Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Search
Enterprise BusinessLog 320x200 1
2nd Edition GlitchZone RHC 970x120 2

Tag: #cybersecurity

Critical React Server Vulnerability: Update Now to Prevent RCE Attacks

Redazione RHC 04/12/2025

Developers and administrators around the world are urgently updating their servers following the discovery of a critical vulnerability in React Server, which allows attackers to remotely execute unauthenticated code with a single HTTP request. The exploit is now publicly available , and the issue has received the highest severity rating, 10 out of 10, on CVSS. React is actively used on servers to accelerate JavaScript and content rendering: instead of completely reloading the page with each request, it only redraws the modified parts of the interface. This significantly saves resources and improves application performance. React is estimated to be used by approximately

Storm-0900 Phishing Campaign Spreads XWorm Malware

Redazione RHC 04/12/2025

Over the holiday season, a coordinated attack was detected and blocked by Microsoft Threat Intelligence security analysts, involving tens of thousands of emails crafted to deceive recipients. The cybercriminal group known as Storm-0900 launched a large-scale phishing campaign, targeting users across the United States. The campaign exploited two main social engineering themes : fake parking ticket notifications and fraudulent medical test results. Microsoft Threat Intelligence analysts and security researchers discovered that this campaign led to the spread of XWorm, a widespread modular remote access malware used by many threat actors across the cyber threat landscape. In connection with the Thanksgiving holiday, attackers

Windows 10 Still Running on 1 Billion PCs, Upgrade to Windows 11 Urged

Redazione RHC 04/12/2025

Windows 10 has been officially retired, but it still runs on approximately one billion personal computers worldwide. A significant number of devices are technically ready to upgrade to Windows 11, increasing the risk of cyberattacks and proving that updating the operating system is more difficult than it seems . According to Jeff Clark, vice president and chief operating officer of Dell Technologies, of the approximately 1.5 billion PCs installed, more than 1 billion have not yet been upgraded to Windows 11 or are too old to do so. Approximately 500 million devices meet the requirements for the new version but have not

Secure AI Integration in OT Systems: Key Principles and Best Practices

Redazione RHC 04/12/2025

Since ChatGPT’s public release in November 2022, artificial intelligence (AI) has been integrated into many aspects of human society. For owners and operators of critical infrastructure, AI can be used to increase efficiency and productivity, improve decision-making, reduce costs, and enhance customer experience. Despite its many benefits, integrating AI into operational technology (OT) environments that manage essential public services also introduces significant risks —such as OT process model drift over time or security process circumvention—that owners and operators must carefully manage to ensure the availability and reliability of critical infrastructure. The Australian Signals Directorate, through the Australian Cyber Security Centre, together with

Aisuru Botnet Unleashes 29.7 Tbps DDoS Attack, Cloudflare Mitigates

Redazione RHC 03/12/2025

A botnet service called Aisuru offers an army of compromised IoT devices and routers to launch high-traffic DDoS attacks. In just three months, the massive Aisuru botnet launched more than 1,300 DDoS attacks, one of which set a new record with a peak of 29.7 terabits per second. Since the beginning of the year, Cloudflare has neutralized a total of 2,867 Aisuru attacks , which were characterized by significant intensity, with nearly 45% of them classified as hypervolumetric, meaning attacks with a throughput greater than 1 Tbps, or 1 billion packets per second (Bpps). Cloudflare, a leading internet management and infrastructure company,

Google Chrome 143 Patch Fixes Critical V8 JavaScript Vulnerability

Redazione RHC 03/12/2025

Google has released Chrome 143 for Windows, macOS, and Linux; the release contains an important patch. The new version ( 143.0.7499.40 for Linux and 143.0.7499.40/41 for Windows and macOS) addresses 13 vulnerabilities, including a critical vulnerability in the JavaScript V8 engine, CVE-2025-13630, a type confusion issue. This is CVE-2025-13630, discovered by cybersecurity researcher Shreyas Penkar (@streypaws) and awarded a $11,000 bounty by Google. The bug is a favorite target for exploit writers, as such flaws sometimes allow exploits to escape the browser sandbox and execute third-party code. Therefore, the released patch is one of the most important of the release. In addition

Cybersecurity in December: How Compliance Hurries Leave Companies Vulnerable

Ambra Santoro 03/12/2025

December isn’t just about Christmas lights: for those working in cybersecurity, it’s the month when the human factor collapses and companies rush to buy solutions just to be “compliant” for the new year. A perfect breeding ground for mistakes, vulnerabilities, and choices that will be paid dearly in 2026. Frenzy, Tiredness and Lurking Attackers The arrival of December brings with it a strange mix of frenzy and vulnerability. On the one hand, employees, still stunned by the endless Black Friday deals, are dragging themselves towards Christmas with inboxes full of fake “order confirmations.” On the other hand, there are IT managers and

Maha Grass APT Group Unleashes StreamSpy Malware Attacks

Redazione RHC 03/12/2025

The Patchwork cyber espionage group — also known as Hangover or Dropping Elephant and internally tracked by QiAnXin as APT-Q-36 — has been active since 2009 and is believed to be close to South Asia. Over the years, it has targeted government agencies, the military, research institutions, diplomacy, industry, and educational institutions in several Asian countries, conducting large-scale intelligence gathering operations. The QiAnXin Threat Intelligence Center has identified a new Trojan attributed to the Maha Grass organization, which uses a combination of WebSocket and HTTP protocols to communicate with command and control servers. The malware, dubbed StreamSpy , retrieves instructions via a

WiFi Network Security: Protect Against Hacking with WPA3 and ARP Spoofing

Francesco Demarcus 02/12/2025

In today’s environment, securing a network requires much more than setting a complex password. A cyber attack against a wireless network follows a structured path that evolves from passive monitoring to active traffic manipulation. . We will analyze this process in three distinct phases: gaining access, post-connection maneuvers, and the necessary defensive countermeasures. . 1. Pre-connection Phase: Surveillance and Access Penetration testing of a wireless network begins by analyzing its attack surface: visible identifiers are observed and weak or insecure configurations are evaluated. . Target Monitoring and Identification The first step is to use tools in “monitor” mode to collect detailed information

The Dark Side of Internet Control: Durov’s Warning

Sandro Sana 02/12/2025

Post 462 on Durov’s official channel immediately went into “scream mode”: “ The end of the free internet. The free internet is becoming a tool of control .” No birthday wishes. Durov explains that he doesn’t feel like celebrating because, in his opinion, his generation “is running out of time to save the free Internet our fathers built for us.” What until recently seemed like the promise of an open and free web, a place for sharing, exchange, and information, is now turning into the “most powerful tool of control ever created.” Durov doesn’t go easy: he names Western governments and states

Category