Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Search
Crowdstrike 320×100
970x120

Tag: cve

ENISA takes on the role of Root in the European Cybersecurity Initiative (CVE).

Redazione RHC 27/11/2025

The European Union Agency for Cybersecurity (ENISA) has taken on the role of Root within the Common Vulnerabilities and Exposures (CVE) programme, becoming the main point of reference for national authorities, EU CSIRTs and partners falling within its mandate. The new role expands on the Agency’s existing functions as Vulnerability Numbering Authority (CNA), which is responsible for assigning CVE identifiers and publishing the related records for reports managed by European CSIRTs, an operational role that has been active since January 2024. ENISA Executive Director Juhan Lepassaar highlighted how this change strengthens the Agency’s ability to support vulnerability management within the Union, contributing

Linux Pwned! Privilege Escalation on SUDO in 5 seconds. HackerHood tests the CVE-2025-32463 exploit

Redazione RHC 02/07/2025

Yesterday, Red Hot Cyber published an in-depth analysis of a gserious vulnerability discovered in SUDO (CVE-2025-32463), which allows escalation of privileges to root in Linux environments by exploiting an abuse of the chroot function. The exploit, made public by Stratascale, demonstrates how a non-privileged user can obtain root access through a precise chain of operations that exploit incorrect behavior in the management of child processes in environments chroot. Field testing: Manuel Roccon from the HackerHood group speaks Manuel Roccon, a researcher from the Red Hot Cyber HackerHood group, wanted to get his hands on the exploit to concretely verify its scope and

Analysis of Recorded Future’s CVE Report – February 2025

Sandro Sana 05/03/2025

The monthly Recorded Future CVE report for February 2025 provides a detailed overview of current cybersecurity threats, highlighting a slight decline compared to the previous month. A total of 25 high-impact vulnerabilities were identified, down from 33 in January, yet the overall risk level remains high. Several of these vulnerabilities are already being actively exploited by cybercriminals, making a timely response from corporate security teams essential. One of the key aspects of this report is the ability to analyze the issue from two complementary perspectives: that of CEOs and that of IT managers and CISOs. On one hand, business leaders must understand

RHC interviews Qilin Ransomware! “Let’s play fair and wait for a worthy opponent on the field”

RHC Dark Lab 19/09/2024

Qilin (from Chinese :麒麟) is a legendary creature that appears in Chinese mythology and is said to appear with the imminent arrival or demise of a sage or illustrious ruler. The Qilin ransomware is a prime example of the growing complexity of cyber threats. Discovered in 2022, Qilin immediately attracted attention for its ability to target critical sectors such as healthcare and education, particularly in the regions of Africa and Asia. Written in Rust and C, Qilin offers an unprecedented level of customisation that sets it apart from most other ransomware. The operators behind this threat can change the extension of encrypted

Serious Vulnerability in Windows Systems: Here’s How an Attacker Can Gain Complete Control of Your PC

Alessio Stefan 05/07/2024

A severe security vulnerability has been discovered in MSI Center, a widely used software on Windows systems. This flaw, classified as CVE-2024-37726 and with a CVSS score of 7.8 (high), allows a low-privileged attacker to gain complete control of the system. Privilege escalation refers to an attack in which a user with limited privileges gains access with higher privileges, such as those of an administrator, without having the proper authorization. This can allow a malicious user to perform actions that would not normally be allowed. CVE Details By exploiting a flaw in the way MSI Center handles permissions, a malicious actor can manipulate the filesystem and trick the software into

Category