Red Hot Cyber. The Cybersecurity Blog
Qilin & Associates Law Firm: Ransomware Hires Lawyers, Launches “Intimidation Package”
The developers of the Qilin ransomware (recently interviewed by us) offered their partners the help and advice of a team of lawyers, so that they could put pressure on the victims and force them to pay the ransom. The advertisement
US-Iran Cyberwar: DHS Raises Alarm, American Networks Under Attack
The United States has warned of possible cyber attacks by pro-Iranian groups following a series of airstrikes against Iranian nuclear facilities, as part of the armed conflict between Iran and Israel that began on June 13, 2025. The US Department
“Jailbreak as a Service” is Coming: 60 Euros a Month to Purchase Cybercrime-Ready AI Systems
According to a report by Cato Networks, cybercriminals continue to actively use LLM patterns in their attacks. Specifically, we are talking about versions of theGrok and Mixtral patterns that have been deliberately modified to bypass built-in restrictions and generate malicious content. Apparently, one such modified
$200 for Access to an Italian Company! While the Dark Web is doing business, are you ready to defend yourself?
Following the case of the 568 endpoints of an Italian industrial machinery company, another compromised access related to an Italian software engineering company has ended up for sale on an underground forum frequented by Initial Access Brokers and ransomware actors. The listing,
“Cleaning Up” Windows Update! Microsoft Declares War on Drivers Exploited in Ransomware Attacks
Microsoft announced that it will periodically remove outdated drivers from the Windows Update Catalog to reduce risk and improve compatibility. “The goal of this initiative is to provide the best set of drivers on Windows Update for the various hardware solutions in
Cyberspace: The Invisible Thread Between War and Peace
How Iran-Israel’s Digital War Redefines Security, Diplomacy, and the Global Future? Since June 12, a 700% increase in cyber activity has been detected, resulting in a wave of DDoS attacks, infiltration attempts, data theft and malware distribution against government websites,
Microsoft 365 Under Attack: How Hackers Use Direct Send to Send Phishing Emails
Redazione RHC - June 27th, 2025
A sophisticated phishing campaign that targeted over 70 organizations by exploiting Microsoft 365's Direct Send feature. The campaign, which began in May 2025 and has shown steady activity over the...
Warning! WinRAR: Critical Vulnerability That Could Run Malware
Redazione RHC - June 26th, 2025
WinRAR developers have fixed a Directory Traversal vulnerability, which has been assigned the identifier CVE-2025-6218. Under certain circumstances, this bug allowed malware to be executed after the archive was extracted....
He died because of ransomware! Another victim joins the list
Redazione RHC - June 26th, 2025
This is not the first time that a cyber attack has resulted in the loss of human lives.We had already discussed it in the article "I deferichò per il ransomware....
A new fileless infostealer is being spread by Telegram and legitimate services
Redazione RHC - June 26th, 2025
TLP: AMBERAnalyst: Agostino Pellegrino, Crescenzo Cuoppolo, Alessio BandiniLast revision date: 2025-06-24 This forensic technical report documents the complete analysis of a multi-stage infostealer delivered via a Python fileless loader, identified...
Sign up for the newsletter