Red Hot Cyber. The Cybersecurity Blog
Featured Articles
A recent study by Datadog Security Labs reveals an ongoing operation targeting organizations using Microsoft 365 and Okta for single sign-on (SSO) authentication. This operation uses sophisticated tec...
The React Server component security saga continues this week. Following the patching of a critical remote code execution (RCE) vulnerability that led to React2shell, researchers have discovered two ne...
Cisco Talos has identified a new ransomware campaign called DeadLock : attackers are exploiting a vulnerable Baidu antivirus driver (CVE-2024-51324) to disable EDR systems using the Bring Your Own Vul...
What we wrote in the article ” Patriotic Code: from DDoSia and NoName057(16) to CISM, the algorithm that shapes youth for Putin ” on Red Hot Cyber on July 23rd is now fully consistent with the inf...
Gartner analysts have urged businesses to temporarily stop using browsers with built-in artificial intelligence (AI) capabilities . In a recent advisory, the company emphasizes that such tools pose un...
Embracing Vulnerability for Authentic Leadership and Team Growth
CISA Warns: Avoid Personal VPNs for Secure Mobile Communications
SAP Security Update Fixes Critical Code Injection Vulnerability in Solution Manager
Passwordless Authentication: The Future of Secure Online Access
Critical PromptPwnd Vulnerability Exposes AI-Powered GitLab, GitHub Pipelines
LLM-Powered Malware: The Future of Autonomous Cyber Threats
Embracing Vulnerability for Authentic Leadership and Team Growth
Daniela Linda - December 8th, 2025
We're connected, connected to everything, hyperconnected. Our professional and social lives are dictated by extremely tight deadlines and a constantly rising bar; we must push. We tacitly demand that we...
CISA Warns: Avoid Personal VPNs for Secure Mobile Communications
Redazione RHC - December 8th, 2025
In new mobile communications advisories, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a stern warning to smartphone owners : avoid using personal VPN services. The document, aimed...
SAP Security Update Fixes Critical Code Injection Vulnerability in Solution Manager
Redazione RHC - December 8th, 2025
SAP has just released its latest annual security update, which contains 14 new security bug fixes. Among them is a A critical “code injection” flaw in SAP Solution Manager poses...
Passwordless Authentication: The Future of Secure Online Access
Redazione RHC - December 8th, 2025
Using passwords to access online accounts is no longer as secure as it once was. In fact, passwords are now one of the most common vulnerabilities used by cybercriminals to...
Critical PromptPwnd Vulnerability Exposes AI-Powered GitLab, GitHub Pipelines
Redazione RHC - December 8th, 2025
A critical vulnerability, identified as "PromptPwnd," affects AI agents that are integrated into the GitLab CI/CD and GitHub Actions pipelines. Through this vulnerability, attackers are able to inject malicious commands...
LLM-Powered Malware: The Future of Autonomous Cyber Threats
Redazione RHC - December 8th, 2025
Researchers at Netskope Threat Labs have just published a new analysis on the possibility of creating autonomous malware built exclusively from Large Language Models (LLMs), eliminating the need to encode...
Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE