Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
Cyber Offensive Fundamentals 320x200 V0.1
Banner Desktop

Red Hot Cyber. The Cybersecurity Blog

Instagram Data Leak Exposes 17.5 Million Users on Dark Web
Undertow Vulnerability CVE-2025-12543 Exposes Java Ecosystem to Critical Security Risks
Iran Protests Escalate as Reza Pahlavi Calls for Action Against Government
Veeam Backup Vulnerability: Critical RCE Flaw Discovered – Update Now
When Attack Discovery Becomes Automated, Detection Stops Scaling
CVE-2026-21858: n8n Vulnerability Exposes Thousands of Servers to RCE
Disable Windows 11 AI Features Easily with RemoveWindowsAI Tool
DevSecOps: Integrating Security into Your Development Process
WhatsApp Device Fingerprinting: New Measures Against Privacy Threats
PS5 BootROM Key Leaked, Sony’s Security Compromised
Previous Next

Ultime news

Cloudflare Hit with €14M Fine for Failing to Block Pirate Content Cybercrime

Cloudflare Hit with €14M Fine for Failing to Block Pirate Content

The Italian Communications Regulatory Authority (AGCOM) has imposed an administrative fine exceeding €14 million on Cloudflare Inc. for failure to...
Redazione RHC - 9 January 2026
Iran Protests Escalate as Reza Pahlavi Calls for Action Against Government Cybercrime

Iran Protests Escalate as Reza Pahlavi Calls for Action Against Government

Iranian protesters chanted and marched through the streets until Friday morning, following a call from exiled former Prince Reza Pahlavi...
Redazione RHC - 9 January 2026
Taiwan Citizens Accused in China of Smuggling and Cable Sabotage Cybercrime

Taiwan Citizens Accused in China of Smuggling and Cable Sabotage

Chinese authorities have formally charged two Taiwanese citizens with involvement in a smuggling operation linked to an incident in February...
Redazione RHC - 9 January 2026
QR Code Phishing via HTML: New Attack Vector Emerges Cybercrime

QR Code Phishing via HTML: New Attack Vector Emerges

We know that criminal hackers always manage to surprise us, and this time too they surprise us with the innovation...
Redazione RHC - 8 January 2026
Veeam Backup Vulnerability: Critical RCE Flaw Discovered – Update Now Cybercrime

Veeam Backup Vulnerability: Critical RCE Flaw Discovered – Update Now

Backups are generally considered the last line of defense, but this week Veeam reminded us that backup systems themselves can...
Redazione RHC - 8 January 2026
GoBruteforcer Botnet Exploits AI-Generated Server Configs, Targets Crypto Cybercrime

GoBruteforcer Botnet Exploits AI-Generated Server Configs, Targets Crypto

The GoBruteforcer botnet has been discovered to be exploiting a surprisingly current weakness: the widespread reuse of AI-generated server configurations....
Redazione RHC - 8 January 2026
« Precedente   Successivo »

Veeam Backup Vulnerability: Critical RCE Flaw Discovered – Update Now

- January 8th, 2026

Backups are generally considered the last line of defense, but this week Veeam reminded us that backup systems themselves can become entry points for attacks. The company released security updates...
Share on Facebook Share on LinkedIn Share on X

GoBruteforcer Botnet Exploits AI-Generated Server Configs, Targets Crypto

- January 8th, 2026

The GoBruteforcer botnet has been discovered to be exploiting a surprisingly current weakness: the widespread reuse of AI-generated server configurations. This increasingly widespread practice is effectively leaving tens of thousands...
Share on Facebook Share on LinkedIn Share on X

When Attack Discovery Becomes Automated, Detection Stops Scaling

- January 8th, 2026

For much of the past two decades, cybersecurity has been built on a simple assumption: malicious activity can be detected, analysed, and responded to before meaningful damage occurs. This assumption...
Share on Facebook Share on LinkedIn Share on X

VMware ESXi VM Escape Exploit: Advanced Threats Revealed

- January 8th, 2026

A new report published by the Huntress Tactical Response Team documents a highly sophisticated intrusion detected in December 2025 , in which an advanced actor managed to compromise a VMware...
Share on Facebook Share on LinkedIn Share on X

Supply Chain Security: Protect Your Business from Cyber Threats

- January 8th, 2026

In an increasingly interconnected digital ecosystem, companies depend on networks of suppliers and partners to operate efficiently. However, this interdependence has transformed the supply chain into a new critical cybersecurity...
Share on Facebook Share on LinkedIn Share on X

CVE-2026-21858: n8n Vulnerability Exposes Thousands of Servers to RCE

- January 8th, 2026

The vulnerability, identified as CVE-2026-21858, which we recently reported on, affects approximately 100,000 servers worldwide, threatening to expose proprietary API keys, customer databases, and AI workflows. The vulnerability, with a...
Share on Facebook Share on LinkedIn Share on X

Malware PHALT#BLYX Uses Social Engineering and MSBuild to Infect Systems

- January 7th, 2026

A cancellation message from Booking.com with a high penalty seems like a typical business practice for hotels and apartments. But it's precisely this type of email that triggered a new...
Share on Facebook Share on LinkedIn Share on X

Disable Windows 11 AI Features Easily with RemoveWindowsAI Tool

- January 7th, 2026

A new open-source script allows Windows 11 users to widely disable the operating system's built-in artificial intelligence features . The project, developed by Zoicware , is called RemoveWindowsAI and aims...
Share on Facebook Share on LinkedIn Share on X

DevSecOps: Integrating Security into Your Development Process

- January 7th, 2026

When it comes to application security, there's rarely a single problem. It's almost always a chain of small flaws, poor decisions, and missing controls that, when added together, pave the...
Share on Facebook Share on LinkedIn Share on X

Critical RCE Vulnerability in D-Link DSL Routers – Update Now

- January 7th, 2026

A critical remote code execution (RCE) flaw in older D-Link DSL routers has been identified as CVE-2026-0625, with a CVSS v4.0 score of 9.3, indicating a high risk for users...
Share on Facebook Share on LinkedIn Share on X

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Featured Articles

Immagine del sitoCybercrime
Instagram Data Leak Exposes 17.5 Million Users on Dark Web
Redazione RHC - 10/01/2026

A massive digital archive containing the private information of approximately 17.5 million Instagram users appears to have fallen into the hands of cybercriminals. A few hours ago, the alarm was raised after several Reddit users…

Immagine del sitoCybercrime
Undertow Vulnerability CVE-2025-12543 Exposes Java Ecosystem to Critical Security Risks
Redazione RHC - 09/01/2026

A flaw has been discovered in the foundation of the Java web ecosystem. Undertow , the high-performance web server that powers enterprise heavyweights like WildFly and JBoss EAP , has been hit by a critical…

Immagine del sitoCybercrime
Iran Protests Escalate as Reza Pahlavi Calls for Action Against Government
Redazione RHC - 09/01/2026

Iranian protesters chanted and marched through the streets until Friday morning, following a call from exiled former Prince Reza Pahlavi to demonstrate, despite the Iranian theocracy cutting off the country from the internet and international…

Immagine del sitoCybercrime
Veeam Backup Vulnerability: Critical RCE Flaw Discovered – Update Now
Redazione RHC - 08/01/2026

Backups are generally considered the last line of defense, but this week Veeam reminded us that backup systems themselves can become entry points for attacks. The company released security updates for Backup & Replication ,…

Immagine del sitoCybercrime
When Attack Discovery Becomes Automated, Detection Stops Scaling
Alexander Rogan - 08/01/2026

For much of the past two decades, cybersecurity has been built on a simple assumption: malicious activity can be detected, analysed, and responded to before meaningful damage occurs. This assumption shaped everything from SOC design…