Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
LECS 320x100 1
Fortinet 970x120px

Red Hot Cyber. The Cybersecurity Blog

Browser-in-the-Browser Phishing Attack: How to Protect Yourself
Critical WebKit Vulnerability Exposes iOS Devices to Code Execution
Xspeeder Devices Hit by AI-Discovered Zero-Day Vulnerability CVE-2025-54322
Job Scams on Social Media: How to Avoid Fake Remote Job Offers
Cyber Criminals Recruit Insiders: Companies at Risk of Internal Threats
Villager Framework: AI-Powered Penetration Testing Tool
A $500 Tool Claims to Kill EDRs at Kernel Level: Inside the NtKiller Underground Ad
Webrat Malware Targets Security Researchers with GitHub Exploit Traps
A backdoor in NVIDIA code. Three 9.8 bugs plague AI and robotics development systems
La Poste Hit by Pro-Russian DDoS Attack During Peak Holiday Season
Previous Next

Ultime news

Cyber Attacks on the Rise: Wiper Malware and Data Destruction in 2025 Cybercrime

Cyber Attacks on the Rise: Wiper Malware and Data Destruction in 2025

According to BI.ZONE, by 2025, attackers will increasingly opt for total destruction of corporate infrastructure rather than encryption . This...
Redazione RHC - 22 December 2025
MS13-089 Ransomware: Double Extortion Without Encryption Cybercrime

MS13-089 Ransomware: Double Extortion Without Encryption

MS13-089 opens a leak site on the dark web, exposes the first data and adopts a double extortion strategy without...
Inva Malaj - 22 December 2025
San Francisco Power Outage Exposes Waymo Self-Driving Car Vulnerabilities Cybercrime

San Francisco Power Outage Exposes Waymo Self-Driving Car Vulnerabilities

A massive power outage in San Francisco has disrupted self-driving vehicle traffic. Waymo self-driving vehicles have been spotted on city...
Redazione RHC - 22 December 2025
Microsoft Shifts Activation Process: What It Means for Air-Gapped Systems Cybercrime

Microsoft Shifts Activation Process: What It Means for Air-Gapped Systems

In the past, many users and system administrators have relied on Microsoft's telephone activation service to manage installations in specific...
Redazione RHC - 22 December 2025
PuTTY Under Siege: Hackers Exploit Popular Client for SSH Attacks Cybercrime

PuTTY Under Siege: Hackers Exploit Popular Client for SSH Attacks

Hackers love to exploit the most innocuous tools to infiltrate their targets' networks, and we all know this. And in...
Redazione RHC - 22 December 2025
OAuth Device Code Phishing: New Attack Vector for Account Takeover Cybercrime

OAuth Device Code Phishing: New Attack Vector for Account Takeover

Cybercriminals are getting smarter and have found a new way to exploit corporate security protocols. It seems incredible, but it's...
Redazione RHC - 22 December 2025
« Precedente   Successivo »

SonicWall SMA1000 Vulnerability: Critical Security Patch Released

- December 18th, 2025

Researchers have discovered a vulnerability, identified as CVE-2025-40602, affecting SonicWall's SMA1000 series of secure access gateways. This flaw is particularly concerning because it could allow an attacker to escalate their...
Share on Facebook Share on LinkedIn Share on X

HPE OneView Vulnerability CVE-2025-37164: Critical Security Update Required

- December 18th, 2025

Cybersecurity is a serious issue, especially when it comes to vulnerabilities that can compromise an entire system. Well, Hewlett Packard Enterprise (HPE) has just raised the alarm about a truly...
Share on Facebook Share on LinkedIn Share on X

CISA Warns of Critical Vulnerabilities in Cisco, SonicWall, and ASUS Devices

- December 18th, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert including three new vulnerabilities in its catalog of exploited cyber threats (KEVs), highlighting that these flaws are currently...
Share on Facebook Share on LinkedIn Share on X

Critical Windows Admin Center Flaw CVE-2025-64669 Exposes Servers to Attack

- December 18th, 2025

A security flaw has been discovered in Microsoft's Windows Admin Center (WAC) . Essentially, a permissions error could allow any standard user to take control of a server. The Cymulate...
Share on Facebook Share on LinkedIn Share on X

Ink Dragon Hackers Uncovered: Sophisticated Cyber Espionage Operation

- December 18th, 2025

It was only a matter of time. Governments around the world have now put their security systems on high alert. Indeed, a large-scale espionage operation conducted by a group of...
Share on Facebook Share on LinkedIn Share on X

Google Discontinues Dark Web Report, Shifts to Active Protection

- December 17th, 2025

No more useless alerts. No more passive monitoring. Less than two years after its launch, Google has decided to shut down one of the most talked-about digital security tools: the...
Share on Facebook Share on LinkedIn Share on X

CyberVolk Ransomware Flawed: Free File Recovery Possible

- December 17th, 2025

This isn't the first time criminal hackers make mistakes, and it won't be the last. The pro-Russian hacktivist group CyberVolk launched the RaaS service VolkLocker (also known as CyberVolk 2.x)....
Share on Facebook Share on LinkedIn Share on X

OSINT Ethics and Legality: Navigating Open Source Intelligence

- December 17th, 2025

Open Source Intelligence (OSINT) has emerged in recent years as one of the most fascinating, yet most insidious, disciplines in the information and security landscape. Its essence is remarkably simple:...
Share on Facebook Share on LinkedIn Share on X

The Psychology of Passwords: Why Weak Passwords Persist

- December 17th, 2025

The psychology of passwords starts right here: trying to understand people before systems. Welcome to "The Mind Behind Passwords," the column that looks at cybersecurity. From a different perspective: that...
Share on Facebook Share on LinkedIn Share on X

Russian Cyber Operations Shift to Targeting Western Critical Infrastructure

- December 17th, 2025

New details emerge from an Amazon Threat Intelligence report that highlight an alarming shift in Russian government-backed cyber operations. High-level 0-day exploits, often attributed to state-sponsored actors, have seen a...
Share on Facebook Share on LinkedIn Share on X

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Featured Articles

Immagine del sitoCybercrime
Browser-in-the-Browser Phishing Attack: How to Protect Yourself
Manuel Roccon - 29/12/2025

This article analyzes a recent and sophisticated phishing campaign that uses the Browser-in-the-Browser (BitB) technique to steal credentials, particularly those from services like Microsoft 365. The BitB attack is notable for its ability to generate…

Immagine del sitoCybercrime
Critical WebKit Vulnerability Exposes iOS Devices to Code Execution
Redazione RHC - 29/12/2025

A new report details a critical vulnerability discovered by security researcher Joseph Goydish in Apple’s WebKit engine. This security flaw, if exploited in conjunction with other exploits, could allow attackers to execute arbitrary code on…

Immagine del sitoCybercrime
Xspeeder Devices Hit by AI-Discovered Zero-Day Vulnerability CVE-2025-54322
Redazione RHC - 29/12/2025

When it comes to cybersecurity, it’s easy to fall into the trap of thinking that problems are always far away, that they only affect others. But the reality is that a vulnerability is always around…

Immagine del sitoCybercrime
Job Scams on Social Media: How to Avoid Fake Remote Job Offers
Redazione RHC - 29/12/2025

Fraudulent job ads promising easy money and remote work continue to flood social media, particularly in the Middle East and North Africa . Under the guise of part-time jobs that require no experience , scammers…

Immagine del sitoCybercrime
Cyber Criminals Recruit Insiders: Companies at Risk of Internal Threats
Redazione RHC - 27/12/2025

The cybercriminal community is rapidly increasing its interest in recruiting personnel from within companies . Instead of sophisticated external attacks, criminals are increasingly relying on internal sources— people willing to provide access to company systems…