Dec 29, 2026Ravie LakshmananHacking News / Cybersecurity Last week’s cyber news in 2025 was not about one big incident. It was about many small cracks opening at the same time. Tools people trust every day…
Apple’s smart home efforts have generally lagged behind its rivals. While Amazon and Google have been putting out all sorts of smart doorbells, speakers, and home hubs, the iPhone maker has long limited its ambitions…
When you set up a new iPhone, iOS prompts you about some preferences for customizing certain things, such as the theme, access to location services, and Siri. Still, there are a lot of hidden features…
It was a normal day when Jay Gibson got an unexpected notification on his iPhone. “Apple detected a targeted mercenary spyware attack against your iPhone,” the message read. Ironically, Gibson used to work at companies…
Cybersecurity researchers have disclosed details of what has been described as a “sustained and targeted” spear-phishing campaign that has published over two dozen packages to the npm registry to facilitate credential theft. The activity, which…
Dec 29, 2026Ravie LakshmananDatabase Security / Vulnerability A recently disclosed security vulnerability in MongoDB has come under active exploitation in the wild, with over 87,000 potentially susceptible instances identified across the world. The vulnerability in…
In December 2024, the popular Ultralytics AI library was compromised, installing malicious code that hijacked system resources for cryptocurrency mining. In August 2025, malicious Nx packages leaked 2,349 GitHub, cloud, and AI credentials. Throughout 2024,…
When Kevin Hartz’s security system failed to alert him as an intruder rang his doorbell and tried to enter his San Francisco home late one night, the serial entrepreneur decided existing solutions weren’t good enough.…
For more than a decade, dozens of journalists and human rights activists have been targeted and hacked by governments all over the world. Cops and spies in Ethiopia, Greece, Hungary, India, Mexico, Poland, Saudi Arabia,…
Dec 27, 2025Ravie LakshmananDatabase Security / Vulnerability A high-severity security flaw has been disclosed in MongoDB that could allow unauthenticated users to read uninitialized heap memory. The vulnerability, tracked as CVE-2025-14847 (CVSS score: 8.7), has…