Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Search
UtiliaCS 320x100
Banner Ransomfeed 970x120 1

Red Hot Cyber. The Cybersecurity Blog

Previous Next

Featured Articles

Immagine del sito
“We Want to Hack You Again!” NSO Group Rejects WhatsApp’s Pegasus Lawsuit
Di Redazione RHC - 22/11/2025

Israeli company NSO Group has appealed a California federal court ruling that bars it from using WhatsApp’s infrastructure to distribute its Pegasus surveillance software. The case, which has been o...

Immagine del sito
Oracle under attack: Pre-auth RCE vulnerability discovered that compromises entire systems
Di Redazione RHC - 22/11/2025

A vulnerability, designated CVE-2025-61757, was made public by Searchlight Cyber last Thursday. Company researchers discovered the issue and notified Oracle, which led to its disclosure. Oracle fixed ...

Immagine del sito
Risk averted for millions of Microsoft users! The critical vulnerability in Microsoft SharePoint 9.8
Di Redazione RHC - 21/11/2025

Microsoft has disclosed a critical vulnerability in SharePoint Online (discovered by RHC through our ongoing monitoring of critical CVEs on our portal), identified as CVE‑2025‑59245 , with a CVSS ...

Immagine del sito
MONOLOCK: The new “silent” ransomware group that rejects leak sites and affiliate panels.
Di Luca Stivali - 21/11/2025

The ransomware landscape is changing. The most exposed actors—LockBit, Hunters International, and Trigona—have paid the price for overexposure, including international operations, infiltrations, d...

Immagine del sito
Critical vulnerability in the WordPress plugin W3 Total Cache. 430,000 sites at risk!
Di Redazione RHC - 21/11/2025

A critical vulnerability, CVE-2025-9501, has been discovered in the popular WordPress plugin W3 Total Cache . This vulnerability allows the execution of arbitrary PHP commands on the server without au...

“We Want to Hack You Again!” NSO Group Rejects WhatsApp’s Pegasus Lawsuit

Israeli company NSO Group has appealed a California federal court ruling that bars it from using WhatsApp's infrastructure to distribute its Pegasus s...
Redazione RHC - 22/11/2025 - 19:32

Oracle under attack: Pre-auth RCE vulnerability discovered that compromises entire systems

A vulnerability, designated CVE-2025-61757, was made public by Searchlight Cyber last Thursday. Company researchers discovered the issue and notified ...
Redazione RHC - 22/11/2025 - 12:31

CrowdStrike Insider Fired for Providing Sensitive Data to Criminal Hackers

In recent months, the insider problem has become increasingly important for large companies , and one recent episode involved CrowdStrike. The cyberse...
Redazione RHC - 22/11/2025 - 09:29

Sysmon will finally be integrated into Windows 11 and Windows Server 2025 in 2026

Microsoft has announced that it will integrate the popular Sysmon tool directly into Windows 11 and Windows Server 2025 in 2026. The announcement was ...
Redazione RHC - 22/11/2025 - 08:53

Sneaky2FA: The phishing scam that steals credentials with browser-in-the-browser attacks

Push Security specialists have noticed that the Sneaky2FA phishing platform now supports browser-in-the-browser attacks, which allow the creation of f...
Redazione RHC - 22/11/2025 - 08:39

TamperedChef: Malware via Fake App Installers

The large-scale TamperedChef campaign is once again attracting the attention of specialists, as attackers continue to distribute malware via fake inst...
Redazione RHC - 21/11/2025 - 19:20
1 2 3 250

“We Want to Hack You Again!” NSO Group Rejects WhatsApp’s Pegasus Lawsuit

- November 22nd, 2025

Israeli company NSO Group has appealed a California federal court ruling that bars it from using WhatsApp's infrastructure to distribute its Pegasus surveillance software. The case, which has been ongoing...

Facebook Linkedin X

Oracle under attack: Pre-auth RCE vulnerability discovered that compromises entire systems

- November 22nd, 2025

A vulnerability, designated CVE-2025-61757, was made public by Searchlight Cyber last Thursday. Company researchers discovered the issue and notified Oracle, which led to its disclosure. Oracle fixed CVE-2025-61757 with the...

Facebook Linkedin X

CrowdStrike Insider Fired for Providing Sensitive Data to Criminal Hackers

- November 22nd, 2025

In recent months, the insider problem has become increasingly important for large companies , and one recent episode involved CrowdStrike. The cybersecurity firm has in fact removed an employee believed...

Facebook Linkedin X

Sysmon will finally be integrated into Windows 11 and Windows Server 2025 in 2026

- November 22nd, 2025

Microsoft has announced that it will integrate the popular Sysmon tool directly into Windows 11 and Windows Server 2025 in 2026. The announcement was made by Sysinternals creator Mark Russinovich....

Facebook Linkedin X

Sneaky2FA: The phishing scam that steals credentials with browser-in-the-browser attacks

- November 22nd, 2025

Push Security specialists have noticed that the Sneaky2FA phishing platform now supports browser-in-the-browser attacks, which allow the creation of fake login windows and the theft of credentials and sessions. Sneaky2FA...

Facebook Linkedin X

TamperedChef: Malware via Fake App Installers

- November 21st, 2025

The large-scale TamperedChef campaign is once again attracting the attention of specialists, as attackers continue to distribute malware via fake installers of popular applications. This scam, disguised as legitimate software,...

Facebook Linkedin X

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE