Red Hot Cyber

Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.

Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.

2nd Edition GlitchZone RHC 320x100 2

970x20 Itcentric

Red Hot Cyber. The Cybersecurity Blog

Browser-in-the-Browser Phishing Attack: How to Protect Yourself

Critical WebKit Vulnerability Exposes iOS Devices to Code Execution

Xspeeder Devices Hit by AI-Discovered Zero-Day Vulnerability CVE-2025-54322

Job Scams on Social Media: How to Avoid Fake Remote Job Offers

Cyber Criminals Recruit Insiders: Companies at Risk of Internal Threats

Villager Framework: AI-Powered Penetration Testing Tool

A $500 Tool Claims to Kill EDRs at Kernel Level: Inside the NtKiller Underground Ad

Webrat Malware Targets Security Researchers with GitHub Exploit Traps

A backdoor in NVIDIA code. Three 9.8 bugs plague AI and robotics development systems

La Poste Hit by Pro-Russian DDoS Attack During Peak Holiday Season

Ultime news

A $500 Tool Claims to Kill EDRs at Kernel Level: Inside the NtKiller Underground Ad

Cybercrime

A $500 Tool Claims to Kill EDRs at Kernel Level: Inside the NtKiller Underground Ad

An ad has surfaced on a closed underground forum frequented by malware operators and initial access brokers, attracting the attention...

Redazione RHC - 25 December 2025

Webrat Malware Targets Security Researchers with GitHub Exploit Traps

Cybercrime

Webrat Malware Targets Security Researchers with GitHub Exploit Traps

There's a specific moment, almost always at night, when curiosity overtakes caution. A newly opened repository, few stars but a...

Redazione RHC - 24 December 2025

Nezha Malware: Abusing Legitimate Tools for Remote Access

Cybercrime

Nezha Malware: Abusing Legitimate Tools for Remote Access

There comes a moment, often too late, when you realize the problem didn't come from forcing the door, but from...

Redazione RHC - 24 December 2025

Massive Cloud Cyberespionage: PCPcat Hits 59,128 Servers in 48 Hours

Cybercrime

Massive Cloud Cyberespionage: PCPcat Hits 59,128 Servers in 48 Hours

A large-scale, highly automated cyberespionage campaign is systematically targeting the cloud infrastructure that supports numerous modern web applications. In less...

Redazione RHC - 24 December 2025

Critical Net-SNMP Vulnerability Exposes Networks to RCE Attacks

Cybercrime

Critical Net-SNMP Vulnerability Exposes Networks to RCE Attacks

A critical vulnerability has been discovered in the Net-SNMP software suite, widely used globally for network management and monitoring. The...

Redazione RHC - 24 December 2025

A backdoor in NVIDIA code. Three 9.8 bugs plague AI and robotics development systems

Cybercrime

A backdoor in NVIDIA code. Three 9.8 bugs plague AI and robotics development systems

When it comes to cybersecurity, you can never be too careful. Furthermore, when we talk about backdoors (or alleged ones),...

Redazione RHC - 24 December 2025

« Precedente Successivo »

Ukrainian Hacker Charged in Major Ransomware Attacks

Redazione RHC - December 23rd, 2025

A Ukrainian man implicated in a series of ransomware attacks has been found guilty in the United States. These cybercrimes affected companies in several countries, including the United States, Canada,...

The Rise of Digital Walls: How National Sovereignty Threatens Global Internet

Redazione RHC - December 23rd, 2025

As we always report on these pages, nations are pushing for the development of domestic software and hardware devices, that is, technologies developed within the nation that are more easily...

Critical MongoDB Vulnerability Exposed: CVE-2025-14847

Redazione RHC - December 23rd, 2025

A critical vulnerability has been identified in MongoDB, one of the most widely used NoSQL database platforms globally. This security flaw, tracked under CVE-2025-14847, allows attackers to extract sensitive data...

Smart TV Spying: Major Brands Accused of Collecting User Data

Redazione RHC - December 23rd, 2025

Texas Attorney General Ken Paxton has charged five major television manufacturers with illegally collecting user data using automatic content recognition (ACR) technology to record what owners watch. The charges concern...

Phishing Campaigns Exploit File Sharing Services

Redazione RHC - December 23rd, 2025

Researchers at Check Point, a pioneer and global leader in cybersecurity solutions, have discovered a phishing campaign in which attackers pose as file-sharing and electronic signature services to send financially-themed...

RansomHouse Ransomware Upgraded: Enhanced Encryption Threat

Redazione RHC - December 22nd, 2025

The group behind RansomHouse, one of the most notorious ransomware distribution services, has strengthened the technical capabilities of its attacks. According to experts, the cybercriminals have added an updated encryption...

Cyber Attacks on the Rise: Wiper Malware and Data Destruction in 2025

Redazione RHC - December 22nd, 2025

According to BI.ZONE, by 2025, attackers will increasingly opt for total destruction of corporate infrastructure rather than encryption . This refers to scenarios in which, after penetrating a network, attackers...

MS13-089 Ransomware: Double Extortion Without Encryption

Inva Malaj - December 22nd, 2025

MS13-089 opens a leak site on the dark web, exposes the first data and adopts a double extortion strategy without encryption. A brand built on an old Microsoft ID For...

San Francisco Power Outage Exposes Waymo Self-Driving Car Vulnerabilities

Redazione RHC - December 22nd, 2025

A massive power outage in San Francisco has disrupted self-driving vehicle traffic. Waymo self-driving vehicles have been spotted on city streets, stopped at intersections with their emergency lights on. The...

Microsoft Shifts Activation Process: What It Means for Air-Gapped Systems

Redazione RHC - December 22nd, 2025

In the past, many users and system administrators have relied on Microsoft's telephone activation service to manage installations in specific contexts. During the Windows 8 era, MAK ( Multiple Activation...

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Featured Articles

Immagine del sito

Cybercrime

Browser-in-the-Browser Phishing Attack: How to Protect Yourself

Manuel Roccon - 29/12/2025

This article analyzes a recent and sophisticated phishing campaign that uses the Browser-in-the-Browser (BitB) technique to steal credentials, particularly those from services like Microsoft 365. The BitB attack is notable for its ability to generate…

Immagine del sito

Cybercrime

Critical WebKit Vulnerability Exposes iOS Devices to Code Execution

Redazione RHC - 29/12/2025

A new report details a critical vulnerability discovered by security researcher Joseph Goydish in Apple’s WebKit engine. This security flaw, if exploited in conjunction with other exploits, could allow attackers to execute arbitrary code on…

Immagine del sito

Cybercrime

Xspeeder Devices Hit by AI-Discovered Zero-Day Vulnerability CVE-2025-54322

Redazione RHC - 29/12/2025

When it comes to cybersecurity, it’s easy to fall into the trap of thinking that problems are always far away, that they only affect others. But the reality is that a vulnerability is always around…

Immagine del sito

Cybercrime

Job Scams on Social Media: How to Avoid Fake Remote Job Offers

Redazione RHC - 29/12/2025

Fraudulent job ads promising easy money and remote work continue to flood social media, particularly in the Middle East and North Africa . Under the guise of part-time jobs that require no experience , scammers…

Immagine del sito

Cybercrime

Cyber Criminals Recruit Insiders: Companies at Risk of Internal Threats

Redazione RHC - 27/12/2025

The cybercriminal community is rapidly increasing its interest in recruiting personnel from within companies . Instead of sophisticated external attacks, criminals are increasingly relying on internal sources— people willing to provide access to company systems…