Cyber

Cybersecurity, Cybercrime News and Vulnerability Analysis

Category: Vulnerability

Constant monitoring of security vulnerabilities and bugs, focusing on the latest critical CVEs and risks to systems and digital infrastructure. Guides, patches, updates, and expert advice to prevent attacks and safeguard data. Red Hot Cyber provides in-depth analysis and expert content for IT professionals, organizations, and cybersecurity enthusiasts seeking to stay secure.

Numero di articoli trovati: 64

A PNG containing a Trojan. Astaroth persistently abuses GitHub.

McAfee researchers have reported new activity by the Astaroth banking trojan , which has started using GitHub as a persistent channel for distributing configuration data. This approach allows attackers to...

Oracle E-Business Suite Zero-Day Attack: Clop Exploits CVE-2025-61882

Last week, Oracle warned customers of a critical zero-day vulnerability in its E-Business Suite (CVE-2025-61882), which allows remote execution of arbitrary code without authentication. It has now been revealed that...

Oracle E-Business Suite 9.8 Vulnerability: Urgent Updates Needed

Oracle has published a security advisory regarding a critical vulnerability identified as CVE-2025-61882 in the Oracle E-Business Suite . The flaw can be exploited remotely without authentication , potentially allowing...

0-day 0-click WhatsApp! All it takes is one image to take control of your iPhone.

Some spyware producer is probably doing gymnastics... tearing their hair out. But it's the usual charade: someone finds, someone cashes in, someone integrates, and then the researcher on duty comes...

Two critical bugs in Cisco ASA and FTD: score 9.9 and risk of remote code execution

Cisco has disclosed two critical vulnerabilities affecting its Secure Firewall Adaptive Security Appliance (ASA) and Secure Firewall Threat Defense (FTD) firewalls, as well as other networking products. Both flaws allow...

Zero-Day Vulnerabilities Found in Cisco IOS and IOS XE: Urgent Updates

Cisco has disclosed a zero-day vulnerability, tracked as CVE-2025-20352, in its widely used IOS and IOS XE software; this vulnerability appears to be actively exploited. This vulnerability was initially identified...

Security Alert: Vulnerability in Ivanti Endpoint Manager Mobile. CISA Warns

The U.S. Cybersecurity Agency (CISA) has issued an alert regarding two malware kits discovered on the network of an unidentified organization after exploiting new vulnerabilities in the Ivanti Endpoint Manager...

Samsung releases September 2025 security patch, fixing critical vulnerabilities.

A September 2025 security update has been released by Samsung to address a critical zero-day vulnerability that is currently being actively exploited. This patch includes fixes for a total of...

Microsoft warns: Critical vulnerabilities in Office! Users and admins at risk

On September 9, 2025, two significant vulnerabilities were discovered in Microsoft Office, for which dedicated patches were created. These vulnerabilities, if exploited by attackers, could allow malicious code to be...

An RCE in Apple CarPlay allows root access to vehicle infotainment systems

At the DefCon security conference, researchers presented a significant exploit chain that allows attackers to gain administrator permissions for vehicle entertainment systems through Apple CarPlay. The attack known as "Pwn...