Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
320x100 Itcentric
HackTheBox 970x120 1

Red Hot Cyber. The Cybersecurity Blog

Apple Supply Chain Hit by Cyberattack: Sensitive Data at Risk
Browser-in-the-Browser Phishing Attack: How to Protect Yourself
Critical WebKit Vulnerability Exposes iOS Devices to Code Execution
Xspeeder Devices Hit by AI-Discovered Zero-Day Vulnerability CVE-2025-54322
Job Scams on Social Media: How to Avoid Fake Remote Job Offers
Cyber Criminals Recruit Insiders: Companies at Risk of Internal Threats
Villager Framework: AI-Powered Penetration Testing Tool
A $500 Tool Claims to Kill EDRs at Kernel Level: Inside the NtKiller Underground Ad
Webrat Malware Targets Security Researchers with GitHub Exploit Traps
A backdoor in NVIDIA code. Three 9.8 bugs plague AI and robotics development systems
Previous Next

Ultime news

Livewire Vulnerability Exposed: 130k Apps at Risk of Remote Code Execution Cybercrime

Livewire Vulnerability Exposed: 130k Apps at Risk of Remote Code Execution

An in-depth security analysis of Livewire , an essential framework for developing dynamic interfaces in Laravel, has revealed a significant...
Redazione RHC - 26 December 2025
Microsoft Boosts BitLocker with Hardware Acceleration for Enhanced Security Cybercrime

Microsoft Boosts BitLocker with Hardware Acceleration for Enhanced Security

Over the years, Microsoft has strived to keep BitLocker's performance impact within reasonable limits, historically below double digits. The goal...
Redazione RHC - 25 December 2025
DriverFixer0428: macOS Credential Stealer Linked to North Korea Cybercrime

DriverFixer0428: macOS Credential Stealer Linked to North Korea

A thorough static and dynamic analysis has led to the identification of a macOS malware called DriverFixer0428 , classified as...
Redazione RHC - 25 December 2025
A $500 Tool Claims to Kill EDRs at Kernel Level: Inside the NtKiller Underground Ad Cybercrime

A $500 Tool Claims to Kill EDRs at Kernel Level: Inside the NtKiller Underground Ad

An ad has surfaced on a closed underground forum frequented by malware operators and initial access brokers, attracting the attention...
Redazione RHC - 25 December 2025
Webrat Malware Targets Security Researchers with GitHub Exploit Traps Cybercrime

Webrat Malware Targets Security Researchers with GitHub Exploit Traps

There's a specific moment, almost always at night, when curiosity overtakes caution. A newly opened repository, few stars but a...
Redazione RHC - 24 December 2025
Nezha Malware: Abusing Legitimate Tools for Remote Access Cybercrime

Nezha Malware: Abusing Legitimate Tools for Remote Access

There comes a moment, often too late, when you realize the problem didn't come from forcing the door, but from...
Redazione RHC - 24 December 2025
« Precedente   Successivo »

La Poste Hit by Pro-Russian DDoS Attack During Peak Holiday Season

- December 23rd, 2025

According to internal sources at RedHotCyber , the digital offensive that is causing problems for the National Postal System in France has been officially claimed by the pro-Russian hacker collective...
Share on Facebook Share on LinkedIn Share on X

Spotify Web Scraping: Anna’s Archive Scrapes 300TB of Music Library

- December 23rd, 2025

Activists and hackers at Anna's Archive have reportedly combed nearly the entire music library of the largest streaming service, Spotify. They claim to have collected metadata for 256 million tracks...
Share on Facebook Share on LinkedIn Share on X

CVE-2025-47761: FortiClient VPN Zero-Day Exploit Lets Privilege Escalation

- December 23rd, 2025

The following analysis examines the attack vector for CVE-2025-47761 , a vulnerability found in the Fortips_74.sys kernel driver used by FortiClient VPN for Windows. The core of the vulnerability lies...
Share on Facebook Share on LinkedIn Share on X

Ukrainian Hacker Charged in Major Ransomware Attacks

- December 23rd, 2025

A Ukrainian man implicated in a series of ransomware attacks has been found guilty in the United States. These cybercrimes affected companies in several countries, including the United States, Canada,...
Share on Facebook Share on LinkedIn Share on X

The Rise of Digital Walls: How National Sovereignty Threatens Global Internet

- December 23rd, 2025

As we always report on these pages, nations are pushing for the development of domestic software and hardware devices, that is, technologies developed within the nation that are more easily...
Share on Facebook Share on LinkedIn Share on X

Critical MongoDB Vulnerability Exposed: CVE-2025-14847

- December 23rd, 2025

A critical vulnerability has been identified in MongoDB, one of the most widely used NoSQL database platforms globally. This security flaw, tracked under CVE-2025-14847, allows attackers to extract sensitive data...
Share on Facebook Share on LinkedIn Share on X

Smart TV Spying: Major Brands Accused of Collecting User Data

- December 23rd, 2025

Texas Attorney General Ken Paxton has charged five major television manufacturers with illegally collecting user data using automatic content recognition (ACR) technology to record what owners watch. The charges concern...
Share on Facebook Share on LinkedIn Share on X

Phishing Campaigns Exploit File Sharing Services

- December 23rd, 2025

Researchers at Check Point, a pioneer and global leader in cybersecurity solutions, have discovered a phishing campaign in which attackers pose as file-sharing and electronic signature services to send financially-themed...
Share on Facebook Share on LinkedIn Share on X

RansomHouse Ransomware Upgraded: Enhanced Encryption Threat

- December 22nd, 2025

The group behind RansomHouse, one of the most notorious ransomware distribution services, has strengthened the technical capabilities of its attacks. According to experts, the cybercriminals have added an updated encryption...
Share on Facebook Share on LinkedIn Share on X

Cyber Attacks on the Rise: Wiper Malware and Data Destruction in 2025

- December 22nd, 2025

According to BI.ZONE, by 2025, attackers will increasingly opt for total destruction of corporate infrastructure rather than encryption . This refers to scenarios in which, after penetrating a network, attackers...
Share on Facebook Share on LinkedIn Share on X

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Featured Articles

Immagine del sitoCybercrime
Apple Supply Chain Hit by Cyberattack: Sensitive Data at Risk
Redazione RHC - 30/12/2025

During the first half of December, a Chinese company assembling devices for Apple was hit by an advanced cyberattack that may have exposed sensitive information related to a production line. The incident was reported by…

Immagine del sitoCybercrime
Browser-in-the-Browser Phishing Attack: How to Protect Yourself
Manuel Roccon - 29/12/2025

This article analyzes a recent and sophisticated phishing campaign that uses the Browser-in-the-Browser (BitB) technique to steal credentials, particularly those from services like Microsoft 365. The BitB attack is notable for its ability to generate…

Immagine del sitoCybercrime
Critical WebKit Vulnerability Exposes iOS Devices to Code Execution
Redazione RHC - 29/12/2025

A new report details a critical vulnerability discovered by security researcher Joseph Goydish in Apple’s WebKit engine. This security flaw, if exploited in conjunction with other exploits, could allow attackers to execute arbitrary code on…

Immagine del sitoCybercrime
Xspeeder Devices Hit by AI-Discovered Zero-Day Vulnerability CVE-2025-54322
Redazione RHC - 29/12/2025

When it comes to cybersecurity, it’s easy to fall into the trap of thinking that problems are always far away, that they only affect others. But the reality is that a vulnerability is always around…

Immagine del sitoCybercrime
Job Scams on Social Media: How to Avoid Fake Remote Job Offers
Redazione RHC - 29/12/2025

Fraudulent job ads promising easy money and remote work continue to flood social media, particularly in the Middle East and North Africa . Under the guise of part-time jobs that require no experience , scammers…