Hacker news – Page 2 – NuclearCoffee

Hacker news

MongoDB Attacks, Wallet Breaches, Android Spyware, Insider Crime & More

On Dec 29, 2025 3:05 pm, by NuclearCoffee

Dec 29, 2026Ravie LakshmananHacking News / Cybersecurity Last week’s cyber news in 2025 was not about one big incident. It was about many small cracks opening at the… Continue reading

Hacker news

Traditional Security Frameworks Leave Organizations Exposed to AI-Specific Attack Vectors

On Dec 29, 2025 1:03 pm, by NuclearCoffee

In December 2024, the popular Ultralytics AI library was compromised, installing malicious code that hijacked system resources for cryptocurrency mining. In August 2025, malicious Nx packages leaked 2,349… Continue reading

Hacker news

27 Malicious npm Packages Used as Phishing Infrastructure to Steal Login Credentials

On Dec 29, 2025 11:01 am, by NuclearCoffee

Cybersecurity researchers have disclosed details of what has been described as a “sustained and targeted” spear-phishing campaign that has published over two dozen packages to the npm registry… Continue reading

Hacker news

MongoDB Vulnerability CVE-2025-14847 Under Active Exploitation Worldwide

On Dec 29, 2025 8:59 am, by NuclearCoffee

Dec 29, 2026Ravie LakshmananDatabase Security / Vulnerability A recently disclosed security vulnerability in MongoDB has come under active exploitation in the wild, with over 87,000 potentially susceptible instances… Continue reading

Hacker news

New MongoDB Flaw Lets Unauthenticated Attackers Read Uninitialized Memory

On Dec 27, 2025 10:04 am, by NuclearCoffee

Dec 27, 2025Ravie LakshmananDatabase Security / Vulnerability A high-severity security flaw has been disclosed in MongoDB that could allow unauthenticated users to read uninitialized heap memory. The vulnerability,… Continue reading

Hacker news

Trust Wallet Chrome Extension Breach Caused $7 Million Crypto Loss via Malicious Code

On Dec 26, 2025 5:47 pm, by NuclearCoffee

Dec 26, 2025Ravie LakshmananCryptocurrency / Incident Response Trust Wallet is urging users to update its Google Chrome extension to the latest version following what it described as a… Continue reading

Hacker news

China-Linked Evasive Panda Ran DNS Poisoning Campaign to Deliver MgBot Malware

On Dec 26, 2025 3:45 pm, by NuclearCoffee

A China-linked advanced persistent threat (APT) group has been attributed to a highly-targeted cyber espionage campaign in which the adversary poisoned Domain Name System (DNS) requests to deliver… Continue reading

Hacker news

Critical LangChain Core Vulnerability Exposes Secrets via Serialization Injection

On Dec 26, 2025 11:41 am, by NuclearCoffee

Dec 26, 2025Ravie LakshmananAI Security / DevSecOps A critical security flaw has been disclosed in LangChain Core that could be exploited by an attacker to steal sensitive secrets… Continue reading

Hacker news

Stealth Loaders, AI Chatbot Flaws AI Exploits, Docker Hack, and 15 More Stories

On Dec 25, 2025 3:21 pm, by NuclearCoffee

Dec 25, 2025Ravie LakshmananCybersecurity / Hacking News It’s getting harder to tell where normal tech ends and malicious intent begins. Attackers are no longer just breaking in —… Continue reading

Hacker news

LastPass 2022 Breach Led to Years-Long Cryptocurrency Thefts, TRM Labs Finds

On Dec 25, 2025 1:19 pm, by NuclearCoffee

Dec 25, 2025Ravie LakshmananData Breach / Financial Crime The encrypted vault backups stolen from the 2022 LastPass data breach have enabled bad actors to take advantage of weak… Continue reading

Category: Hacker news

Stay Connected