The Hacker News

Researchers Spot Modified Shai-Hulud Worm Testing Payload on npm Registry

A new Shai-Hulud npm strain and a fake Jackson Maven package show how attackers abuse trusted dependencies to steal secrets ...
InfoWorld

React2Shell: Anatomy of a max-severity flaw that sent shockwaves through the web

The explosive, easy-to-trigger vulnerability was exploited within hours of disclosure, exposing the risks of default ...

Exploited MongoBleed flaw leaks MongoDB secrets, 87K servers exposed

A severe vulnerability affecting multiple MongoDB versions, dubbed MongoBleed (CVE-2025-14847), is being actively exploited ...

Wireless Headphones Attack Can Spy On Your Smartphone — Update Now

Vulnerabilities affecting wireless earbuds and headphones from major brands could have enabled attackers to listen in and ...
Infosecurity Magazine

Five Key Flaws Exploited in 2025's Major Software Supply Chain Incidents

Infosecurity has selected five of the most significant vulnerability exploitation campaigns of 2025 that led to major ...
Gadget Review on MSNOpinion

The great juice jacking scam: Why the FBI warns about a hack that doesn't exist

Juice jacking warnings persist despite zero confirmed attacks on modern phones, while simple precautions like USB data ...