Vulnerabilities and CVE: Latest Critical Security Flaws

Red Hot Cyber

Cybersecurity, Cybercrime News and Vulnerability Analysis

Category: Vulnerability

Constant monitoring of security vulnerabilities and bugs, focusing on the latest critical CVEs and risks to systems and digital infrastructure. Guides, patches, updates, and expert advice to prevent attacks and safeguard data. Red Hot Cyber provides in-depth analysis and expert content for IT professionals, organizations, and cybersecurity enthusiasts seeking to stay secure.

Numero di articoli trovati: 64

Critical RCE vulnerability in Microsoft Teams: Urgent update needed

As part of the August 2025 Patch Tuesday security updates, a critical Remote Code Execution (RCE) vulnerability in Microsoft's Teams collaboration software has been patched. The critical flaw, tracked as...

Two Android Vulnerabilities Actively Exploited: Google Releases Critical Patches

Google has released the August security updates for Android, which contain patches for six vulnerabilities. Two of these are related to Qualcomm components and have already been exploited in targeted...

With ToolShell, you can access the Internet information Services (IIS) Machine keys.

In an article published on August 5, 2025, on the ISC SANS blog by Bojan Zdrnja, it is possible to steal "machine keys" from IIS servers. The author explores the...

Critical Bugs on NVIDIA Triton Allow Attackers to Compromise and Steal AI Model

Critical vulnerabilities have been discovered in NVIDIA's Triton Inference Server, threatening the security of AI infrastructure on Windows and Linux. The open-source solution is designed for large-scale deployment and maintenance...

0-day/0-click RCE exploit for sale on iOS. Explore the cyberweapons market for espionage.

An online forum posting dated July 26, 2025, caught our attention: a user named "Bucad" advertised the sale of an iOS RCE Exploit 0day | ZeroClick/1Click. The exploit, apparently capable...

Auto-Color malware distributed via a vulnerability in SAP NetWeaver

Darktrace has recorded a targeted attack on a US chemical company, in which attackers exploited a critical vulnerability in the SAP NetWeaver platform. The threat, registered as CVE-2025-31324, consisted of...

New macOS bug allows TCC bypass to steal user data

Microsoft said that attackers may have exploited a recently patched Transparency, Consent, and Control (TCC) bypass vulnerability to steal sensitive information from macOS users, including cached Apple Intelligence data. TCC...

Is Your Smart TV Spying on You? Security Gaps and Critical Vulnerabilities in IoT Devices

Networked smart devices are no longer simple helpers, but potential enemies. With every new thermostat or TV connected to the internet, a new flaw opens up in the digital infrastructure...

Zero-click exploits: the new invisible frontier of cyber attacks

In recent years, cybersecurity has seen the emergence of increasingly sophisticated threats, capable of compromising devices and personal data without the user taking any action. Among these, so-called zero-click exploits...

What are Vulnerability Assessments? A Journey into Automated Software Vulnerability Scanning

A vulnerability assessment is a process of evaluating computer systems, networks, and applications to identify vulnerabilities that could be exploited by attackers to compromise the system's security. The primary goal...