Our Latest Posts
Cyber Security News
Taken from the hacker news website feed
- New MongoDB Flaw Lets Unauthenticated Attackers Read Uninitialized Memory
by [email protected] (The Hacker News) on December 27, 2025 at 7:52 amA high-severity security flaw has been disclosed in MongoDB that could allow unauthenticated users to read uninitialized heap memory. The vulnerability, tracked as CVE-2025-14847 (CVSS score: 8.7), has been described as a case of improper handling of length parameter inconsistency, which arises when a program fails to appropriately tackle scenarios where a length field is inconsistent with the
- Trust Wallet Chrome Extension Breach Caused $7 Million Crypto Loss via Malicious Code
by [email protected] (The Hacker News) on December 26, 2025 at 3:31 pmTrust Wallet is urging users to update its Google Chrome extension to the latest version following what it described as a “security incident” that led to the loss of approximately $7 million. The issue, the multi‑chain, non‑custodial cryptocurrency wallet service said, impacts version 2.68. The extension has about one million users, according to the Chrome Web Store listing. Users are advised to
- China-Linked Evasive Panda Ran DNS Poisoning Campaign to Deliver MgBot Malware
by [email protected] (The Hacker News) on December 26, 2025 at 2:44 pmA China-linked advanced persistent threat (APT) group has been attributed to a highly-targeted cyber espionage campaign in which the adversary poisoned Domain Name System (DNS) requests to deliver its signature MgBot backdoor in attacks targeting victims in Türkiye, China, and India. The activity, Kaspersky said, was observed between November 2022 and November 2024. It has been linked to a
- Critical LangChain Core Vulnerability Exposes Secrets via Serialization Injection
by [email protected] (The Hacker News) on December 26, 2025 at 9:27 amA critical security flaw has been disclosed in LangChain Core that could be exploited by an attacker to steal sensitive secrets and even influence large language model (LLM) responses through prompt injection. LangChain Core (i.e., langchain-core) is a core Python package that’s part of the LangChain ecosystem, providing the core interfaces and model-agnostic abstractions for building
- ThreatsDay Bulletin: Stealth Loaders, AI Chatbot Flaws AI Exploits, Docker Hack, and 15 More Stories
by [email protected] (The Hacker News) on December 25, 2025 at 2:01 pmIt’s getting harder to tell where normal tech ends and malicious intent begins. Attackers are no longer just breaking in — they’re blending in, hijacking everyday tools, trusted apps, and even AI assistants. What used to feel like clear-cut “hacker stories” now looks more like a mirror of the systems we all use. This week’s findings show a pattern: precision, patience, and persuasion. The