Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
2nd Edition GlitchZone RHC 320x100 2
Fortinet 970x120px

Red Hot Cyber. The Cybersecurity Blog

Webrat Malware Targets Security Researchers with GitHub Exploit Traps
A backdoor in NVIDIA code. Three 9.8 bugs plague AI and robotics development systems
La Poste Hit by Pro-Russian DDoS Attack During Peak Holiday Season
CVE-2025-47761: FortiClient VPN Zero-Day Exploit Lets Privilege Escalation
Critical MongoDB Vulnerability Exposed: CVE-2025-14847
RansomHouse Ransomware Upgraded: Enhanced Encryption Threat
Cyber Attacks on the Rise: Wiper Malware and Data Destruction in 2025
MS13-089 Ransomware: Double Extortion Without Encryption
Microsoft Shifts Activation Process: What It Means for Air-Gapped Systems
DIG AI: The Dark Web’s New AI Tool for Cybercrime
Previous Next

Ultime news

Bypassing AI Safety: EchoGram Exposes Vulnerabilities in LLM Defenses Cybercrime

Bypassing AI Safety: EchoGram Exposes Vulnerabilities in LLM Defenses

Large language models are typically released with security constraints : separate AIs from the main LLM ensure that malicious suggestions...
Redazione RHC - 19 December 2025
E-Note Shutdown: Major Blow to Cybercrime and Ransomware Cybercrime

E-Note Shutdown: Major Blow to Cybercrime and Ransomware

When we talk about cybercrime, we often think of something far away, something that doesn't concern us. But the truth...
Redazione RHC - 19 December 2025
French Police Arrest Suspect in Cyberattack on Interior Ministry Cybercrime

French Police Arrest Suspect in Cyberattack on Interior Ministry

French law enforcement has arrested a 22-year-old man suspected of carrying out a recent cyberattack on the Ministry of the...
Redazione RHC - 18 December 2025
Google Unveils Gemini 3 Flash AI Model, Rivals OpenAI GPT-5.2 innovation

Google Unveils Gemini 3 Flash AI Model, Rivals OpenAI GPT-5.2

The battle for AI leadership is increasingly moving from the lab to mass production. The day after the release of...
Redazione RHC - 18 December 2025
Rise of AI Degrees: Students Shift from Computer Science to AI Cybercrime

Rise of AI Degrees: Students Shift from Computer Science to AI

A marked shift in college student preferences is taking place in the United States. More and more young people are...
Redazione RHC - 18 December 2025
SonicWall SMA1000 Vulnerability: Critical Security Patch Released Cybercrime

SonicWall SMA1000 Vulnerability: Critical Security Patch Released

Researchers have discovered a vulnerability, identified as CVE-2025-40602, affecting SonicWall's SMA1000 series of secure access gateways. This flaw is particularly...
Redazione RHC - 18 December 2025
« Precedente   Successivo »

Critical Windows Vulnerability CVE-2025-59230 Exposed

- December 15th, 2025

Windows services dedicated to remote connections have always been an inexhaustible source of "satisfaction" for those involved in cybersecurity, revealing vulnerabilities of enormous impact. Among the most famous examples is...
Share on Facebook Share on LinkedIn Share on X

Women in Cybersecurity: Breaking Down Barriers and Stereotypes

- December 15th, 2025

The scene is always the same: monitors lit, dashboards full of alerts, logs scrolling too quickly, an anxious customer on the other end of the call. You sit down, look...
Share on Facebook Share on LinkedIn Share on X

Storm-0249 Uses DLL Sideloading in Highly Targeted Attacks

- December 15th, 2025

A well-known initial access broker (IAB) called " Storm-0249 " has changed its operational strategies, using phishing campaigns as well as highly targeted attacks, which exploit the very security tools...
Share on Facebook Share on LinkedIn Share on X

VS Code Extensions Infected with Sophisticated Malware via Typosquatting

- December 15th, 2025

A sophisticated malware campaign has been detected within the Visual Studio Code (VS Code) marketplace. Researchers at ReversingLabs (RL) have identified 19 malicious extensions that successfully evaded standard detection methods...
Share on Facebook Share on LinkedIn Share on X

NVIDIA Merlin Security Update: Fixing High-Severity Vulnerabilities

- December 15th, 2025

NVIDIA has released a significant security update for its Merlin framework, addressing several high-severity vulnerabilities. These vulnerabilities could allow attackers to execute malicious code or alter sensitive data within AI...
Share on Facebook Share on LinkedIn Share on X

How Profanity Varies Across Social Media and Cultures

- December 15th, 2025

Americans are the most likely to swear on social media, but Australians are more creative in their use of the infamous "f" swear word. This is the conclusion reached by...
Share on Facebook Share on LinkedIn Share on X

GhostFrame Phishing Kit: New Stealthy PhaaS Threat Emerges

- December 14th, 2025

Barracuda has released details of a new stealthy, evasive phishing-as-a-service (PhaaS) kit that hides malicious content within web page iframes to evade detection and maximize resilience. This is the first...
Share on Facebook Share on LinkedIn Share on X

WhatsApp: all it takes is a phone number to know when you sleep, go out, or come home

- December 14th, 2025

A tool has been released that allows for the discreet monitoring of WhatsApp and Signal user activity using just a phone number. The tracking mechanism covers over three billion accounts...
Share on Facebook Share on LinkedIn Share on X

Cyber Geopolitics: How Tech Becomes a Global Battleground

- December 14th, 2025

Over the past two years, cyber has ceased to be a " technical " dimension of the conflict and has become a strategic infrastructure. The consequence is a domino effect:...
Share on Facebook Share on LinkedIn Share on X

SOAP Vulnerability in .NET Framework Allows Remote Code Execution

- December 14th, 2025

Security researchers have discovered a vulnerability in .NET that could affect several enterprise products and lead to remote code execution. The issue stems from the way Microsoft .NET-based applications handle...
Share on Facebook Share on LinkedIn Share on X

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Featured Articles

Immagine del sitoCybercrime
Webrat Malware Targets Security Researchers with GitHub Exploit Traps
Redazione RHC - 24/12/2025

There’s a specific moment, almost always at night, when curiosity overtakes caution. A newly opened repository, few stars but a success. very high score, the README file is well written enough to seem real. This…

Immagine del sitoCybercrime
A backdoor in NVIDIA code. Three 9.8 bugs plague AI and robotics development systems
Redazione RHC - 24/12/2025

When it comes to cybersecurity, you can never be too careful. Furthermore, when we talk about backdoors (or alleged ones), the question that follows is: who inserted them? Was it for maintenance purposes or for…

Immagine del sitoCybercrime
La Poste Hit by Pro-Russian DDoS Attack During Peak Holiday Season
Redazione RHC - 23/12/2025

According to internal sources at RedHotCyber , the digital offensive that is causing problems for the National Postal System in France has been officially claimed by the pro-Russian hacker collective NoName057(16). Analysts confirm that the…

Immagine del sitoVulnerability
CVE-2025-47761: FortiClient VPN Zero-Day Exploit Lets Privilege Escalation
Manuel Roccon - 23/12/2025

The following analysis examines the attack vector for CVE-2025-47761 , a vulnerability found in the Fortips_74.sys kernel driver used by FortiClient VPN for Windows. The core of the vulnerability lies in a mishandled IOCTL that…

Immagine del sitoCybercrime
Critical MongoDB Vulnerability Exposed: CVE-2025-14847
Redazione RHC - 23/12/2025

A critical vulnerability has been identified in MongoDB, one of the most widely used NoSQL database platforms globally. This security flaw, tracked under CVE-2025-14847, allows attackers to extract sensitive data from server memory without requiring…