Vulnerabilities and CVE: Latest Critical Security Flaws

Red Hot Cyber

Cybersecurity, Cybercrime News and Vulnerability Analysis

Category: Vulnerability

Constant monitoring of security vulnerabilities and bugs, focusing on the latest critical CVEs and risks to systems and digital infrastructure. Guides, patches, updates, and expert advice to prevent attacks and safeguard data. Red Hot Cyber provides in-depth analysis and expert content for IT professionals, organizations, and cybersecurity enthusiasts seeking to stay secure.

Numero di articoli trovati: 64

Apache Jackrabbit RCE Vulnerability: Exploitation in Progress, Update Now

A dangerous vulnerability has been discovered in Apache Jackrabbit that could lead to remote execution of arbitrary code and compromise enterprise systems. The issue is registered as CVE-2025-58782 and affects...

Attackers are using Velociraptor for cyberattacks. Rapid7 is aware

Sophos security specialists have drawn attention to a cyberattack in which unknown attackers used the open-source forensic tool Velociraptor to monitor endpoints. "In this incident, attackers used a tool to...

Android Colabrodo Edition: 120 vulnerabilities and two zero-days fixed

Google developers have released security updates for Android that address 120 operating system vulnerabilities. Two of these vulnerabilities, according to the company, have already been exploited by hackers in targeted...

Critical vulnerability in IIS Web Deploy: PoC exploit is now public

This week, a proof-of-concept exploit was published for CVE-2025-53772, a critical remote code execution vulnerability in Microsoft's IIS Web Deploy (msdeploy) tool, which has raised urgent alarms in the .NET...

Living-off-the-Land 2.0: When Attackers Weaponize Security Tools

Sophos has warned of an increasingly sophisticated attacker practice: the use of legitimate cybersecurity tools as part of a Living-off-the-Land (LotL) tactic, in which an attack is carried out using...

Critical vulnerabilities are on the rise! Awareness, Patching, and Audits are key.

According to a Kaspersky Lab report, the use of vulnerabilities increased significantly in the second quarter of 2025: almost every subsystem of modern computers was attacked, from UEFI to browser...

Critical vulnerabilities in NetScaler ADC and Gateway. Update now! Attacks are ongoing!

NetScaler has alerted administrators of three new vulnerabilities in NetScaler ADC and NetScaler Gateway, one of which is already being used in active attacks. Updates are available and the vendor...

Critical Score 10 Vulnerability in Erlang/Open Telecom Platform: Active Exploits on the Rise

Researchers recorded that a critical flaw in the Erlang/Open Telecom Platform SSH stack implementation began being actively exploited as early as early May 2025; approximately 70% of detections occurred on...

Did you respond to IT support on Teams? Congratulations! The Trojan is on your PC with rights that exceed yours.

The research team at Trustwave SpiderLabs has identified a new wave of EncryptHub attacks that combine human error and the exploitation of a vulnerability in the Microsoft Management Console. Operators...

Heading for a bang for August! 36 RCEs for Microsoft Patch Tuesday August

August Patch Tuesday: Microsoft releases security updates that fix 107 vulnerabilities across its ecosystem products. The update includes fixes for 90 vulnerabilities, classified as follows: 13 are critical, 76 are...