Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
Fortinet 320x100px
Fortinet 970x120px

Category: Vulnerability

OWASP Top 10 2025: New Web Application Threats, Supply Chain Top Three

- November 12th, 2025

After four years, OWASP has updated its TOP 10 list of the most dangerous web application risks, adding two new categories and revising the ranking structure. The organization has released...
Share on Facebook Share on LinkedIn Share on X

What is a zero-day and the risk of targeted cyber attacks

- November 11th, 2025

Zero-day vulnerabilities are one of the greatest cybersecurity risks for organizations. These are unknown and unpatched vulnerabilities that attackers exploit to penetrate IT systems and compromise data security. In this...
Share on Facebook Share on LinkedIn Share on X

The world of software vulnerabilities: how they’re exploited, who creates them, and how to protect yourself.

- November 11th, 2025

Software vulnerabilities pose a threat to cybersecurity because hackers can exploit them to gain access to computer systems. A software vulnerability is a flaw in software that can be used...
Share on Facebook Share on LinkedIn Share on X

QNAP fixes 7 critical NAS bugs discovered at Pwn2Own Ireland 2025

- November 10th, 2025

QNAP has fixed seven critical zero-day vulnerabilities in its Network Attached Storage (NAS) operating systems after a group of researchers successfully exploited them at Pwn2Own Ireland 2025 , held in...
Share on Facebook Share on LinkedIn Share on X

Critical vulnerability in Blink: a website can block all Chromium-based browsers

- October 30th, 2025

Researcher José Pino has presented a proof-of-concept vulnerability in the Blink rendering engine used in Chromium -based browsers, demonstrating how a single web page can crash many popular browsers and...
Share on Facebook Share on LinkedIn Share on X

Malware alert: Critical WordPress plugin vulnerabilities actively exploited

- October 29th, 2025

Wordfence is raising the alarm about a large-scale malware campaign in which attackers are exploiting critical vulnerabilities in the popular WordPress plugins GutenKit and Hunk Companion . The company blocked...
Share on Facebook Share on LinkedIn Share on X

CoPhish is coming! Microsoft Copilot Studio used to steal accounts

- October 27th, 2025

Attackers are using an advanced phishing technique, known as CoPhish, that leverages Microsoft Copilot Studio to trick users into granting unauthorized access to their Microsoft Sign In ID accounts. A...
Share on Facebook Share on LinkedIn Share on X

Oracle Critical Patch Update October 2025: 374 vulnerabilities fixed

- October 22nd, 2025

Oracle has released its new quarterly security update, the October 2025 Critical Patch Update , which addresses 374 vulnerabilities identified in numerous Oracle products. This is one of the largest...
Share on Facebook Share on LinkedIn Share on X

Visual Studio Code under attack: GlassWorm worm spreads via extensions

- October 21st, 2025

Researchers at Koi Security have detected a supply chain attack using OpenVSX and the Visual Studio Code Marketplace . Criminal hackers are distributing self-replicating malware called GlassWorm, which has already...
Share on Facebook Share on LinkedIn Share on X

EDR-Freeze Arrives! It Puts Windows into a Deep Coma Without Vulnerable Drivers

- September 23rd, 2025

A Zero Salarium specialist has presented a method that temporarily disables antivirus processes and EDR agents on Windows using built-in system tools. The article details the concept and operational tool,...
Share on Facebook Share on LinkedIn Share on X
Category