December 2025

Trust Wallet Chrome Extension Hack Drains .5M via Shai-Hulud Supply Chain Attack

Trust Wallet Chrome Extension Hack Drains $8.5M via Shai-Hulud Supply Chain Attack

Dec 31, 2026Ravie LakshmananSoftware Security / Data Breach Trust Wallet on Tuesday revealed that the second iteration of the Shai-Hulud (aka Sha1-Hulud) supply chain outbreak in November 2025 was likely responsible for the hack of…

DarkSpectre Browser Extension Campaigns Exposed After Impacting 8.8 Million Users Worldwide

The threat actor behind two malicious browser extension campaigns, ShadyPanda and GhostPoster, has been attributed to a third attack campaign codenamed DarkSpectre that has impacted 2.2 million users of Google Chrome, Microsoft Edge, and Mozilla…

IBM Warns of Critical API Connect Bug Allowing Remote Authentication Bypass

Dec 31, 2026Ravie LakshmananAPI Security / Vulnerability IBM has disclosed details of a critical security flaw in API Connect that could allow attackers to gain remote access to the application. The vulnerability, tracked as CVE-2025-13915,…

Researchers Spot Modified Shai-Hulud Worm Testing Payload on npm Registry

Dec 31, 2026Ravie LakshmananCybersecurity / Malware Cybersecurity researchers have disclosed details of what appears to be a new strain of Shai Hulud on the npm registry with slight modifications from the previous wave observed last…

Supply chains, AI, and the cloud: The biggest failures (and one success) of 2025

by Dan Goodin
December 31, 2025
I.T. Today
2 min read

A third AI-related proof-of-concept attack that garnered attention used a prompt injection to cause GitLab’s Duo chatbot to add malicious lines to an otherwise legitimate code package. A variation of the attack successfully exfiltrated sensitive…

Apple teases ‘something big’ coming to your devices in early 2026

by Michael Simon
December 31, 2025
How To – Apple Mac
2 min read

If you got a new Apple device this holiday season, it may be time to start using your three-month free Fitness+ trial. In a cryptic Instagram reel, Apple is teasing “something big” coming to its…

From prophet to product: How AI came back down to earth in 2025

by Benj Edwards
December 31, 2025
I.T. Today
3 min read

To be sure, it’s hard to see this not ending in some market carnage. The current “winner-takes-most” mentality in the space means the bets are big and bold, but the market can’t support dozens of…

2026 Mac preview: This could be the biggest year for the Mac since 1984

by Roman Loyola
December 31, 2025
How To – Apple Mac
8 min read

After a somewhat tame 2025 that was largely marked by processor upgrades, 2026 is poised to be a huge year for the Mac, possibly the biggest since Apple unveiled the very first Macintosh in 1984.…

U.S. Treasury Lifts Sanctions on Three Individuals Linked to Intellexa and Predator Spyware

Dec 31, 2026Ravie LakshmananSpyware / Mobile Security The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) on Tuesday removed three individuals linked to the Intellexa Consortium, the holding company behind a commercial…

Condé Nast user database reportedly breached, Ars unaffected

by Ken Fisher
December 30, 2025
I.T. Today
2 min read

Earlier this month, a hacker named Lovely claimed to have breached a Condé Nast user database and released a list of more than 2.3 million user records from our sister publication WIRED. The released materials…